Privacy Policy

Better & Partners Communications Limited ("we", "our", "us", "halalo.co.uk", "halalo”) understands that your privacy is important to you and that you care about how your data is used. We respect and value the privacy of everyone who visits this website, www.halalo.co.uk or Halalo mobile applications (together “Our Site”) and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law. Please read this Privacy Policy carefully and ensure that you understand it. Your acceptance of this Privacy Policy is requested by us to collect your data, keep, and process your data by electronic means for marketing and legal purpose. If you do not provide necessary Personal Data consent, we may not be able to provide you with our goods and/or services. This Policy applies to everyone who interacts with us through our website (online), our mobile applications, Phone, online chat or via email or any disclosures made orally or in written form to any delivery driver/Partner sellers or any interaction with us through social media.

Last updated: 11 March 2026

By referring Us or we in this Policy document the website (halalo.co.uk), the mobile applications, other marketing channels or companies established or affiliated or associated or operated by Better and Partners Communications Limited, a company registered in England and Wales under 11392783, whose registered office is on 5th Floor 22 East cheap, London, England, EC3M 1EU the United Kingdom

This Privacy Policy applies only to your use of Our Site (halalo.co.uk) or mobile applications. Our Site may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them or accepting on their privacy policy.

Personal data is defined by the UK GDPR and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, payment card or account details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

Under the Data Protection Legislation, you have the following rights, which we will always work to uphold

1. The right to be informed about Our collection and use of your data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using Our contact details.

2. The right to access the personal data we hold about you and can be accessed via your account profile or if you need further clarity, you can contact us by email: [email protected]

3. The right to have your data rectified if any of your data held by us is inaccurate or incomplete. Please contact us by email: [email protected]

4. The right to be Erased, i.e., the right to ask us to delete or otherwise dispose any of your data that we hold. Please contact us by email: [email protected]

5. The right to restrict (i.e., prevent) the processing of your data for a particular purpose or purposes.

6. The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your data, you are free to withdraw that consent at any time.

7. The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.

8. Rights relating to automated decision-making and profiling.

Your data must be kept accurate and up to date. If any of the personal data we hold about you changes, please keep us informed as long as we have that data.

Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.

If you have any cause for complaint about Our use of your data, you have the right to complain with the Information Commissioner’s Office. we would welcome the opportunity to resolve your concerns ourselves, however, so please contact us by email: [email protected]

1. Information that you provide to us such as your name, address, date of birth, telephone number, email address, bank account and payment card details and any feedback you give to us, including by phone, email, post, or when you communicate with us via social media;

2. Information required to make decisions about your applications for products and services we offer.

3. Your account login details for our websites and apps, including your username and chosen password;

4. Information about whether or not you want to receive marketing communications from us;

5. We also collect information about your usage of the website and information about you from any messages you post to the website or when you contact us or provide us with feedback, including via e-mail, letter, phone or chat function. If you contact us by chat or phone, we might record the call for training and service improvement purposes, and make notes concerning your chat or call.

6. We collect technical information from your mobile device or computer, such as its operating system, the device and connection type and the IP address from which you are accessing our website.

7. We also collect technical information about your use of our services through a mobile device, for example, carrier, location data and performance data such as mobile payment methods, interaction with other retail technology such as the use of NFC Tags, QR Codes and/or use of mobile vouchers. Unless you have elected to remain anonymous through your device and/or platform settings, this information may be collected and used by us automatically if you use the service through your mobile device(s) via any halalo mobile application, through your mobile's browser or otherwise.

8. We will not process health information unless you consent to this, for example, if you specify any food allergies

9. Information from other sources such as specialist companies that provide customer information. For example, credit reference agencies such as Experian, the Royal Mail, fraud prevention agencies, claims databases, marketing and research companies, social media providers, pay-tv providers and the DVLA, as well as publicly available information; and

10. Information from third-party websites, such as advertising platforms, referral agencies and our fraud detection provider.

Marketplace Sellers
Halalo operates as a digital marketplace that connects customers with independent sellers. When you place an order through Halalo, certain personal information such as your name, delivery address, contact number, and order details may be shared with the seller responsible for fulfilling the order.

Sellers are required to process this information solely for the purpose of preparing, dispatching, and delivering your order, and must comply with applicable data protection laws.

Under the Data Protection Legislation, we must always have a lawful basis for using personal data. The following table describes how we may use your data and Our lawful bases for doing so:

We will only process the data we collect about you if there is a reason for doing so, and if that reason is permitted under data protection law.

Where we need to provide you with the service you have requested or to enter into a contract, we use your information:

• to enable us to provide you with access to the relevant parts of the website;

• to supply the services you have requested;

• to enable us to collect payment from you; and

• to contact you where necessary concerning our services, such as to resolve issues you may have with your order.

• to enable us to deliver your orders to your specified address or addresses.

We also process your data where we have a legitimate interest in doing so, for example, personalisation of our service, including processing data to make it easier and faster for you to place orders. We have listed these reasons below:

• to improve the effectiveness and quality of service that our customers can expect from us in the future;

• to tailor content that we or our third-party seller, partner or advertising partners display to you, for example, so that we can show you shops which are in your area or make sure you see the advertising which is most relevant to you, based on characteristics determined by us;

• to enable our customer support team to help you with any enquiries or complaints in the most efficient way possible and to provide a positive customer experience;

• to contact you for your views and feedback on our services or our sellers or partners’ services and/or products and to notify you if there are any important changes or developments to the website or our services, including letting you know that our services are operating in a new area, where you have asked us to do so; or you voted for it on our website or mobile app

• to send you information by post and/ or email about our products, services and promotions (if you do not want to receive these, you can let us know by getting in touch with us);

• to analyse your activity on the website so that we can administer, support, improve and develop our business and for statistical and analytical purposes and to help us to prevent fraud;

We also process your data to enforce our contractual terms with you and any other agreement, and for the exercise or defence of legal claims and to protect the rights of halalo.co.uk, Better & Partners Communications Limited, sellers, partners, riders, drivers or others (including to prevent fraud);

If you submit comments and feedback regarding the website and the services, we may use such comments and feedback on the website in any marketing or advertising materials.

We will also analyse data about your use of our services from your location data to create profiles relating to you and for you. This means that we may make certain assumptions about what you may be interested in and use this activity, which is referred to as profiling.

Where we are under legal obligation to do so we may use your information to create a record of your order(s) profile and comply with any legal obligation or regulatory requirement to which we are subject.

Marketing Communications
Where permitted by applicable law, Halalo may send marketing communications relating to products, promotions, or platform updates.

Users may opt out of receiving marketing communications at any time by using the unsubscribe link included in emails or by emailing us on [email protected] or by updating their account preferences.

We know how important it is to protect and manage your data. This section sets out some of the measures we have in place.

• We apply physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data;

• We protect the security of your information while it is being transmitted by encrypting it;

• We use computer safeguards such as firewalls and data encryption to keep this data safe;

• We only authorise access to employees and trusted partners who need it to carry out their responsibilities;

• We regularly monitor our systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security;

• We will reveal only the last four digits of your payment card number when confirming an order.

Whilst we take appropriate technical and organisational measures to safeguard your data, you must keep your login details and devices protected from unauthorised access. Your data may be transferred outside the UK. It may also be processed by companies outside the UK who work for us (or for one of our service providers). When we do this, your data will be subject to appropriate safeguards. If we do transfer personal data outside of the UK, it will be protected in the same way as if it was being used in the UK. To do this we use one of the following safeguards:

• Transfer to a non-UK Country whose privacy laws ensure an appropriate level of protection for personal data;

• Put in place a contract with a third-party that means they must protect personal data to the same standards as the UK; or

• Transfer personal data to organisations that are part of specific agreements on cross-border data transfers with the UK.

Data Security

We have put in place appropriate security measures to prevent your data from being accidentally lost, used or accessed in an unauthorised way, altered, or disclosed. In particular: 

• we are independently checked each year to confirm that we meet payment card industry data security standards, and

• we use ‘secure sockets layer (“SSL”) technology. SSL technology helps prevent you from inadvertently revealing personal details using an unsecured connection.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Please note that, notwithstanding the steps we take, the transmission of information via the internet can never be completely secure. Although we will do our best to protect your data, we cannot guarantee the security of your data transmitted to our Site / App.

Data Breach Notification
In the unlikely event of a personal data breach that may pose a risk to your rights and freedoms, Halalo will take appropriate action in accordance with applicable data protection laws. This may include notifying affected users and reporting the incident to the Information Commissioner’s Office (ICO) where required.

Our Data Protection Officer:
Our Data Protection Officer can be contacted by email: [email protected] or by post: 5th Floor, 22 Eastcheap, London, United Kingdom, EC3M 1EU.

we will only use your data for the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purpose(s) and need to use your data for that purpose. If we do use your data in this way and you wish us to explain how the new purpose is compatible with the original, please contact us using our contact details

If we need to use your data for a purpose that is unrelated to, or incompatible with, the purpose(s) for which it was originally collected, we will inform you and explain the legal basis which allows us to do so. In some circumstances, where permitted or required by law, we may process your data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights.

We will not keep your data any longer than is necessary for light of the reason(s) for which it was first collected. Information that we collect will be retained for as long as needed to fulfil the purposes outlined in the ‘Use of my information’ section above, in line with our legitimate interest or for a period specifically required by applicable regulations or laws, such as retaining the information for regulatory reporting purposes. By law, we must keep basic information about our customers (including Contact, Identity, Date of Birth, ethnicity, Financial and Transaction Data) for six years after they cease being customers for tax purposes. We typically retain this information for a further six to twelve months to ensure that no relevant claim has been made within those six years before we dispose of it. In some circumstances, we may anonymise your data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

we may store some or all your data in countries outside of the UK. These are known as “third countries”. We will take additional steps to ensure that your data is treated just as safely and securely as it would be within the UK and under the Data Protection Legislation as follows:

We ensure that your data is protected under binding corporate rules. Binding corporate rules are a set of common rules which all our group of companies are required to follow when processing personal data. For further information, please refer to the Information Commissioner’s Office.

The security of your data is essential to us, and to protect your data, we take several important measures, including the following:

• limiting access to your data to those employees, agents, contractors, and other third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality;

• procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your data) including notifying you and/or the Information Commissioner’s Office where we are legally required to do so;

we will not share any of your data with any third parties for any purposes other than any statutory requirements, subject to the following exception/s. We share your information with our other group of companies only where necessary for the purposes of improving customer experience and market research. We share your information with third-party service providers which provide services on our behalf. The types of third-party service providers whom we share your information include but not limited to for example:

• Payment providers (including online payment providers and fraud detection providers);

• IT service providers (including cloud providers);

• Sellers and partners;

• Riders and drivers;

• Customer support partners; and

• Marketing and advertising partners.

• Legal and accounting professionals

• Market research companies

halalo will take all steps reasonably necessary to ensure that your data is treated securely and under this privacy policy when it is transferred to third parties. If our business enters into a joint venture with, purchases or is sold to or merged with another business entity, your information may be disclosed or transferred to the target company, our new business partners or owners or their advisors. International transfers of data:

• In some cases, the personal data we collect from you might be processed outside the European Economic Area ("EEA"), such as the United States, Canada and the countries in which halalo operates (which are set out on www.halalo.co.uk). These countries may not have the same protections for your data as the United Kingdom or the EEA has. However, we are obliged to ensure that the personal data that is processed by us and our suppliers outside of the EEA is protected in the same ways as it would be if it was processed within the EEA. There are therefore certain safeguards in place when your data is processed outside of the EEA.

• We ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

1. your data is transferred to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;

2. we use the UK approved Standard Contractual Clauses; and

3. where your data is transferred to third party providers based in the US, data may be transferred to them if they have self-certified under the Privacy Shield framework about the type of data being transferred, which requires them to provide similar protection to personal data shared between the UK and the US.

Please contact us using the contact details above if you want further information on the countries to which personal data may be transferred and the specific mechanism used by us when transferring your data out of the UK and EEA.

1. In addition to your rights under the Data Protection Legislation, set out in Part 5, when you submit personal data via Our Site, you may be given options to restrict Our use of your data. In particular, we aim to give you strong controls on Our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in Our emails and at the point of providing your details and by managing your Account

2. You may also wish to sign up for one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you from receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receive.

You may access certain areas of Our Site without providing any personal data at all. However, to use all features and functions available on Our Site you may be required to submit or allow for the collection of certain data. If you do not consent or share your location, you will not be able to use our services through online ordering system or app.

If you want to know what personal data, we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”. All subject access requests should be made in writing and sent to the email or postal addresses on our website. we will respond to your normal subject access request within 30 days and is free of charge.

To operate our platform efficiently and improve our services, Halalo uses a number of trusted third party technologies and service providers. These services may process certain technical or usage data when you access or interact with our website.

These providers process data in accordance with their own privacy policies and applicable data protection regulations.

Infrastructure and Security

Cloudflare
We use Cloudflare to provide website security, performance optimisation, and protection against malicious traffic. Cloudflare may process technical information such as IP addresses, browser information, and network activity in order to protect the platform and ensure reliable service.

Analytics and Website Performance

Google Analytics 4
We use Google Analytics 4 to understand how visitors use our website. This helps us analyse traffic patterns, improve functionality, and enhance user experience. Google Analytics may collect anonymised usage data such as page visits, device type, approximate location, and interaction data.

Google Tag Manager
Google Tag Manager allows us to manage tracking technologies and scripts used on our website. It does not collect personal data itself but facilitates the deployment of other analytics and marketing tools.

Content Delivery and Website Resources

To improve loading speed and reliability of our website, we use content delivery networks (CDNs) that host commonly used website resources.

These may include:

• jQuery CDN
• jsDelivr CDN

When loading these resources, your browser may connect to the respective CDN servers, which may receive technical data such as IP address and browser information.

Marketing and Advertising Tracking

Meta Events Manager and Meta Ads Conversion Tracking
We use Meta tracking technologies to measure the effectiveness of advertising campaigns on platforms such as Facebook and Instagram. These tools may collect information about user interactions with our website after viewing or clicking on advertisements.

This may include events such as page views, product views, and purchases. The information helps us optimise advertising and improve marketing performance.

Email Communication Services

Mailjet
We use Mailjet to send transactional emails such as order confirmations, account notifications, and service updates. Mailjet processes email addresses and related information necessary to deliver these communications.

Customer Communication Tools

WhatsApp Business Chat Widget
Our website may offer a WhatsApp Business chat feature to allow customers to contact our support team easily. When using this feature, communications are processed through WhatsApp and are subject to WhatsApp's privacy policy.

Data Protection

We take reasonable measures to ensure that any third party service providers we use maintain appropriate security, confidentiality, and data protection standards in line with applicable data protection laws.

For further information about how your data is processed, please refer to our Privacy Policy or contact us through our Contact Us page.

Payment Processing

Payments made on Halalo are processed through secure third party payment providers (Stripe and PayPal). These providers process payment information directly in order to complete transactions.

Halalo does not store full payment card details on its servers. Payment providers process payment information in accordance with their own privacy policies and security standards.

Halalo.co.uk uses cookies and similar tracking technologies to improve website functionality, analyse traffic, enhance security, and measure the effectiveness of marketing campaigns.

Cookies are small text files placed on your device when you visit a website. These technologies allow websites to recognise your device and remember certain information about your preferences or activity.

Types of Cookies We Use

Strictly Necessary Cookies

These cookies are essential for the operation of our website and cannot be disabled through our systems. They are usually set in response to actions made by you such as:

• Logging into your account
• Adding items to your basket
• Completing purchases
• Security and fraud prevention

These cookies help ensure the website functions properly and securely.

Performance and Analytics Cookies

These cookies help us understand how visitors interact with our website so we can improve functionality and user experience.

We use services such as:

• Google Analytics 4

These cookies collect aggregated and anonymised information including:

• Pages visited
• Time spent on pages
• Device and browser type
• General geographic region

This information helps us analyse traffic and improve the performance of the Halalo platform.

Functional Cookies

Functional cookies allow the website to provide enhanced features and personalisation, such as remembering preferences or enabling customer support tools.

These may include integrations such as:

• WhatsApp Business chat widget
• Website performance services such as Cloudflare

Advertising and Marketing Cookies

These cookies help us measure and improve the effectiveness of advertising campaigns and marketing communications.

We may use technologies such as:

• Meta Ads conversion tracking
• Meta Events Manager

These tools may record interactions such as page visits, product views, and purchases after users engage with advertisements on platforms like Facebook or Instagram.

Content Delivery and Technical Resources

To improve website performance and loading speed, Halalo uses external content delivery networks (CDNs), including:

• jQuery CDN
• jsDelivr CDN

When your browser loads these resources, limited technical information such as IP address and browser type may be processed by the CDN providers.

Managing Cookies

You can control or disable cookies through your browser settings. Most browsers allow you to:

• View which cookies are stored
• Delete existing cookies
• Block certain types of cookies

Please note that disabling certain cookies may affect the functionality of the website, including the ability to log in or complete purchases.

Consent

Where required by law, Halalo will request your consent to use non essential cookies, such as analytics and marketing cookies, through our cookie consent banner when you first visit the website.

You can update or withdraw your cookie preferences at any time through the cookie settings available on our website.

Some of the third party services used by Halalo may process or store data outside the United Kingdom or the European Economic Area (EEA).

When this occurs, we ensure that appropriate safeguards are in place to protect your personal data in accordance with UK GDPR and the Data Protection Act 2018.

These safeguards may include:

• Data transfers to countries recognised by the UK as providing adequate levels of data protection
• Use of Standard Contractual Clauses (SCCs) approved by the UK authorities
• Other lawful mechanisms permitted under applicable data protection law

Third party providers such as Google, Meta, Cloudflare, Mailjet and WhatsApp may process data internationally as part of their global infrastructure.

Halalo retains personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and regulatory requirements.

Examples of retention periods may include:

• Customer account information: retained while the account remains active
• Order and transaction data: retained for accounting, tax, and legal compliance purposes
• Customer support communications: retained to manage customer service and dispute resolution
• Marketing communication data: retained until you unsubscribe or withdraw consent

When personal data is no longer required, it will be securely deleted or anonymised.

Under UK GDPR, you have several rights regarding your personal data. These rights may include:

Right of Access

You have the right to request access to the personal data we hold about you.

Right to Rectification

You have the right to request correction of inaccurate or incomplete personal information.

Right to Erasure

In certain circumstances, you may request that your personal data be deleted.

Right to Restrict Processing

You may request that we restrict the processing of your personal data in certain situations.

Right to Data Portability

You may request a copy of your personal data in a structured and commonly used electronic format.

Right to Object

You may object to the processing of your personal data for certain purposes, including direct marketing.

Right to Withdraw Consent

Where processing is based on consent, you may withdraw your consent at any time.

To exercise any of these rights, please contact us through our Contact Us page or support email.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data protection rights have been violated.

Halalo may use certain automated systems and analytical tools to help improve the functionality and performance of our platform. These tools may assist with activities such as:

• Fraud detection and prevention
• Order verification and risk assessment
• Website performance optimisation
• Personalised product recommendations or marketing communications

These processes may involve automated analysis of certain data points, such as account activity, order history, or website interactions.

However, Halalo does not make decisions that produce legal or similarly significant effects solely based on automated processing without appropriate human oversight.

Where automated systems are used, they are implemented to support operational efficiency and improve customer experience, while maintaining appropriate safeguards to protect user rights.

Halalo services are intended for individuals aged 18 years or older.

We do not knowingly collect personal data from children under the age of 18. If we become aware that personal information has been collected from a child without appropriate parental or guardian consent, we will take reasonable steps to delete such information as soon as possible.

Parents or guardians who believe that a child may have provided personal information through our platform are encouraged to contact us so that appropriate action can be taken.

Halalo takes the security and protection of personal data seriously and implements appropriate technical and organisational measures to safeguard customer information against unauthorised access, loss, misuse, or alteration.

These measures may include:

• Secure encrypted connections (HTTPS/SSL) to protect data transmitted between users and our platform
• Secure payment processing systems provided by trusted payment service providers
• Access controls and authentication procedures to restrict access to sensitive information
• Infrastructure security and traffic protection, including services designed to prevent malicious activity and cyber attacks
• Regular monitoring and system updates to maintain the security and integrity of our platform

Access to personal data is limited to authorised personnel, service providers, or partners who require the information to perform their duties, and who are subject to confidentiality and data protection obligations.

While we take reasonable steps to protect personal data, no method of transmission over the internet or electronic storage can be guaranteed to be completely secure. Customers are also responsible for keeping their account credentials confidential and notifying us immediately if they suspect any unauthorised use of their account.

Halalo continually reviews and improves its security practices and technologies to ensure that customer data is handled in a secure and responsible manner.

Business Transfers
If Halalo or its operating company undergoes a merger, acquisition, restructuring, or sale of assets, personal data may be transferred to the acquiring entity as part of the transaction. In such circumstances, appropriate safeguards will be implemented to ensure that your personal data continues to be protected in accordance with this Privacy Policy.