Privacy:

 

Privacy Policy

We know that in this digital age, your privacy is important. This Privacy Policy reflects our commitment to protect personal data and the choices we offer you regarding how your data is used. We welcome you to read more about how we keep your information safe, as well as how you can exercise your rights. In addition, our Privacy policy covers our treatment of data that may be personal to you.

We recommend that you read this Policy in full to ensure you are fully informed. However, if you only want to access a particular section of this Policy, then you can click on the relevant link below to jump to that section.

Privacy Policy 1

What private data do we collect from the people who visit our website? 3

a) Contact Information: 3

b) Location data: 3

c) Profile data (master data): 3

d) Device information and access data: 3

e) Order information: 4

f) Communication data 4

g) Financial information: 4

h) Delivery information: 4

i) Retailers 4

Data About Your Accounts on Other Services: 5

k) Social Networking Data: 5

l) Mobile Device Data: 5

Automatically collected information about your use of our Services or tools, 5

The information we collect includes: 6

Do Not Track 6

Do Not Track 6

How do we use and process personal data? 6

Behavioral Advertising 8

When we share personal information 8

Do we use 'cookies? 8

How we use cookies 8

First-party cookies 9

Third-party cookies 9

What are your choices regarding cookies? 9

Google Analytics Cookies 9

Facebook Pixel 10

Notice to California Residents 10

Your CCPA Rights 11

a) The Right to Request Deletion of Your Personal Information 11

b) The Right to “Opt Out” of the Sale of Your Personal Information 11

c) The Right to Not Be Penalized for Exercising Your Rights 11

d) How to Exercise My CCPA Rights 11

Opting Out of the Sale of Your Personal Information 12

GDPR-Customer data processing appendix: 12

GDPR-EU data protection law 12

Coppa (children online privacy protection action) 13

Your Legal Rights 14

You may have the following rights: - 14

A. Request access 14

B. Request correction 14

C. Request deletion 14

D. Object to processing 14

A. Request restriction 14

B. Request the transfer 14

C. Withdraw consent 14

How do we protect your details? 14

Can-spam act 15

We accumulate your email to be able to: 15

Limitation of liability 15

Governing Law and Jurisdiction 15

Changes to this privacy notice 16

Contacting us 16



What private data do we collect from the people who visit our website?

In the following description of our processing activities, we refer in each case to categories of personal data. A category includes several personal data, which are usually processed together for the purposes.

Personal data is information that can identify you or even make you identifiable.

We generally process the following categories of personal data for the following reasons:

  1. Contact Information:

Name, address, telephone number, email address, your ID from any social media (if applicable).

Reason:

If you contact us, we collect this data because we need to know who we are talking to and what we have been talking about so that we can help you with your reason for contacting us. This also applies if you leave comments on social media on our fan pages. We do not combine this data with your profile data on our platform, but we can still identify you by your social media ID.

  1. Location data:

Address, Postcode, City, Country, Longitude, Latitude

Reason:

We need these data to be able to deliver your orders. We create the longitude and latitude automatically to be able to process your delivery address in our other linked systems, such as our Rider app, and to display your address to our riders or riders of restaurants.

  1. Profile data (master data):

Name, email address, password, telephone number, delivery addresses, interests, demographic data (age, delivery address)

Reason:

This data is your master data, which we absolutely need for our services. Without an email address / telephone number and a password, you cannot create a profile. Together with your name, this is your master data. We need your age to ensure that you are not a minor.

  1. Device information and access data:

Device ID, device identification, operating system and corresponding version, time of access, configuration settings, information on Internet connection (IP address)

Reason:

With each access this information is stored by us for technical reasons. We also use parts of this information to detect suspicious behavior at an early stage and to avert damage.

  1. Order information:

Order history, selected restaurants, invoices, order ID, comments on orders, information on payment method, delivery address, successful orders, and cancelled orders

Reason:

Each time you place an order, this information will be added to your profile. You can view all this information in your profile at any time. The information should give you an overview of your own interests and previous orders. We will also use the same information to improve our services. In addition, we will anonymize this information when you request a deletion or when your profile becomes inactive to continue to use this information in an anonymized form to optimize our services.

  1. Communication data

Name, email address, telephone number, device ID

Reason:

If you would like to receive a newsletter, an SMS, or an in-app push notification from us, we need certain information to send you the messages. Instead of addressing you with "Hey You", we find it more customer friendly to address you with your name. This category of personal information is also used by us to contact you, for example, if a product cannot be delivered and we want to offer you an alternative instead.

  1. Financial information:

Financial data is related to your payment methods, such as credit card or bank transfer details. We collect financial data to allow you to purchase, order, or exchange services from our website. We store limited financial data. Most financial data is transferred to our payment processor, PayPal, and PayStack and you should review these processors' Privacy Policies to determine how they use, disclose, and protect your financial data.

    1. As a courtesy, PayPal Privacy Policy can be found here https://www.paypal.com/us/webapps/mpp/ua/privacy-full

    2. PayStack Privacy Policy can be found here

Reason:

We need this information to track your payments and assign them to the orders you have placed.

  1. Delivery information:

Name, delivery address, phone number, order ID

Reason:

In accordance with the principle of data minimization, we only provide our riders and restaurants with the information that they need from you to prepare and deliver your order.

  1. Retailers. Retailers may provide us with information about you directly or indirectly via third-party service providers. For instance, Retailers may collect additional personal information from you while fulfilling an order placed through Website/App or Services and share it directly with BonGeso. Retailers may store this personal information about you using a point-of-sale service provider that enables Retailers to process and fulfill transactions, manage inventory, maintain records, and report transactions in accordance with applicable law. Retailers may direct their point-of-sale service provider to share such personal information with us to ensure that our and our service provider's records about your order are consistent, allowing us to process your order efficiently and effectively. Similarly, retailers may occasionally utilize loyalty program service providers to reward you for purchases made with the retailer. Retailers may share personal information collected through their loyalty program with BonGeso, either directly or through the Retailer's loyalty program service provider, to enable you to redeem past rewards and apply them to an order placed through Website/App or Services.

Data About Your Accounts on Other Services:

  1. We may obtain certain information through your social media or other online accounts if they are connected to your BonGeso account. If you login to via Facebook or another third-party platform or service, we ask for your permission to access certain information about that other account. For example, depending on the platform or service, we may collect your name, profile picture, account ID number, login email address, location, the physical location of your access devices, gender, birthday, and list of friends or contacts.

  2. Social Networking Data: We may access personal information from social networking sites, and apps, including Facebook, Twitter, LinkedIn, and Google, which may include your name, your social network username, location, email address, age, gender, profile picture, and any other public information. If you do not want us to access this information, please go to the specific social networking site and change your privacy settings.

  3. Mobile Device Data: If you use our Website/App via a mobile device or app, we may collect information about your mobile device, including device ID, model and manufacturer, and location information.

  4. Those platforms and services make information available to us through their APIs. The information we receive depends on what information you (via your privacy settings) or the platform or service decide to give us.

  5. If you access or use our Services or to buy goods through a third-party platform or service, or click on any third-party links, the collection, use, and sharing of your data will also be subject to the privacy policies and other agreements of that third party.

Automatically collected information about your use of our Services or tools,

This information is registered automatically with the visit by own configuration or manual of each tool on the Website/App.

 

This is to improve the Website/App, services, and security, among which we include security inspection by the administration of the Website/App and third parties.

The information we collect includes:

Log and Usage Data. Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Website/App and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type and settings and information about your activity in the Website/App (such as the date/time stamps associated with your usage, pages and files viewed, searches and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called 'crash dumps') and hardware settings).

Device Data. We collect device data such as information about your computer, phone, tablet, or other device you use to access the Website/App. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model Internet service provider and/or mobile carrier, operating system, and system configuration information.

Location Data. We collect location data such as information about your device's location, which can be either precise or imprecise. How much information we collect depends on the type and settings of the device you use to access the Website/App. For example, we may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your Location setting on your device. Note however, if you choose to opt out, you may not be able to use certain aspects of the Services.

Do Not Track

Currently, various browsers — such as Internet Explorer, Firefox, and Safari — offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Web sites’ visited by the user about the user's browser DNT preference setting. BonGeso does not currently commit to responding to browsers' DNT signals with respect to the Company's Web sites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. BonGeso takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

Do Not Track

Currently, various browsers — such as Internet Explorer, Firefox, and Safari — offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Web sites’ visited by the user about the user's browser DNT preference setting. BonGeso does not currently commit to responding to browsers' DNT signals with respect to the Company's Web sites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. BonGeso takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

How do we use and process personal data?

Purpose/Activity

Type of data

Lawful basis for processing including basis of legitimate interest

To register you as a new user

  • Identity

  • Contact

Performance of a contract with you

To process and deliver our service including:

to provide you with the outcome

to provide you with recommendations based on your use of our App

  • Identity

  • Contact

  • Profile

  • Transaction

  • Usage

  • Marketing and Communications

Performance of a contract with you

Necessary for our legitimate interests

To manage our relationship with you which will include:

Notifying you about changes to our terms or privacy policy

Asking you to leave a review or take a survey

  • Identity

  • Contact

  • Profile

  • Transaction

  • Usage

  • Marketing and Communications

Performance of a contract with you

Necessary to comply with a legal obligation

Necessary for our legitimate interests (to keep our records updated and to study how people use our services)

To administer and protect our business and this App (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

  • Identity

  • Contact

  • Transaction

  • Technical

  • Profile

  • Usage

  • Marketing and Communications

Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise)

Necessary to comply with a legal obligation

To deliver relevant App content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

  • Identity

  • Contact

  • Transaction

  • Profile

  • Usage

  • Marketing and Communications

  • Technical

Necessary for our legitimate interests (to study how customers use our services, to develop them, to grow our business and to inform our marketing strategy)

To use data analytics to improve our App, services, marketing, customer relationships and experiences

  • Technical

  • Usage

  • Transaction

Necessary for our legitimate interests (to define types of customers for our services, to keep our App updated and relevant, to develop our business and to inform our marketing strategy)

To make suggestions and recommendations to you about goods or services that may be of interest to you

  • Identity

  • Contact

  • Technical

  • Usage

  • Profile

  • Marketing and Communications

Necessary for our legitimate interests (to develop our services and grow our business)

Behavioral Advertising

As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:

You can opt out of targeted advertising by:

When we share personal information

Once your personal information is collected, as detailed above, we may share it with third parties for various reasons, among them email delivery, data hosting, analytics, payment processing and content streaming. These services may collect browsing data that includes IP addresses, referring pages, and users’ movements as they navigate the Website/App. Other third parties help us with our marketing efforts including sending and analyzing our marketing efforts by measuring whether recipients have opened an email and clicked on any content within it.

When we share your personal information with a third party, we require that third party to protect the information consistent with this Statement and limit its use of the information to performing the services they provide to us. For example, when we share personal information with payment processors or presenters of web seminars, its use is limited to providing that service.

Do we use 'cookies?

Yes. Cookies are small documents a site or its provider exchanges to your computer's hard drive through your browser (if you allow) that permit the site's or service provider's systems to identify your internet browser and capture please remember certain information. For example, we use cookies to help us keep in mind and process the things in your shopping cart software. Also, they are used to help us understand your requirements based on prior or current site activity, which permits us to offer you improved upon services. We also use cookies to help us put together aggregate data about site traffic and site conversation so that people may offer better site experience and tools in the foreseeable future.

How we use cookies

We use cookies and similar technologies for several purposes, depending on the context or service, including: 

First-party cookies

  1. Strictly Necessary cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are often set in response to actions made by you, which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms.

  2. Functional cookies: These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages.

  3. Performance cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

  4. Targeting cookies: These cookies may be set through our site and may be used to build a profile of your interests and show you relevant adverts on other sites.

Third-party cookies

In addition to our own cookies, we may also use various third-party cookies to report usage statistics of the Service, deliver advertisements on and through the Service, and so on. These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites.

What are your choices regarding cookies?

Cookie Preferences on BonGeso website: Our cookies allow you to take advantage of some essential and useful features. Blocking some types of cookies may impact your experience of our sites. You can change your cookie preferences at any time by clicking ‘Cookie Preferences’ in the footer of the BonGeso website.

Browser settings: You can also manage browser cookies through your browser settings. The 'Help' feature on most browsers will tell you how to remove cookies from your device, prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, how to disable cookies, and when cookies will expire. Check the support site for your browser to understand privacy settings available to you. If you block or reject some of our cookies through your browser’s settings, you might not be able to use certain offerings that require you to sign-in to an account and some features and services may not work. You might also have to manually adjust your preferences or settings every time you visit our website.

Google Analytics Cookies

We use Google Analytics to investigate the utilization of our site by users and visitors. Google Analytics assembles data about site use through cookies. The data assembled identifying our site is utilized to make reports about the utilization of our site.

You can refuse the use of Google Analytics by clicking on the following link. An opt-out cookie will be set on the computer, which prevents the future collection of your data when visiting this website: Disable Google Analytics.

Name of cookie

Expiry period

Purpose

Company

_ga

Persistent - 2 years

Analytics

Google Analytics, Google LLC

_ga_JMDY11H0YJ

Persistent - 2 years

Analytics

Google Analytics, Google LLC

_gat

Persistent - 2 years

Analytics

Google Analytics, Google LLC

_gid

Persistent - 1 day

Analytics

Google Analytics, Google LLC

_sp_root_domain_test_* (x 1535)

Session cookie

Analytics

bongeso.com

gaVisitorTypeLong

Persistent - 2 years

Analytics

Google Analytics, Google LLC

gaVisitorTypeShort

Persistent - 30 minutes

Analytics

Google Analytics, Google LLC

Facebook Pixel

_fpb,datr,dpr,fr,wd

Collects anonymous statistics regarding usage of the bongeso.com website. These are third-party cookies. While bongeso.com 's use of Facebook causes these cookies to be used, bongeso.com itself does not control the data within the cookies themselves. The names of the cookies listed are provided as examples. bongeso.com does not directly control the names of the cookies involved, and the actual names may differ.

These cookies enable us to:

  1. Determine the effectiveness of certain marketing campaigns

  2. Collect additional anonymous statistics (see below)

You can learn more about Facebook's Tracking Pixel here

Notice to California Residents

If you are a resident of California, then the collection, processing and use of your personal information may be subject to the California Consumer Privacy Act (“CCPA”) as well as other applicable California state privacy laws.

As a company that does business in California and collects the personal information of some California residents, we are required to inform you of the consumer rights afforded to you under the CCPA, and to enable you to exercise those rights with regards to any personal information that we may have collected about you.

Your CCPA Rights

The Right to Know How Your Personal Information is Used

As a California resident, the CCPA affords you the right to request information about the collection, use, and disclosure of your personal information over the previous 12 months, including:

  1. The Right to Request Deletion of Your Personal Information

You are also afforded the right to request the deletion of any personal information that has been collected about you over the prior 12 months, subject to certain exceptions. Please refer to “Requesting Deletion of Your Personal Information” section for more information.

  1. The Right to “Opt Out” of the Sale of Your Personal Information

Under the CCPA, you may also request that your personal information not be sold to any third parties. Businesses who sell the personal information of California residents are required to respect “opt out” requests for a period of at least 12 months before requesting your authorization to resume selling your personal information.

  1. The Right to Not Be Penalized for Exercising Your Rights

Lastly, business required to comply with the CCPA are prohibited from charging you a fee, requiring you to pay higher prices or rates for services, providing you a lower level of service, or terminating your services altogether for exercising your rights under the CCPA; understanding, however, that some personal information may need to be retained to continue to deliver those services to you.

  1. How to Exercise My CCPA Rights

To request details regarding any information about you that we may have collected over the last 12 months, and/or to request the deletion of any such information, please contact us directly using the information and methods provided in the “How to Contact Us” section of this Privacy Policy.

Please note that the CCPA does not obligate us to provide the requested information to the same consumer more than twice in a 12-month period.

Opting Out of the Sale of Your Personal Information

We have undertaken extensive steps to identify whether any of our data sharing arrangements would constitute the “sale” of personal information under the CCPA. We continue to maintain that we do not sell, trade, rent or otherwise disclose personal information to a third party for “monetary or other valuable consideration” and, therefore, are not required to provide you the ability to “opt out” of the sale of your information since we do not engage in such activities.

GDPR-Customer data processing appendix:

Customer Data" means any personal data that BonGeso processes on Customer's behalf via the Services, as more particularly described in this DPA.

"Data Protection Laws" means all data protection laws and regulations applicable to a party’s processing of Customer Data under the Agreement, including, where applicable, EU Data Protection Law and Non-EU Data Protection Laws.

GDPR-EU data protection law

EU Data Protection Law” means all data protection laws and regulations applicable to Europe, including (i) Regulation 2016/679 of the European Parliament and the Council on the protection of natural persons concerning the processing of personal data and on the free movement of such data (General Data Protection Regulation) (“GDPR“); (ii) Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector; (iii) applicable national implementations of (i) and (ii); and (iv) in respect of the United Kingdom (“UK“) any applicable national legislation that replaces or converts in domestic law the GDPR or any other law relating to data and privacy as a consequence of the UK leaving the European Union.

Europe” means, for this DPA, the European Union, the European Economic Area and/or their member states, Switzerland, and the United Kingdom.

Non-EU Data Protection Laws” means the California Consumer Privacy Act (“CCPA”); the Canadian Personal Information Protection and Electronic Documents Act (“PIPEDA”); and the Brazilian General Data Protection Law (“LGPD “), Federal Law no. 13,709/2018.

SCCs” means the standard contractual clauses for processors as approved by the European Commission or Swiss Federal Data Protection Authority (as applicable), which shall be applied only to transfers of Customer Data from the European Union.

Sensitive Data” means (a) social security number, passport number, driver’s license number, or similar identifier (or any portion thereof); (b) credit or debit card number (other than the truncated (last four digits) of a credit or debit card); (c) employment, financial, genetic, biometric or health information; (d) racial, ethnic, political or religious affiliation, trade union membership, or information about sexual life or sexual orientation; (e) account passwords; or (f) other information that falls within the definition of “special categories of data” under applicable Data Protection Laws.

Services Data” means any data relating to the Customer’s use, support, and/or operation of the Services, including information relating to volumes, activity logs, frequencies, bounce rates, or other information regarding emails and other communications the Customer generates and sends using the Services.

Coppa (children online privacy protection action)

With regards to the assortment of private information from children under age 13 years, the Children's Online Privacy Protection Act (COPPA) puts parents in charge. The Federal Trade Commission, United States' consumer safety firm, enforces the COPPA Guideline, which spells out what providers of websites and online services should do to safeguard children privatizes and security online. For more Details Click Here or below link

https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule

Your Legal Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data.

You may have the following rights: -

  1. Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

  2. Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

  3. Request deletion of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

  4. Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

  1. Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:

    1. If you want us to establish the data's accuracy.

    2. Where our use of the data is unlawful, but you do not want us to erase it.

    3. Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.

    4. You have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.

  2. Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

  3. Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you.

How do we protect your details?

Can-spam act

The CAN-SPAM Act is a regulation that sets the guidelines for commercial email, establishes requirements for commercial announcements, offers recipients to have emails ceased from being delivered to them, and spells out hard fines for violations.

We accumulate your email to be able to:

If anytime you want to unsubscribe from receiving future email, you can email us at by using contact form at our Website/App and we'll immediately remove you from ALL communication.

Limitation of liability

Governing Law and Jurisdiction

Changes to this privacy notice

We reserve the right to alter this privacy notice at any time. Such alterations will be posted on our Website/App. You can also obtain an up-to-date copy of our privacy notice by contacting us.

Contacting us

If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your Personal Information, you may do so via the contact us or email us at [email protected]bongeso.com or call us at +234 7015701647.

This document was last updated on April 23, 2022