Privacy Policy

Introduction

orderTalk, Inc. (“orderTalk”) provides online ordering as a service to subscribed food chains. In running this service, orderTalk receives personally identifiable information (“personal information”) from its food chain clients about a variety of online consumer transactions (“transaction data”).

This policy sets forth orderTalk's general privacy and security practices with respect to this personal information. While this policy sets forth orderTalk's general privacy and security practices, specific requirements are governed by its contractual arrangements with client food chains. With the exception of personal data covered under the EU-US Privacy Shield Framework, in the event of a conflict between this policy and a food chain contract, the food chain contract prevails.

This policy does not describe how personal information may be used by food chain clients who collect such information directly from consumers. Consumers should review the privacy policies of the business entities with which they directly share their data to learn about such entities’ privacy practices.

Nature of the data received

orderTalk receives transaction data from its food chain clients, which generally are fast-food chains selling goods or services on the Internet and in other card-not-present scenarios. Transaction data may relate to the purchase and sale of goods or services. This transaction data may include personal information, including but not limited to, a consumer’s name, title, delivery address, telephone number(s), email address, and credit card number or other payment information.

Use of the data received

orderTalk processes personal information on behalf of the food chain client to process payment and relay consumer food orders to the required restaurant for timely delivery or collection. At the consumer's choice, payment information is retained for expedition of future transactions, at which point information is retained in the consumer's demographics. Additional data elements may be added to the transaction record, through the use of third-party data services if those data services are elected by food chain clients.

The period for which personal information is retained is determined by the contract between orderTalk and each individual food chain client. Consumers should contact the business entities with which they directly share their data to learn how long their transaction data may be retained. orderTalk has put in place mechanisms to protect the accuracy and integrity of personal information.

Consumer Data Management

Consumers register for online ordering to the particular chain they’re attempting to place an online order from. Each consumer registered account is uniquely accessibly by them only, and includes the ability to update/change their data or delete the account if required. We acknowledge the specific right of EU consumers to access their personal data under the Privacy Shield.

Each consumer also has the right to opt in or out from receiving promotions as part of their account management, and can also remove saved delivery addresses or credit cards if so desired.

Disclosures to third parties

orderTalk shares transaction data only with the following types of third parties:

  1. Credit Card Payment Processors for processing online consumer payments
  2. The particular Food Chain and its related POS system from which the consumer is placing their food order – so they may identify and deliver the food to the consumer.

orderTalk shares transaction data with third parties only in the following limited circumstances:

  1. Personal information may be accessible to third-party service providers processing data on behalf of orderTalk; however, any such service providers are required by contract to implement privacy and security safeguards consistent with this policy;
  2. Personal information may be disclosed to third parties as directed by the food chain client, including to third-party services used to validate data elements;
  3. orderTalk, Inc may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements;
  4. Personal information may be provided to a third party to the extent orderTalk enters into a transaction for the acquisition of all or substantially all of orderTalk's assets.

orderTalk acknowledges potential liability in cases of onward transfers of EU-US Privacy Shield data to third parties.

EU-US Privacy Shield

orderTalk complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. orderTalk has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, https://www.privacyshield.gov/welcome

Enforcement

orderTalk has implemented internal mechanisms to verify ongoing adherence to this policy. We periodically verify that this policy remains accurate, comprehensive for its intended purpose, and is accessible in accordance with applicable law. orderTalk is subject to the jurisdiction and enforcement authority of the Federal Trade Commission.

Amendments

This privacy policy may be amended from time to time consistent with the requirements of the EU-US Privacy Shield. orderTalk will post any revised policy on this website.

Contact for Questions

Any questions about the accuracy, use, processing or storage of data received by orderTalk should be directed to techsupport@ordertalk.com.

Privacy Complaints by European Union (EU) Individuals

In compliance with the EU-US Privacy Shield Principles, orderTalk, Inc. commits to resolve complaints about your privacy and our collection or use of your personal information. European Union individuals with inquiries or complaints regarding this privacy policy should first contact orderTalk at:

  • E-mail: techsupport@ordertalk.com (identify "Privacy Compliance" in subject line)
  • Mailing Address: Legal/Privacy Compliance - orderTalk, Inc., 600 Parker Square, Suite 250, Flower Mound, TX 75028 USA
  • Telephone (US): +1 (972) 346-8183 (ask for Legal/Privacy Compliance)
  • Telephone (UK): +44 (0207) 993-4128 (ask for Legal/Privacy Compliance)

orderTalk, Inc. has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

For complaints not resolved by the above process, a European Union individual may refer orderTalk's failure to comply to the Data Protection Authorities of his/her Member State of residence. The Data Protection Authorities may subsequently notify the Department of Commerce (DOC) to afford the DOC an opportunity to resolve the issue. As per the EU-US Privacy Shield Framework, European Union individuals may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

Effective date July 26 2016