Better & Partners Communications Limited ("we", "our", "us", "halalo.co.uk", "halalo”) understands that your privacy is important to you and that you care about how your data is used. We respect and value the privacy of everyone who visits this website, www.halalo.co.uk or Halalo mobile applications (together “Our Site”) and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law. Please read this Privacy Policy carefully and ensure that you understand it. Your acceptance of this Privacy Policy is requested by us to collect your data, keep, and process your data by electronic means for marketing and legal purpose. If you do not provide necessary Personal Data consent, we may not be able to provide you with our goods and/or services. This Policy applies to everyone who interacts with us through our website (online), our mobile applications, Phone, online chat or via email or any disclosures made orally or in written form to any delivery driver/Partner sellers or any interaction with us through social media.
Privacy Policy
- Purpose of this Privacy Notice
- 1. Who we are?
- 2. What Does This Policy Cover?
- 3. What Is Personal Data?
- 4. Your Rights Explained.
- 5. What Data We Collect and How?
- 6. How we use your data?
- 7. How we protect your data?
- 8. Change of Purpose
- 9. How Long Will You Keep My Personal Data?
- 10. How and Where Do You Store or Transfer My Personal Data?
- 11. Do You Share My Personal Data?
- 12. How Can you Control your Personal Data?
- 13. Can you Withhold Information?
- 14. How Can I Access My Personal Data?
At halalo.co.uk, your privacy is our top priority. Our Privacy Policy outlines how we collect, use, and protect your personal information. Learn about our commitment to safeguarding your data, our practices for handling your details, and your rights regarding your personal information. Trust halalo.co.uk for transparent, secure management of your privacy.
By referring Us or we in this Policy document the website (halalo.co.uk), the mobile applications, other marketing channels or companies established or affiliated or associated or operated by Better and Partners Communications Limited, a company registered in England and Wales under 11392783, whose registered office is on 5th Floor 22 East cheap, London, England, EC3M 1EU the United Kingdom
This Privacy Policy applies only to your use of Our Site (halalo.co.uk) or mobile applications. Our Site may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them or accepting on their privacy policy.
Personal data is defined by the UK GDPR and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, payment card or account details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
Under the Data Protection Legislation, you have the following rights, which we will always work to uphold
-
The right to be informed about Our collection and use of your data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using Our contact details.
-
The right to access the personal data we hold about you and can be accessed via your account profile or if you need further clarity, you can contact us by email: [email protected]
-
The right to have your data rectified if any of your data held by us is inaccurate or incomplete. Please contact us by email: [email protected]
-
The right to be Erased, i.e., the right to ask us to delete or otherwise dispose any of your data that we hold. Please contact us by email: [email protected]
-
The right to restrict (i.e., prevent) the processing of your data for a particular purpose or purposes.
-
The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your data, you are free to withdraw that consent at any time.
-
The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
-
Rights relating to automated decision-making and profiling.
Your data must be kept accurate and up to date. If any of the personal data we hold about you changes, please keep us informed as long as we have that data.
Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.
If you have any cause for complaint about Our use of your data, you have the right to complain with the Information Commissioner’s Office. we would welcome the opportunity to resolve your concerns ourselves, however, so please contact us by email: [email protected]
-
Information that you provide to us such as your name, address, date of birth, telephone number, email address, bank account and payment card details and any feedback you give to us, including by phone, email, post, or when you communicate with us via social media;
-
Information required to make decisions about your applications for products and services we offer.
-
Your account login details for our websites and apps, including your username and chosen password;
-
Information about whether or not you want to receive marketing communications from us;
-
We also collect information about your usage of the website and information about you from any messages you post to the website or when you contact us or provide us with feedback, including via e-mail, letter, phone or chat function. If you contact us by chat or phone, we might record the call for training and service improvement purposes, and make notes concerning your chat or call.
-
We collect technical information from your mobile device or computer, such as its operating system, the device and connection type and the IP address from which you are accessing our website.
-
We also collect technical information about your use of our services through a mobile device, for example, carrier, location data and performance data such as mobile payment methods, interaction with other retail technology such as the use of NFC Tags, QR Codes and/or use of mobile vouchers. Unless you have elected to remain anonymous through your device and/or platform settings, this information may be collected and used by us automatically if you use the service through your mobile device(s) via any halalo mobile application, through your mobile's browser or otherwise.
-
We will not process health information unless you consent to this, for example, if you specify any food allergies
-
Information from other sources such as specialist companies that provide customer information. For example, credit reference agencies such as Experian, the Royal Mail, fraud prevention agencies, claims databases, marketing and research companies, social media providers, pay-tv providers and the DVLA, as well as publicly available information; and
-
Information from third-party websites, such as advertising platforms, referral agencies and our fraud detection provider.
Under the Data Protection Legislation, we must always have a lawful basis for using personal data. The following table describes how we may use your data and Our lawful bases for doing so:
We will only process the data we collect about you if there is a reason for doing so, and if that reason is permitted under data protection law.
Where we need to provide you with the service you have requested or to enter into a contract, we use your information:
-
to enable us to provide you with access to the relevant parts of the website;
-
to supply the services you have requested;
-
to enable us to collect payment from you; and
-
to contact you where necessary concerning our services, such as to resolve issues you may have with your order.
-
to enable us to deliver your orders to your specified address or addresses.
We also process your data where we have a legitimate interest in doing so, for example, personalisation of our service, including processing data to make it easier and faster for you to place orders. We have listed these reasons below:
-
to improve the effectiveness and quality of service that our customers can expect from us in the future;
-
to tailor content that we or our third-party seller, partner or advertising partners display to you, for example, so that we can show you shops which are in your area or make sure you see the advertising which is most relevant to you, based on characteristics determined by us;
-
to enable our customer support team to help you with any enquiries or complaints in the most efficient way possible and to provide a positive customer experience;
-
to contact you for your views and feedback on our services or our sellers or partners’ services and/or products and to notify you if there are any important changes or developments to the website or our services, including letting you know that our services are operating in a new area, where you have asked us to do so; or you voted for it on our website or mobile app
-
to send you information by post and/ or email about our products, services and promotions (if you do not want to receive these, you can let us know by getting in touch with us);
-
to analyse your activity on the website so that we can administer, support, improve and develop our business and for statistical and analytical purposes and to help us to prevent fraud;
We also process your data to enforce our contractual terms with you and any other agreement, and for the exercise or defence of legal claims and to protect the rights of halalo.co.uk, Better & Partners Communications Limited, sellers, partners, riders, drivers or others (including to prevent fraud);
If you submit comments and feedback regarding the website and the services, we may use such comments and feedback on the website in any marketing or advertising materials.
We will also analyse data about your use of our services from your location data to create profiles relating to you and for you. This means that we may make certain assumptions about what you may be interested in and use this activity, which is referred to as profiling.
Where we are under legal obligation to do so we may use your information to create a record of your order(s) profile and comply with any legal obligation or regulatory requirement to which we are subject.
We know how important it is to protect and manage your data. This section sets out some of the measures we have in place.
-
We apply physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data;
-
We protect the security of your information while it is being transmitted by encrypting it;
-
We use computer safeguards such as firewalls and data encryption to keep this data safe;
-
We only authorise access to employees and trusted partners who need it to carry out their responsibilities;
-
We regularly monitor our systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security;
-
We will reveal only the last four digits of your payment card number when confirming an order.
Whilst we take appropriate technical and organisational measures to safeguard your data, you must keep your login details and devices protected from unauthorised access. Your data may be transferred outside the UK. It may also be processed by companies outside the UK who work for us (or for one of our service providers). When we do this, your data will be subject to appropriate safeguards. If we do transfer personal data outside of the UK, it will be protected in the same way as if it was being used in the UK. To do this we use one of the following safeguards:
-
Transfer to a non-UK Country whose privacy laws ensure an appropriate level of protection for personal data;
-
Put in place a contract with a third-party that means they must protect personal data to the same standards as the UK; or
-
Transfer personal data to organisations that are part of specific agreements on cross-border data transfers with the UK.
Data Security
We have put in place appropriate security measures to prevent your data from being accidentally lost, used or accessed in an unauthorised way, altered, or disclosed. In particular:
-
we are independently checked each year to confirm that we meet payment card industry data security standards, and
-
we use ‘secure sockets layer (“SSL”) technology. SSL technology helps prevent you from inadvertently revealing personal details using an unsecured connection.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Please note that, notwithstanding the steps we take, the transmission of information via the internet can never be completely secure. Although we will do our best to protect your data, we cannot guarantee the security of your data transmitted to our Site / App.
Our Data Protection Officer:
Our Data Protection Officer can be contacted by email: [email protected] or by post: DataCo International UK Limited, Suite 1, 7th Floor, 50 Broadway, London, United Kingdom, SW1H 0BL
we will only use your data for the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purpose(s) and need to use your data for that purpose. If we do use your data in this way and you wish us to explain how the new purpose is compatible with the original, please contact us using our contact details
If we need to use your data for a purpose that is unrelated to, or incompatible with, the purpose(s) for which it was originally collected, we will inform you and explain the legal basis which allows us to do so. In some circumstances, where permitted or required by law, we may process your data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights.
We will not keep your data any longer than is necessary for light of the reason(s) for which it was first collected. Information that we collect will be retained for as long as needed to fulfil the purposes outlined in the ‘Use of my information’ section above, in line with our legitimate interest or for a period specifically required by applicable regulations or laws, such as retaining the information for regulatory reporting purposes. By law, we must keep basic information about our customers (including Contact, Identity, Date of Birth, ethnicity, Financial and Transaction Data) for six years after they cease being customers for tax purposes. We typically retain this information for a further six to twelve months to ensure that no relevant claim has been made within those six years before we dispose of it. In some circumstances, we may anonymise your data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you
we may store some or all your data in countries outside of the UK. These are known as “third countries”. We will take additional steps to ensure that your data is treated just as safely and securely as it would be within the UK and under the Data Protection Legislation as follows:
We ensure that your data is protected under binding corporate rules. Binding corporate rules are a set of common rules which all our group of companies are required to follow when processing personal data. For further information, please refer to the Information Commissioner’s Office.
The security of your data is essential to us, and to protect your data, we take several important measures, including the following:
-
limiting access to your data to those employees, agents, contractors, and other third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality;
-
procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your data) including notifying you and/or the Information Commissioner’s Office where we are legally required to do so;
we will not share any of your data with any third parties for any purposes other than any statutory requirements, subject to the following exception/s. We share your information with our other group of companies only where necessary for the purposes of improving customer experience and market research. We share your information with third-party service providers which provide services on our behalf. The types of third-party service providers whom we share your information include but not limited to for example:
-
Payment providers (including online payment providers and fraud detection providers);
-
IT service providers (including cloud providers);
-
Sellers and partners;
-
Riders and drivers;
-
Customer support partners; and
-
Marketing and advertising partners.
-
Legal and accounting professionals
-
Market research companies
halalo will take all steps reasonably necessary to ensure that your data is treated securely and under this privacy policy when it is transferred to third parties. If our business enters into a joint venture with, purchases or is sold to or merged with another business entity, your information may be disclosed or transferred to the target company, our new business partners or owners or their advisors. International transfers of data:
-
In some cases, the personal data we collect from you might be processed outside the European Economic Area ("EEA"), such as the United States, Canada and the countries in which halalo operates (which are set out on www.halalo.co.uk). These countries may not have the same protections for your data as the United Kingdom or the EEA has. However, we are obliged to ensure that the personal data that is processed by us and our suppliers outside of the EEA is protected in the same ways as it would be if it was processed within the EEA. There are therefore certain safeguards in place when your data is processed outside of the EEA.
-
We ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
-
your data is transferred to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
-
we use the UK approved Standard Contractual Clauses; and
-
where your data is transferred to third party providers based in the US, data may be transferred to them if they have self-certified under the Privacy Shield framework about the type of data being transferred, which requires them to provide similar protection to personal data shared between the UK and the US.
Please contact us using the contact details above if you want further information on the countries to which personal data may be transferred and the specific mechanism used by us when transferring your data out of the UK and EEA.
-
In addition to your rights under the Data Protection Legislation, set out in Part 5, when you submit personal data via Our Site, you may be given options to restrict Our use of your data. In particular, we aim to give you strong controls on Our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in Our emails and at the point of providing your details and by managing your Account
-
You may also wish to sign up for one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you from receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receive.
You may access certain areas of Our Site without providing any personal data at all. However, to use all features and functions available on Our Site you may be required to submit or allow for the collection of certain data. If you do not consent or share your location, you will not be able to use our services through online ordering system or app.
If you want to know what personal data, we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”. All subject access requests should be made in writing and sent to the email or postal addresses on our website. we will respond to your normal subject access request within 30 days and is free of charge