United States 🇺🇸
United States (Marines) 🇺🇸
Canada 🇨🇦
United Kingdom 🇬🇧
United Kingdom (Schools) 🇬🇧
Ireland 🇮🇪
Spain 🇪🇸
Netherlands 🇳🇱
Belgium 🇧🇪
Japan 🇯🇵
Hong Kong 🇭🇰
Singapore 🇸🇬

Privacy Policy (Japan)

This app (the "Application") is powered by Dynamify Limited, a company registered in England and Wales under number 09575041 with its registered office at 20-22 Wenlock Road, London, N1 7GU ("Dynamify", "we", "our", and "us"). The Application is operated by us. (the "Operator") as detailed in the Commercial Transactions Information.

This policy (together with our Terms and Conditions and any other documents referred to on it) sets out the basis on which personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. During the process of registering an account on the Application, you have the option of reading this Privacy Policy before accepting and consenting to the practices described in this policy.

For the purpose of the Data Protection Act 1998 (the Act), Dynamify Limited is registered as a data controller under number A8073591.

Information We May Collect from You

We may collect and process the following data about you:
  • Information you give us by filling in forms on the Application, or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to use the Application, subscribe to our service, make a payment on the Application, and when you report a problem with the Application. The information you give us may include your name, address, email address, phone number, employer details (eg, organisation, building, floor number) and personal description.
  • If you provide feedback in relation to your visit to a "Venue" (defined as a store, café, central kitchen or restaurant) listed on the Application, we will process such information for analysis and statistical purposes.
  • If you contact us, we may keep a record of that correspondence.
  • Location data (where activated and you have agreed to this on your mobile device) so that the appropriate Venues serving your physical location (office or otherwise) can be shown in the Application.
  • With regard to each of your visits to the Application we may automatically collect information about your computer and/or your mobile device, including, where available, your IP address, operating system and browser type, for system administration and to report aggregate information. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.

Payment Information

In order to pay a bill using the Application, you will need to enter your payment information. Payment processing services are provided by a specialist third party provider called Stripe (the "Payments Processor").

By inputting your payment information, you agree to use of that information by the Payments Processor for the purpose of paying your bill and processing your payment.

Uses Made of the Information

We use information held about you in the following ways:
  • Information you give to us. We will use this information: to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us; to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about; to notify you about changes to our service; to ensure that content from the Application is presented in the most effective manner for you and for your mobile phone.
  • Information we collect about you. We will use this information: to administer the Application and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; to improve the Application to ensure that content is presented in the most effective manner for you and for your computer; to allow you to participate in interactive features of our service, when you choose to do so; and as part of our efforts to keep the Application safe and secure.
  • Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).

Disclosure of the Information

Your personal information is owned by and will be shared with the Application Operator, their subsidiaries, their ultimate holding company and its subsidiaries, as defined in Companies Act of Japan.

The Operator will not permit your personal data to be used for any purposes not listed in this policy without securing your prior consent first.

We may share your name and special instructions associated with each order that you place in the Application with the Venue you selected. This is to ensure that they can correctly fulfil (including your dietary requirements), label and deliver the order without incident.

We will never share your contact details (ie, email address and phone number) with a Venue or any other third party. Any communication between you and a Venue is only ever managed through the Application and they are not able to contact you directly by any other means.

We may share your feedback (anonymised and without reference to your personal data) with the Venue to which such feedback refers for the purpose of improving the customer experience at that Venue.

We may disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation. This should only apply in relation to the country that you registered to use the Application.

Cookies

In order to improve the Application, we may use small files commonly known as "cookies". A cookie is a small amount of data which often includes a unique identifier that is sent to your computer or mobile phone (referred to in this policy as a "device") from the Application and is stored on your device's hard drive.

A cookie records on your device information relating to your internet activity (such as whether you have visited our website before). The cookies we use on the Application won't collect personally identifiable information about you and we won't disclose information stored in cookies that we place on your device to third parties.

Google Analytics

We use Google Analytics which is a web analytics service provided by Google Inc. in order to understand how visitors to the Application use the Application.

The Google Analytics cookies collect information about how people are using the Application, for example which pages are visited the most often, how people are moving from one link to another and if they get error messages from certain pages. The cookies do not gather any information that identifies you. The information these cookies collect is grouped together with information from other people's use of the Application on an anonymous basis. Overall, these cookies provide us with analytical information about how the Application is performing and how we can improve our service.

Storage of Your Personal Data

The data that we collect from you will be stored on our secure servers within the European Economic Area ("EEA").

Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Application, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Application; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Your Rights

We will never disclose your personal data to external third parties (who are not part of our network of Venues) for marketing purposes. We will from time to time send you promotions through the Application based on your use of the Application. Specific examples might include: a 20% discount on hot beverages, a buy one get one free offer on snacks, or a temporary discount for using a specific Venue. You have the right to ask us not to include you in these promotions. You can also exercise the right at any time by contacting us at support@dynamify.com or updating your account profile where you have access to toggle marketing offers on or off whenever you like.

You have the right to ask us to delete your account on the Application at any point you choose - which would include removing any personal data we hold on our servers. Please contact support@dynamify.com if you would like to exercise this right.

The Application may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Access to Information

The Act on the Protection of Personal Information (the Act) gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request may be subject to a fee of 1,000 JPY to meet our costs in providing you with details of the information we hold about you.

Changes to Our Privacy Policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy policy.

Contact

Questions, comments and requests regarding this privacy policy should be sent by email to support@dynamify.com.

Last Updated: 1st April 2019

Everyday Online Privacy policy (United States)

The following information is provided to you to inform you of Sodexo Inc. commitments in terms of Personal data protection. Sodexo Inc. belongs to Sodexo Group (hereafter “SODEXO”).  

SODEXO builds strong, lasting relationships with its customers, partners and consumers based on mutual trust: making sure that their Personal data is safe and remains confidential is an absolute priority for SODEXO.

SODEXO is committed to comply with all applicable regulatory and legal provisions governing the protection of Personal data.

SODEXO enforces a very strict privacy policy to guarantee the protection of the Personal data of those who use its websites, portals, applications, and platforms (our “Sites”):
•       Users remain in control of their own data. The data is processed in a transparent, confidential and secure manner.
•       SODEXO is committed to a continuing quest to protect its users’ Personal data in accordance with the applicable local regulation regarding Personal data Protection and Privacy.
•       SODEXO has a Global Data Protection Office dedicated to data protection, supported by a network of local data protection single points of contact or data protection officers.

PURPOSE OF THIS POLICY

SODEXO takes the protection of your Personal data very seriously.  

We have developed this policy to inform you of the conditions under which we collect, process, use and protect your Personal data on our App and in the context of the services provided by Sodexo Inc. (the "Services"). This policy covers all users, including those who use the App and the Services without being registered or subscribing to a specific service or account (hereinafter collectively, the "Users").  

Please read it carefully to familiarize yourself with the categories of Personal data that are subject to collection and processing, how we use this Personal data and with whom we are likely to share it. This policy also describes your rights and how you can get in touch with us to exercise these rights or to ask us any questions you might have concerning the protection of your Personal data.

This policy may be amended, supplemented or updated, in particular to comply with any legal, regulatory, case law or technical developments that may arise. However, your Personal data will always be processed in accordance with the policy in force at the time of the data collection, unless a compulsory legal prescription determines otherwise and must be enforced retroactively.

IDENTITY AND CONTACT DETAILS OF THE CONTROLLER

The data Controller is:
Sodexo Inc,
Registered in the United States,
Registered office at 915 Meeting Street, Suite 1500 North Bethesda, MD 20852, USA
Email: privacy.noram@sodexo.com

Definitions

  • “Account”  - The User’s dedicated personal area within the App, which he or she accesses when he or she registers and connects to the App. It enables the User to access the Services.

    “Controller”  -The Sodexo entity which determines the purposes and means of the processing of personal data. “Cookies”                                                         As defined in the     Cookie Policy

    “Personal data”- Means any information relating to an identified natural person or one that can be directly or indirectly identified by reference to an identification number or to one or more factors specific to this person.  

    “Processing” - Any operation or set of operations which is performed on Personal data or on sets of Personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

    “Processor” - A legal person which processes personal data on behalf of the controller.

    “App” - The Everyday application of Sodexo Inc.  available on the AppStore and Google Play

    “us” “we” or “our” - Sodexo Inc. (hereinafter “Sodexo Inc.”), acting as controller

    “you” or “Users" - Any App user.

COLLECTION AND SOURCE OF PERSONAL DATA

We will most likely collect your Personal data directly (in particular via the data collection forms on our App) or indirectly via our service providers and/or technologies on our App.

We will obtain your consent and/or to allow you to refuse the use of your data for certain purposes whenever necessary.

You will in any event be informed of the purposes for which your data is collected via the various online data collection forms and via the Cookie Policy.

TYPES OF PERSONAL DATA COLLECTED AND USED BY US

We may specifically collect and process the following types of Personal data:
- the information that you provide when filling in the forms on the App, or corresponding with us by phone, email or via the app, (for example, for subscription purposes, to participate in surveys, for marketing purposes, when downloading the application, etc.)
- the information that you provide for authentication purposes;
- the information that you provide for order fulfillment or to receive a service
-  the data relating to your purchases such as products, quantity, price, billing and delivery addresses including health information about you only where you volunteer and consent to this, for example if you report any specific food preferences;
-  the transaction data such as payment information and credit/debit card information that is transmitted directly to third parties who process your requests (a “Payment Processor”);
- the information provided via “posts”, comments or other content that you post on the App, or when you use the chat function on our App;
- the information regarding your location at a specific moment (where activated and you have agreed to this on your mobile device) so that the appropriate venues serving your physical location (office or otherwise) can be shown in the App;
- your preferences in receiving marketing from us and our third parties and your communication preferences
- information collected through Cookies as defined in our Cookie Policy.

Personal data identified by an asterisk in the data collection forms is compulsory as these are necessary to fulfill any orders placed.In the absence of this compulsory information, these transactions cannot be processed.

We may combine this information with information we receive from other sources. We may use this information and the combined information for the purposes set out below (depending on the types of information we receive).

Please find details of the different data collected for the various purposes in the chart (Annex 1).

PURPOSES FOR WHICH WE USE PERSONAL DATA

Personal data may be collected for the following general purposes (a more precise description of the processing of your data can be found in the Annex 1 below):  
·       Cookies
·       Account creation and management
·       Customer Relationship Management
·       Marketing Management
·       Legal Obligation  

In addition, please note that you have the option to click on the dedicated icons of social networks such as Twitter, Facebook, LinkedIn, etc. that appear on our App.

When you click on these icons, we may have access to the Personal data that you have made public and accessible via your profiles on the social networks in question. We neither create nor use any separate databases from these social networks based on the Personal data that you have published there, and we do not process any Personal data relating to your private life through these means.

If you do not want us to have access to your Personal data published in the public spaces of your profile or your social accounts, then you should use the procedures provided by the social networks in question to limit access to this information.

These links to other websites should not be considered as navigation tracking and we decline any responsibility concerning the Personal data protection practices implemented by these third-party companies, each of which acts as a separate Controller of your Personal data on their own perimeter. Once you leave our App or click on the logo/link to one of these social networks, it is your responsibility to check the privacy policy applicable to that other platform.

LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

We process your Personal data as part of the performance and management of our contractual relationship with you, in our legitimate interest to improve the quality and operational excellence of the Services we offer to you or in compliance with certain regulatory obligations depending on the purpose of processing as identified in the chart in Annex 1.

Your Personal data may also be processed based on your prior consent in the event that under certain circumstances, your consent would be requested (e.g., regarding health data or for certain communication sent you way or certain types of Cookies).  

Please find more information about the legal basis for each of our processing in the Annex 1 below.

DISCLOSURE OF PERSONAL DATA

The security and confidentiality of your Personal data is of great importance to us. This is why we restrict access to your Personal data, through different access levels, only to members of our staff and only to the extent strictly necessary to process your orders or to provide the requested Services. We ensure that persons authorized to process the Personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

We will not disclose your Personal data to any unauthorized third parties. We may, however, share your Personal data with entities within SODEXO and with authorized service providers (for example: technical service providers [hosting, maintenance], consultants, etc.) whom we may call upon for the purpose of providing our Services.

In addition, we will need to pass your details to the Payment Processor in order for you to make payments on the App.

We ensure that every disclosure of your Personal data to an authorized service provider is framed by a data processing agreement, reflecting the commitments laid out in this policy. We do not authorize our service providers to use or disclose your data, except to the extent necessary to deliver the Services on our behalf or to comply with legal obligations. Furthermore, we may share your Personal data (i) if the law or a legal procedure requires us to do so, (ii) in response to a request by public authorities or other officials or (iii) if we are of the opinion that transferring these data is necessary or appropriate to prevent any physical harm or financial loss or in respect of an investigation concerning a suspected or proven unlawful activity.

STORAGE PERIOD OF YOUR PERSONAL DATA

We will store your Personal data only for as long as necessary to fulfill the purposes for which it was collected and processed. This period may be extended, if applicable, for any amount of time prescribed by any legal or regulatory provisions that may apply. To determine the retention period of your Personal data, we take into consideration several criteria such as:
·       The purpose for which we hold your Personal data (e.g., when you purchase products on our App, we keep your Personal data for the duration of our contractual relationship);
·       Our legal and regulatory obligations in relation to that Personal data (e.g., accounting reporting obligations);
·       Whether you are an active user of our Services, you continue to receive marketing communications, or you regularly browse or purchase off our Sites or whether you do not open our emails or visit our Sites; For instance, if you have agreed to receive marketing communications, we keep your Personal data until you: (i) unsubscribe from receiving marketing communications (ii) request we delete your Personal data, or (iii) after a period of inactivity (i.e. where you have not interacted with us for a period of time). This period is defined in accordance with local regulations and guidance
;·       Any specific requests from you in relation to the deletion of your Personal data or Account;
·       Any statutory limitation periods allowing us to manage our own rights, for example the defense of any legal claims in case of litigation; and
·       Any local regulations or guidance (e.g., regarding cookies). Please find more information about the storage period of your Personal data in Annex 1 below.

SENSITIVE PERSONAL DATA

As a general rule, we do not collect sensitive Personal data via our App. “Sensitive Personal data” refers to any information concerning a person’s racial or ethnic origins, political opinions, religious or philosophical beliefs, union membership, health data or data relating to the sexual life or the sexual orientation of a natural person. This definition also includes personal data relating to criminal convictions and offenses.

Nonetheless, you can, on a voluntary basis provide information regarding your food or dietary preferences. We only collect this data strictly to achieve the purpose for which the processing is performed, and we do so in accordance with local legal requirements for the protection of Personal data and, in particular, with your explicit prior consent and under the conditions described in this policy.  

TRANSFER OF PERSONAL DATA

As SODEXO is an international group, your Personal data may be transmitted to internal or external recipients that are authorized to perform Services on our behalf. Some of these recipients are located in countries outside of the European Union or the European Economic Area which do not offer an adequate level of Personal data protection.

To guarantee the security and confidentiality of Personal data thus transmitted, we will take all necessary measures to ensure that this data receives adequate protection, such as entering into data transfer agreements with the recipients of your personal data based on the European Commission's standard contractual clauses (“EU SCCs”) or other valid transfer mechanisms and we carry out, in accordance with the European Court of Justice's decision of 16 July 2020 "Schrems II" (Case C 311-18) and with the guidance of the European Data Protection Board, a risk assessment of the transferred data.

In addition, all entities of SODEXO have entered into an Intra-Group Data Processing Agreement, based on the EU SCCs, that provides for an equivalent protection of Personal data by all entities of SODEXO wherever it is established.
You can use this form to make a request: click here

This electronic system allows you to log in and see the progress of your request, see and send messages and review your documents securely. This system is called One Trust and after making the request you will be sent details about how to log on.

Alternatively, you can also send your request by email to privacy.noram@sodexo.com. The team will liaise with you about how you to contact you about your request and receive information.  Please note that it is usually necessary to arrange a telephone appointment to discuss your request once it has been made.

If you wish to unsubscribe to marketing emails communications, you can also do so by using the unsubscribe function on the email.

YOUR RIGHTS

SODEXO is committed to ensure protection of your rights under applicable laws. You will find below a table summarizing your different rights:
RIGHT OF ACCESS You can request a copy of the Personal data we hold about you. You may also request rectification of inaccurate Personal data, or to have incomplete Personal data completed. data, or to have incomplete Personal data completed.
RIGHT TO ERASURE Your right to be forgotten entitles You to request the erasure of your Personal data in cases where:
  1. the data is no longer necessary in relation for the purposes of its collection or processing;
  2. You choose to withdraw your consent;
  3. You object to the processing by automated means using technical specifications;
  4. your Personal data has been unlawfully processed;
  5. there is a legal obligation to erase your Personal data;
  6. erasure is required to ensure compliance with applicable laws.
RIGHT TO RESTRICTION OF PROCESSING You may request the restriction of processing in the cases where:
  1. You contest the accuracy of the Personal data;
  2. Sodexo no longer needs the Personal data, for the purposes of the processing;
  3. You have objected to processing for legitimate reasons.
RIGHT TO DATA PORTABILITY You can request, where applicable, the portability of your Personal data that you have provided to SODEXO, in a structured, commonly used, and machine-readable format you have the right to transmit this data to another Controller without hindrance from SODEXO where:
  1. the processing of your Personal data is based on consent or on a contract; and
  2. the processing is carried out by automated means.
You can also request to transmit directly your Personal data to a third party of your choice (where technically feasible).
RIGHT TO OBJECT TO PROCESSING You may object (i.e. exercise your right to “opt-out”) to the processing of your Personal data particularly in relation to profiling or to marketing communications. When we process your Personal data on the basis of your consent, you can withdraw your consent at any time.
RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISIONS You have the right not to be subject to a decision based solely on automated processing, including profiling, which has a legal affect upon you or significantly affects you.
RIGHT TO LODGE A COMPLAINT You can choose to lodge a Complaint with the Data Protection Supervisory Authority in the country of your habitual residence, place of work or place of the alleged infringement, regardless of whether you have suffered damages. You have also the right to lodge your Complaint before the courts where Sodexo Inc. has an establishment or where you have your habitual residence.

SECURITY

We implement all possible technical and organizational security measures to ensure security and confidentiality in processing your Personal data in accordance with Our Group Information & Systems Security Policy.

To this end, we take all necessary precautions given the nature of the Personal data and the risks related to its processing, in order to maintain data security and in particular to prevent distortion, damage or unauthorized third-party access (physical protection of the premises, authentication procedures with personal, secured access via identifiers and confidential passwords, a connection log, encryption of certain data, etc.).

In addition, if we contract with Processors for all or part of the Processing of your Personal data, we require a contractual agreement from our service providers to guarantee the security and confidentiality of the Personal data that we transmit to them or that they collect on our behalf, in accordance with the applicable regulations on the protection of Personal data. We regularly conduct audits to verify the proper operational application of the rules relating to the security of your Personal data.

Nevertheless, you also have a responsibility to ensure the security and confidentiality of your Personal data, so we invite you to remain vigilant, especially when using an open system such as the Internet.

LINKS TO OTHER SITES

Occasionally, we provide links to other platforms for practical and informative purposes. These platforms operate independently from our App and are not under our control. These platforms have their own privacy policy or terms of use which we strongly advise you to read. We do not accept any liability with regards to the content on these platforms, for the products and services that may be offered there or for any other use thereof.

UPDATES OF OUR ONLINE PRIVACY POLICY

We may update or amend this policy as and when needed. In this case, amendments will only become applicable after a period of 30 business days from the date of the amendment. Please consult this page from time to time if you want to be informed of any possible changes.


Last updated: 27 July 2022

General purpose

Purpose of the Processing

Personal data collected

Legal basis of the Processing

Retention of the Personal data

Website and application management

For more information on the processing of your Personal data in the specific context of Cookies we invite you to consult our Cookie Policy

Account creation and Management

Register you as a user and create an account for you on our App

Name

Email

ID user and

Password

Date of Birth

Age

Gender

Phone

Employee ID

Information on the place of work

Food Preferences

 

Performance of a contract to which the data subject is party

We will delete your Personal data in your customer account(s) after twelve (12) months of inactivity/closure of the account unless it is required to kept for a legal reason.

Process and deliver your order

Name

Email

Information on your order

Location data

Information on the place of work

Food Preferences

Performance of a contract to which the data subject is party

We will keep your Personal data for the duration of our commercial relationship, after which only the data necessary for pre-litigation or litigation purposes will be archived until the legal prescription is acquired.

The usual limitation period in civil and commercial matters is three (3) years. In the event of a dispute, this data is kept for the duration of the procedure and until the expiration of ordinary and extraordinary remedies.

Allow you to pay your order on Our App

Name

Transaction Data

Credit Card Information data

Performance of a contract to which the data subject is party

For the duration fixed by the Payment Processor, which is the Controller for this purpose.

Customer Relationship Management

Manage and monitor our relationships with existing and potential customers

Name

Email

Contract data

Contract and legitimate interest

We will keep your Personal data for the duration of our commercial relationship, after which only the data necessary for pre-litigation or litigation purposes will be archived until the legal prescription is acquired.

The usual limitation period in civil and commercial matters is three (3) years. In the event of a dispute, this data is kept for the duration of the procedure and until the expiration of ordinary and extraordinary remedies.

Respond to your requests for information, searches, newsletter and other content.

Name

Email

Information on your request

Legitimate interest and consent

For the time needed to respond to your requests and to keep an historic until twelve (12) months of inactivity/closure of the account.

 

Access whether you are eligible for certain products and Services

Name

Email

Age

Information on the place of work

Food Preferences

Contract

Legitimate interest

We will keep your Personal data for the period necessary to carry out those checks

Marketing Management

Conduct surveys and gather statistics

Name

Email

Legitimate interest

We will keep your data for a period of three (3) years from the last contact you initiated

Manage, organize and improve of the competitions and related promotional operations

Name

Email

Consent

We will keep your data for a period of three (3) years after the end of the competition or the draw.

Send newsletter

Name

Email

Consent

We will send you our newsletter until you unsubscribe.

Send commercial communications about products and services that may be of interest to you

Name

Email

Location data

Food Preferences

Consent

If you are one of our customers, these communications may be sent to you for the duration of our commercial relationship, then for three (3) years after the end of this relationship or of the last contact you initiated.

 

If you are not yet sure whether you want to benefit from our products and services, and you are still in the prospecting phase, we can send you communications on our offers and products for a period of three (3) years from the last contact you initiated.

To carry out data analytics and statistical analysis to monitor the quality and operational excellence of Our services and the App

 

Usage data

Consent

Legitimate interest

If you are one of our customers, these communications may be sent to you for the duration of our commercial relationship, then for three (3) years after the end of this relationship or of the last contact you initiated.

 

If you are not yet sure whether you want to benefit from our products and services, and you are still in the prospecting phase, we can send you communications on our offers and products for a period of three (3) years from the last contact you initiated.

Comply with legal obligation

Prevent potential fraud and ensure the security of Our IT systems

Name

Email

Transaction Data

Information on your order

Legal obligations

Legitimate interest

We will keep your Personal data for the duration of the procedure, plus the period of acquisition of legal requirements.

The usual limitation period in civil and commercial matters is three (3) years from the end of the contract.

CHARGE PRIVACY POLICY (United States - Marines)

(Last updated September 28th 2023)

Sodexo takes the protection of your personal data very seriously.

Thank you for visiting. At Sodexo, we recognize the importance of protecting your privacy. Sodexo adheres to the policies and practices described in this Privacy Policy for the treatment, use and protection of the information provided to us by users of this mobile application.

By interacting with Sodexo through this mobile application, you consent to the use of information that is collected or submitted as described in this Privacy Policy. We may make changes or add to this Privacy Policy, so we encourage you to review it periodically.

DEFINITIONS

“Personal data” means any information relating to an identified natural person or one that can be directly or indirectly identified by reference to an identification number or to one or more factors specific to this person. Personal data will share the same definition as “Personally Identifiable Information.

”“us” or “our”   means those entities of Sodexo that are based in the United States or Canada (hereinafter designated as “Sodexo”) for all dimensions and activities.

“you”  means any application user/visitor.

“Application” means the mobile application where this policy is linked.

INFORMATION COLLECTION

We may use Personal data to operate, administer and improve the Application, deliver the services or carry out the transactions you request, improve our services, provide you with more effective customer service, perform research and analysis aimed at improving our products, services and technologies, satisfy our legitimate business interests (including performing trend analysis and market studies), display content and advertising that are customized to your interests and preferences, and comply with government regulations.

We may also use Personal data about you to communicate with you about the Application, and additional products and services you may find of value. To do all of this, we combine personal and non-Personal data, collected online and offline, including information from third party sources.

We undertake to obtain your consent and/or to allow you to refuse the use of your data for certain purposes whenever necessary.

You will in any event be informed of the purposes for which your data are collected via the various online data collection forms.

We may collect information both directly and indirectly from you when you:
- access or use our Applications, mobile applications, and online services or programs where this Privacy Policy is posted or linked;
- contact or communicate with us;
- create an account with us;
- register for any event or program, and/or participate in any event, program, contest, surveys, or other promotion that we may offer from time to time (collectively, "Promotions");
- access or use of the Application or accounts on any third-party social media platforms such as Facebook, Twitter, Pinterest, Instagram, etc. ("Social Media Pages");
- sign-up for communications (e.g., email, social, notifications, SMS from us);
- provide or submit comments, stories, suggestions, or other content or input to us;
- and/orotherwise interact with us and the Application.

On this Application, if provided by the user, we may specifically collect and process the following types of personal data:This information may include:
- your name;
- your email address;
- our phone number(s;
- other personal or preference information you provide to us in open text boxes; and information you submit about other people, for example, if an employee is identified in the feedback provided.

Personal data identified by an asterisk in the data collection forms are compulsory as these are necessary to fulfill any orders placed. In the absence of this compulsory information, these transactions cannot be processed.

We may combine any of the information collected about you for the purposes described in this Privacy Policy

Opt Out

  • When you create an account and provide your email address, we will periodically send you administrative e-mails, free newsletters, and e-mails that directly promote the use of our Application or services. When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly (please see contact information below). Despite your indicated e-mail preferences, we may send you administrative emails, including notices of any updates to our Terms or Privacy Policy. If you wish to opt out of administrative emails, you must delete your account entirely and cease use of the service.

DISCLOSURE OF PERSONAL DATA

The security and confidentiality of your personal data are of great importance to us. This is why we restrict access to your personal data only to members of our staff who need to have this information in order to process your orders or to provide the requested service.

We will not disclose your personal data to any unauthorized third parties. We may, however, share your personal data with entities within the Sodexo group and with authorized service providers (for example: technical service providers hosting, maintenance, consultants, etc.) whom we may call upon for the purpose of providing our services. We do not authorize our service providers to use or disclose your data, except to the extent necessary to deliver the services on our behalf or to comply with legal obligations. Furthermore, we may share personal data concerning you (i) if the law or a legal procedure requires us to do so, (ii) in response to a request by public authorities or other officials or (iii) if we are of the opinion that transferring these data is necessary or appropriate to prevent any physical harm or financial loss or in respect of an investigation concerning a suspected or proven unlawful activity.

We may partner with third parties to provide advertisements to visitors through the Application. These third parties are only provided the information necessary to perform their services and are only permitted to use such information for the provision of such services. We may also aggregate general statistics that we gather about visitors, sales, traffic patterns, and services and provide these statistics to third parties; however, when we do, these statistics will not include any Personal data that identifies individuals.

We do not sell, as defined under the California Consumer Protection Act of 2018 (“CCPA”), your Personal data to third parties.

California Resident Data Rights

The CCPA provides consumers (California residents) with specific rights regarding their personal information. For information regarding the rights for California residents, please see https://oag.ca.gov/privacy/ccpa.For California residents to make a data access request, please utilize one of the following optio
- email Privacy.noram@sodexo.com;
- call our toll-free line at 833-955-1494;
- fill out our CCPA Data Subject Request form at https://privacyportal-eu-cdn.onetrust.com/dsarwebform/c51cde17-e99e-4699-80ce-892748f9ad1a/c603db2f-2a85-4ad8-9e51-c0441dc0cd81.html;
- or send a letter to: Sodexo Office of Ethics, Compliance & Privacy, 915 Meeting Street, Suite 1500 North Bethesda, MD 20852, USA

STORAGE PERIOD OF YOUR PERSONAL DATA

We will store your Personal data only for as long as necessary to fulfill the purposes for which it was collected and processed. This period may be extended, if applicable, for any amount of time prescribed by any legal or regulatory provisions that may apply.

CALIFORNIA’S DO NOT TRACK NOTICE

Sodexo does not support Do Not Track browser settings and does not currently participate in any Do Not Track frameworks that would allow any of our Applications to respond to signals or other mechanisms from you regarding the collection of your Personal data. However, our Applications do not track any personally identifiable information on our Applications unless you intentionally provide it to us (such as when you create an account, request customer service or make a purchase).

SODEXO’S PRIVACY STATEMENT REGARDING CHILDREN

Our Application is intended for a general audience and are not directed to children under the age of 13. Please contact us if you believe that we may have collected information from your child and we will work to delete it.

USER GENERATED CONTENT

We will store your Personal data only for as long as necessary to fulfill the purposes for which it was collected and processed. This period may be extended, if applicable, for any amount of time prescribed by any legal or regulatory provisions that may apply. To determine the retentioSodexo online services may allow users to post messages and submit their own content (e.g., stories, comments, blogs, postings, etc.), which may include Personal data. You are responsible for all actions resulting from any information, including Personal data, which you post on Sodexo’s online resources. Please remember that any information you post becomes public information, is not subject to this Privacy Policy, and Sodexo is not responsible for the results of such postings.n period of your Personal data, we take into consideration several criteria such as:
·       The purpose for which we hold your Personal data (e.g., when you purchase products on our App, we keep your Personal data for the duration of our contractual relationship);
·       Our legal and regulatory obligations in relation to that Personal data (e.g., accounting reporting obligations);
·       Whether you are an active user of our Services, you continue to receive marketing communications, or you regularly browse or purchase off our Sites or whether you do not open our emails or visit our Sites; For instance, if you have agreed to receive marketing communications, we keep your Personal data until you: (i) unsubscribe from receiving marketing communications (ii) request we delete your Personal data, or (iii) after a period of inactivity (i.e. where you have not interacted with us for a period of time). This period is defined in accordance with local regulations and guidance
;·       Any specific requests from you in relation to the deletion of your Personal data or Account;
·       Any statutory limitation periods allowing us to manage our own rights, for example the defense of any legal claims in case of litigation; and
·       Any local regulations or guidance (e.g., regarding cookies). Please find more information about the storage period of your Personal data in Annex 1 below.

COMPLIANCE WITH LAW AND LEGAL REQUESTS

Sodexo may disclose Personal data about you as required by law. In addition, Sodexo may disclose Personal data about you in the unlikely event Sodexo deems release necessary to protect Sodexo legal rights or to protect the personal safety of users of the Application or members of the public.

BUSINESS TRANSFERS

In the event that all or a portion of Sodexo, or substantially all the assets of Sodexo, is sold to another business entity, personally identifiable information collected from the Application will likely be among the assets transferred to such business entity

MOBILE APPLICATIONS

In addition to the information described above, we and our third-party service providers may collect additional information when you utilize any of our mobile applications, including the type of mobile device you use, the temporary or persistent unique device identifiers (sometimes called UDID), the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use our mobile applications.If you utilize any of the location-based services in our mobile applications we and our third-party service providers may collect, use, and share location data, including the real-time geographic location of your device. We use such information to provide and improve location-based products and services. You may opt-out from further allowing us to have access to your location data by adjusting the permissions in your mobile device.

INFORMATION SECURITY

We seek to keep your Personal data secure and implement reasonable technical, administrative, and physical safeguards to help us protect such information from unauthorized access, use, and disclosure. We also request that our third-party service providers use commercially reasonable security measures to protect your information from unauthorized access or use. However, no method of electronically transmitting or storing data is ever completely secure, and therefore, we cannot guarantee that your information will never be accessed, used, or disclosed in a manner that is inconsistent with this Privacy Policy.

QUESTIONS AND FEEDBACK

If you have any questions or comments with regard to this policy, please do not hesitate to contact us at the following address privacy.noram@sodexo.com or contact our Group Data Protection Officer by sending an email at the following email address: dpo.group@sodexo.com

Purpose of this Privacy Policy (Canada)

The following information is provided to you to inform you of Sodexo Canada, Ltd. commitments in terms of Personal data protection. Sodexo Canada, Ltd. belongs to Sodexo Group (hereafter “SODEXO”).  

SODEXO builds strong, lasting relationships with its customers, partners and consumers based on mutual trust: making sure that their Personal data is safe and remains confidential is an absolute priority for SODEXO.

SODEXO is committed to comply with all applicable regulatory and legal provisions governing the protection of Personal data.

SODEXO enforces a very strict privacy policy to guarantee the protection of the Personal data of those who use its websites, portals, applications, and platforms (our “Sites”):
•       Users remain in control of their own data. The data is processed in a transparent, confidential and secure manner.
•       SODEXO is committed to a continuing quest to protect its users’ Personal data in accordance with the applicable local regulation regarding Personal data Protection and Privacy.
•       SODEXO has a Global Data Protection Office dedicated to data protection, supported by a network of local data protection single points of contact or data protection officers.

PURPOSE OF THIS POLICY

SODEXO takes the protection of your Personal data very seriously.  

We have developed this policy to inform you of the conditions under which we collect, process, use and protect your Personal data on our App and in the context of the services provided by Sodexo Inc. (the "Services"). This policy covers all users, including those who use the App and the Services without being registered or subscribing to a specific service or account (hereinafter collectively, the "Users").  

Please read it carefully to familiarize yourself with the categories of Personal data that are subject to collection and processing, how we use this Personal data and with whom we are likely to share it. This policy also describes your rights and how you can get in touch with us to exercise these rights or to ask us any questions you might have concerning the protection of your Personal data.

This policy may be amended, supplemented or updated, in particular to comply with any legal, regulatory, case law or technical developments that may arise. However, your Personal data will always be processed in accordance with the policy in force at the time of the data collection, unless a compulsory legal prescription determines otherwise and must be enforced retroactively.

IDENTITY AND CONTACT DETAILS OF THE CONTROLLER

The data Controller is:
Sodexo Canada, Ltd.
Registered in the Ontario, Canada,Registered office at 5420, North Service Road, Suite 501, Burlington, Ontario, L7L 6C7, Canada.
Email: privacy.noram@sodexo.com

DEFINITIONS

Account”  - The User’s dedicated personal area within the App, which he or she accesses when he or she registers and connects to the App. It enables the User to access the Services.

Controller”  The Sodexo entity which determines the purposes and means of the processing of personal data. “Cookies”                                                         As defined in the Cookie Policy

Personal data” - Means any information relating to an identified natural person or one that can be directly or indirectly identified by reference to an identification number or to one or more factors specific to this person.  

Processing” -Any operation or set of operations which is performed on Personal data or on sets of Personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Processor” - A legal person which processes personal data on behalf of the controller.

App”- The Everyday application of Sodexo Inc.  available on the AppStore and Google Play

us” “we” or “our”  - Sodexo Canada, Ltd. (hereinafter “Sodexo Canada”), acting as controller

you” or “Users”  - Any App user.

COLLECTION AND SOURCE OF PERSONAL DATA

We will most likely collect your Personal data directly (in particular via the data collection forms on our App) or indirectly via our service providers and/or technologies on our App.

We will obtain your consent and/or to allow you to refuse the use of your data for certain purposes whenever necessary.

You will in any event be informed of the purposes for which your data is collected via the various online data collection forms and via the Cookie Policy.

TYPES OF PERSONAL DATA COLLECTED AND USED BY US

We may specifically collect and process the following types of Personal data:

-        the information that you provide when filling in the forms on the App, or corresponding with us by phone, email or via the app, (for example, for subscription purposes, to participate in surveys, for marketing purposes, when downloading the application, etc.)-        the information that you provide for authentication purposes;
-        the information that you provide for order fulfillment or to receive a service
-        the data relating to your purchases such as products, quantity, price, billing and delivery addresses including health information about you only where you volunteer and consent to this, for example if you report any specific food preferences;
-        the transaction data such as payment information and credit/debit card information that is transmitted directly to third parties who process your requests (a “Payment Processor”);
-        the information provided via “posts”, comments or other content that you post on the App, or when you use the chat function on our App;
-        the information regarding your location at a specific moment (where activated and you have agreed to this on your mobile device) so that the appropriate venues serving your physical location (office or otherwise) can be shown in the App;
-        your preferences in receiving marketing from us and our third parties and your communication preferences
-        information collected through Cookies as defined in our Cookie Policy.

Personal data identified by an asterisk in the data collection forms is compulsory as these are necessary to fulfill any orders placed. In the absence of this compulsory information, these transactions cannot be processed. We may combine this information with information we receive from other sources.

We may use this information and the combined information for the purposes set out below (depending on the types of information we receive).

Please find details of the different data collected for the various purposes in the chart (Annex 1).

PURPOSES FOR WHICH WE USE PERSONAL DATA

Personal data may be collected for the following general purposes (a more precise description of the processing of your data can be found in the Annex 1 below):  
·       Cookies
·       Account creation and management
·       Customer Relationship Management
·       Marketing Management
·       Legal Obligation

In addition, please note that you have the option to click on the dedicated icons of social networks such as Twitter, Facebook, LinkedIn, etc. that appear on our App.

When you click on these icons, we may have access to the Personal data that you have made public and accessible via your profiles on the social networks in question. We neither create nor use any separate databases from these social networks based on the Personal data that you have published there, and we do not process any Personal data relating to your private life through these means.

If you do not want us to have access to your Personal data published in the public spaces of your profile or your social accounts, then you should use the procedures provided by the social networks in question to limit access to this information.

These links to other websites should not be considered as navigation tracking and we decline any responsibility concerning the Personal data protection practices implemented by these third-party companies, each of which acts as a separate Controller of your Personal data on their own perimeter. Once you leave our App or click on the logo/link to one of these social networks, it is your responsibility to check the privacy policy applicable to that other platform.

LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

We process your Personal data as part of the performance and management of our contractual relationship with you, in our legitimate interest to improve the quality and operational excellence of the Services we offer to you or in compliance with certain regulatory obligations depending on the purpose of processing as identified in the chart in Annex 1. Your Personal data may also be processed based on your prior consent in the event that under certain circumstances, your consent would be requested (e.g., regarding health data or for certain communication sent you way or certain types of Cookies).  Please find more information about the legal basis for each of our processing in the Annex 1 below.

DISCLOSURE OF PERSONAL DATA

The security and confidentiality of your Personal data is of great importance to us. This is why we restrict access to your Personal data, through different access levels, only to members of our staff and only to the extent strictly necessary to process your orders or to provide the requested Services. We ensure that persons authorized to process the Personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

We will not disclose your Personal data to any unauthorized third parties. We may, however, share your Personal data with entities within SODEXO and with authorized service providers (for example: technical service providers [hosting, maintenance], consultants, etc.) whom we may call upon for the purpose of providing our Services.

In addition, we will need to pass your details to the Payment Processor in order for you to make payments on the App.

We ensure that every disclosure of your Personal data to an authorized service provider is framed by a data processing agreement, reflecting the commitments laid out in this policy. We do not authorize our service providers to use or disclose your data, except to the extent necessary to deliver the Services on our behalf or to comply with legal obligations. Furthermore, we may share your Personal data (i) if the law or a legal procedure requires us to do so, (ii) in response to a request by public authorities or other officials or (iii) if we are of the opinion that transferring these data is necessary or appropriate to prevent any physical harm or financial loss or in respect of an investigation concerning a suspected or proven unlawful activity.

STORAGE PERIOD OF YOUR PERSONAL DATA

We will store your Personal data only for as long as necessary to fulfill the purposes for which it was collected and processed. This period may be extended, if applicable, for any amount of time prescribed by any legal or regulatory provisions that may apply. To determine the retention period of your Personal data, we take into consideration several criteria such as: ·       The purpose for which we hold your Personal data (e.g., when you purchase products on our App, we keep your Personal data for the duration of our contractual relationship);
·       Our legal and regulatory obligations in relation to that Personal data (e.g., accounting reporting obligations);
·       Whether you are an active user of our Services, you continue to receive marketing communications, or you regularly browse or purchase off our Sites or whether you do not open our emails or visit our Sites; For instance, if you have agreed to receive marketing communications, we keep your Personal data until you: (i) unsubscribe from receiving marketing communications (ii) request we delete your Personal data, or (iii) after a period of inactivity (i.e. where you have not interacted with us for a period of time). This period is defined in accordance with local regulations and guidance;
·       Any specific requests from you in relation to the deletion of your Personal data or Account;
·       Any statutory limitation periods allowing us to manage our own rights, for example the defense of any legal claims in case of litigation; and
·       Any local regulations or guidance (e.g., regarding cookies). Please find more information about the storage period of your Personal data in Annex 1 below.

SENSITIVE PERSONAL DATA

As a general rule, we do not collect sensitive Personal data via our App. “Sensitive Personal data” refers to any information concerning a person’s racial or ethnic origins, political opinions, religious or philosophical beliefs, union membership, health data or data relating to the sexual life or the sexual orientation of a natural person. This definition also includes personal data relating to criminal convictions and offenses. Nonetheless, you can, on a voluntary basis provide information regarding your food or dietary preferences. We only collect this data strictly to achieve the purpose for which the processing is performed, and we do so in accordance with local legal requirements for the protection of Personal data and, in particular, with your explicit prior consent and under the conditions described in this policy.  

TRANSFER OF PERSONAL DATA

As SODEXO is an international group, your Personal data may be transmitted to internal or external recipients that are authorized to perform Services on our behalf. Some of these recipients are located in countries outside of the European Union or the European Economic Area which do not offer an adequate level of Personal data protection.

To guarantee the security and confidentiality of Personal data thus transmitted, we will take all necessary measures to ensure that this data receives adequate protection, such as entering into data transfer agreements with the recipients of your personal data based on the European Commission's standard contractual clauses (“EU SCCs”) or other valid transfer mechanisms and we carry out, in accordance with the European Court of Justice's decision of 16 July 2020 "Schrems II" (Case C 311-18) and with the guidance of the European Data Protection Board, a risk assessment of the transferred data. In addition, all entities of SODEXO have entered into an Intra-Group Data Processing Agreement, based on the EU SCCs, that provides for an equivalent protection of Personal data by all entities of SODEXO wherever it is established.

YOUR RIGHTS

SODEXO is committed to ensure protection of your rights under applicable laws. You will find below a table summarizing your different rights:

RIGHT OF ACCESS You can request a copy of the Personal data we hold about you. You may also request rectification of inaccurate Personal data, or to have incomplete Personal data completed. data, or to have incomplete Personal data completed.
RIGHT TO ERASURE Your right to be forgotten entitles You to request the erasure of your Personal data in cases where:
  1. the data is no longer necessary in relation for the purposes of its collection or processing;
  2. You choose to withdraw your consent;
  3. You object to the processing by automated means using technical specifications;
  4. your Personal data has been unlawfully processed;
  5. there is a legal obligation to erase your Personal data;
  6. erasure is required to ensure compliance with applicable laws.
RIGHT TO RESTRICTION OF PROCESSING You may request the restriction of processing in the cases where:
  1. You contest the accuracy of the Personal data;
  2. Sodexo no longer needs the Personal data, for the purposes of the processing;
  3. You have objected to processing for legitimate reasons.
RIGHT TO DATA PORTABILITY You can request, where applicable, the portability of your Personal data that you have provided to SODEXO, in a structured, commonly used, and machine-readable format you have the right to transmit this data to another Controller without hindrance from SODEXO where:
  1. the processing of your Personal data is based on consent or on a contract; and
  2. the processing is carried out by automated means.
You can also request to transmit directly your Personal data to a third party of your choice (where technically feasible).
RIGHT TO OBJECT TO PROCESSING You may object (i.e. exercise your right to “opt-out”) to the processing of your Personal data particularly in relation to profiling or to marketing communications. When we process your Personal data on the basis of your consent, you can withdraw your consent at any time.
RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISIONS You have the right not to be subject to a decision based solely on automated processing, including profiling, which has a legal affect upon you or significantly affects you.
RIGHT TO LODGE A COMPLAINT You can choose to lodge a Complaint with the Data Protection Supervisory Authority in the country of your habitual residence, place of work or place of the alleged infringement, regardless of whether you have suffered damages. You have also the right to lodge your Complaint before the courts where Sodexo Inc. has an establishment or where you have your habitual residence.
You can use this form to make a request : click here

This electronic system allows you to log in and track the progress of your request, see and send messages and review your documents securely.

This system is called One Trust and after making the request you will be sent details about how to log on.

Alternatively, you can also send your request by email to privacy.noram@sodexo.com. The team will liaise with you about how you to contact you about your request and receive information.  

Please note that it is usually necessary to arrange a telephone appointment to discuss your request once it has been made.

If you wish to unsubscribe to marketing emails communications, you can also do so by using the unsubscribe function on the email.

SECURITY

We implement all possible technical and organizational security measures to ensure security and confidentiality in processing your Personal data in accordance with Our Group Information & Systems Security Policy.

To this end, we take all necessary precautions given the nature of the Personal data and the risks related to its processing, in order to maintain data security and in particular to prevent distortion, damage or unauthorized third-party access (physical protection of the premises, authentication procedures with personal, secured access via identifiers and confidential passwords, a connection log, encryption of certain data, etc.).

In addition, if we contract with Processors for all or part of the Processing of your Personal data, we require a contractual agreement from our service providers to guarantee the security and confidentiality of the Personal data that we transmit to them or that they collect on our behalf, in accordance with the applicable regulations on the protection of Personal data.

We regularly conduct audits to verify the proper operational application of the rules relating to the security of your Personal data.

Nevertheless, you also have a responsibility to ensure the security and confidentiality of your Personal data, so we invite you to remain vigilant, especially when using an open system such as the Internet.

LINKS TO OTHER SITES

Occasionally, we provide links to other platforms for practical and informative purposes. These platforms operate independently from our App and are not under our control. These platforms have their own privacy policy or terms of use which we strongly advise you to read. We do not accept any liability with regards to the content on these platforms, for the products and services that may be offered there or for any other use thereof.

UPDATES OF OUR ONLINE PRIVACY POLICY

We may update or amend this policy as and when needed. In this case, amendments will only become applicable after a period of 30 business days from the date of the amendment. Please consult this page from time to time if you want to be informed of any possible changes.
Last updated: 27 July 2022




General purpose

Purpose of the Processing

Personal data collected

Legal basis of the Processing

Retention of the Personal data

Website and application management

For more information on the processing of your Personal data in the specific context of Cookies we invite you to consult our Cookie Policy

Account creation and Management

Register you as a user and create an account for you on our App

Name

Email

ID user and

Password

Date of Birth

Age

Gender

Phone

Employee ID

Information on the place of work

Food Preferences

 

Performance of a contract to which the data subject is party

We will delete your Personal data in your customer account(s) after twelve (12) months of inactivity/closure of the account unless it is required to kept for a legal reason.

Process and deliver your order

Name

Email

Information on your order

Location data

Information on the place of work

Food Preferences

Performance of a contract to which the data subject is party

We will keep your Personal data for the duration of our commercial relationship, after which only the data necessary for pre-litigation or litigation purposes will be archived until the legal prescription is acquired.

The usual limitation period in civil and commercial matters is three (3) years. In the event of a dispute, this data is kept for the duration of the procedure and until the expiration of ordinary and extraordinary remedies.

Allow you to pay your order on Our App

Name

Transaction Data

Credit Card Information data

Performance of a contract to which the data subject is party

For the duration fixed by the Payment Processor, which is the Controller for this purpose.

Customer Relationship Management

Manage and monitor our relationships with existing and potential customers

Name

Email

Contract data

Contract and legitimate interest

We will keep your Personal data for the duration of our commercial relationship, after which only the data necessary for pre-litigation or litigation purposes will be archived until the legal prescription is acquired.

The usual limitation period in civil and commercial matters is three (3) years. In the event of a dispute, this data is kept for the duration of the procedure and until the expiration of ordinary and extraordinary remedies.

Respond to your requests for information, searches, newsletter and other content.

Name

Email

Information on your request

Legitimate interest and consent

For the time needed to respond to your requests and to keep an historic until twelve (12) months of inactivity/closure of the account.

 

Access whether you are eligible for certain products and Services

Name

Email

Age

Information on the place of work

Food Preferences

Contract

Legitimate interest

We will keep your Personal data for the period necessary to carry out those checks

Marketing Management

Conduct surveys and gather statistics

Name

Email

Legitimate interest

We will keep your data for a period of three (3) years from the last contact you initiated

Manage, organize and improve of the competitions and related promotional operations

Name

Email

Consent

We will keep your data for a period of three (3) years after the end of the competition or the draw.

Send newsletter

Name

Email

Consent

We will send you our newsletter until you unsubscribe.

Send commercial communications about products and services that may be of interest to you

Name

Email

Location data

Food Preferences

Consent

If you are one of our customers, these communications may be sent to you for the duration of our commercial relationship, then for three (3) years after the end of this relationship or of the last contact you initiated.

 

If you are not yet sure whether you want to benefit from our products and services, and you are still in the prospecting phase, we can send you communications on our offers and products for a period of three (3) years from the last contact you initiated.

To carry out data analytics and statistical analysis to monitor the quality and operational excellence of Our services and the App

 

Usage data

Consent

Legitimate interest

If you are one of our customers, these communications may be sent to you for the duration of our commercial relationship, then for three (3) years after the end of this relationship or of the last contact you initiated.

 

If you are not yet sure whether you want to benefit from our products and services, and you are still in the prospecting phase, we can send you communications on our offers and products for a period of three (3) years from the last contact you initiated.

Comply with legal obligation

Prevent potential fraud and ensure the security of Our IT systems

Name

Email

Transaction Data

Information on your order

Legal obligations

Legitimate interest

We will keep your Personal data for the duration of the procedure, plus the period of acquisition of legal requirements.

The usual limitation period in civil and commercial matters is three (3) years from the end of the contract.

Privacy Policy (United Kingdom) - Purpose of this policy

This Privacy Policy (“Policy”) describes how we use and protect your personal data for the management of this app, who will have access to it and for what purposes, what your rights are and how you can get in touch with us to exercise these rights or to ask us any questions you might have concerning the protection of your personal data. If there is any conflict between this Policy and the data protection laws in your country, then such laws, where applicable, will prevail.

This Policy may be amended, supplemented or updated, to comply with any legal, regulatory, case law or technical developments that may arise.

What is the app?

The App is designed to facilitate contact-free ordering and payment of catering services.

The App is provided by Sodexo to customers for the express purpose of purchasing products and services.

Access to the personal data processed through the App is limited to Sodexo authorized persons on a need-to-know basis.

Definitions

“App” or “Application” means the consumer app called Everyday (formerly known as Twelve Pay) available on iOS and Android devices.

“Controller” means any natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal data.

“Personal data” means any information relating to an identified natural person or one that can be directly or indirectly identified by reference to an identification number or to one or more factors specific to this person.

“Us” or “Our” means Sodexo and its subsidiaries, insofar as it is concerned.

“You” any App user.

Identity and contact details of the controller

Sodexo Ltd, Registered No: 2987170, registered office at One Southampton Row, London, WC1B 5HA.  Email : DataProtection.UKandIE@Sodexo.com

Collection and source of personal data

We will most likely collect your Personal data directly (in particular via the data collection forms on the App).

We undertake to obtain your consent and/or to allow You to refuse the use of your Personal data for certain purposes whenever necessary.

What are the types of personal data collected and used by us?

We may collect and use the following categories of Personal data relating to you:
  • The information that You provide when filling in the forms on the App or corresponding with us by phone, email or via the app, (for example, for subscription purposes, to participate in surveys, for marketing and rewards purposes, etc.); This may include your name, email address, phone number , employer details ( e.g. organization, building, floor number) and personal description.
  • The information that You provide for authentication purposes your name and contact details (email and phone);
  • The information that You provide for order fulfillment or to receive a service;
  • Your dietary preferences including your food tastes, your dietary constraints (including allergens and more);
  • Your location data; (where activated and You have agreed to this on your mobile device) so that the appropriate venues serving your physical location (office or otherwise) can be shown in the Application.
  • Your transactional data;
  • Metadata and navigation data; (usage and permissions on the app)
  • Anonymised statistical data; With regard to each of your visits to the Application we may automatically collect information about your computer and/or your mobile device, including, where available, your IP address, operating system and browser type, for system administration and to report aggregate information. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
  • Payment Information ; In order to pay a bill using the Application, you will need to enter your payment information. Payment processing services are provided by a specialist third party provider called Stripe (the "Payments Processor").

Is it mandatory that I provide personal data to the app?

Yes, some personal data mandatory. If we do not get your Personal data, You will not be able to use the App and benefit from the services offered.

Some personal data is optional. For example, you can provide dietary and other information to receive a more personalized service, chose to provide your telephone number for customer service and chose whether to receive offers and news.

How and for which purposes will the personal data collected be used?

We use your Personal data specifically for the following purposes:
  • To manage your account and your access to the platform;
  • To communicate with You and to respond to your queries or requests;
  • To provide, deliver and improve the services and offers available on Our App;
  • To allow you to pay your order on Our App
  • To conduct satisfaction surveys and perform statistics analyses;
  • To make available to You or notify You about exclusive offers, products or services, unless objected by You;
  • To carry out data analytics and statistical analysis to monitor the quality and operational excellence of Our services and the App;
  • To manage Our contractual relationship with You;
  • To customize your experience on the App;
  • To prevent potential fraud and ensure the security of Our IT systems
  • To comply with Our legal and regulatory obligations
  • Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
  • Cookies. In order to improve the Application, or where necessary ( eg real time customer service chat or making payments) we may use small files commonly known as "cookies". A cookie is a small amount of data which often includes a unique identifier that is sent to your computer or mobile phone (referred to in this policy as a "device") from the Application and is stored on your device's hard drive. A cookie records on your device information relating to your internet activity (such as whether you have visited our website before). The cookies we use on the Application won't collect personally identifiable information about you and we won't disclose information stored in cookies that we place on your device to third parties.
  • Google Analytics. We use Google Analytics which is a web analytics service provided by Google Inc. in order to understand how visitors to the Application use the Application. The Google Analytics cookies collect information about how people are using the Application, for example which pages are visited the most often, how people are moving from one link to another and if they get error messages from certain pages. The cookies do not gather any information that identifies you. The information these cookies collect is grouped together with information from other people's use of the Application on an anonymous basis. Overall, these cookies provide us with analytical information about how the Application is performing and how we can improve our service.

On which legal basis will my personal data be collected and processed?

We may have to collect and process your Personal data where necessary for the performance of a contract to which You are subject as well as for Sodexo’s legitimate interests except where such interests are overridden by your interests or fundamental rights and freedoms. We will also rely on your consent to collect and process any sensitive Personal data. You will be able to withdraw your consent at any time.

To whom will the personal data be disclosed?

We will not disclose your Personal data to any unauthorized third parties. Your Personal data will only be available to internal or external third parties, who need such access for the purposes listed above or where required by law, for claims or to prevent fraud. Personal data may be shared with other Sodexo Group Companies only where necessary, for fulfilment of an order (for example if you use the app in another country),  where joint services are provided, or for legal, reporting or business re-organisation.

The main categories of data recipients are the following (without this list being exhaustive): authorized internal persons, third-party service providers or other contractors who process Personal data on behalf of Sodexo and, as the case may be, judicial and regulatory authorities.

We will need to pass your details to the payment processor in order for you to make payments on the App.

Different access levels are applied to data captured by the App to ensure that such data is visible only to appropriate persons who need such access for the purposes listed above or where required by law.

We do not authorize Our service providers to use or disclose your Personal data, except to the extent necessary to deliver the services on Our behalf or to comply with legal obligations. This app is provided by Dynamify Limited, a company registered in England and Wales under number 09575041 with its registered office at 20-22 Wenlock Road, London, N1 7GU.

The data that we collect from you will be stored on our secure servers within the European Economic Area ("EEA") or UK. Sodexo has implemented the Sodexo’s Binding Corporate Rules (BCRs) within Sodexo Group. Therefore, even if the third countries in which Sodexo entities operate are located outside of the European Economic Area, your Personal data is protected in the same way that they would have been by any entity located within the European Economic Area.

How will my personal data be protected?

We implement appropriate technical and organizational measures to protect Personal data against accidental or unlawful alteration or loss, or from unauthorized, use, disclosure or access, in accordance with Our Group Information & Systems Security Policy.

We take, when appropriate, all reasonable measures based on privacy by design and privacy by default principles to implement the necessary safeguards and protect the Personal data processing. We also carry out, depending on the level of risk raised by the processing, a privacy impact assessment to adopt appropriate safeguards and ensure the protection of the Personal data. We also provide additional security safeguards for data considered to be sensitive Personal data.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Application, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Application; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

How can I access my personal data?

Sodexo is committed to ensure protection of your rights under applicable laws. You will find below a table summarizing your different rights where applicable:
RIGHT OF ACCESS You can request access to your Personal data. You may also request rectification of inaccurate Personal data, or to have incomplete Personal data completed.
You can request any available information as to the source of the Personal data, and You may also request a copy of your Personal data being processed by Sodexo.
RIGHT TO BE FORGOTTEN Your right to be forgotten entitles You to request the erasure of your Personal data in cases where:
  1. the data is no longer necessary in relation for the purposes of its collection or processing;
  2. You choose to withdraw your consent;
  3. You object to the processing by automated means using technical specifications;
  4. your Personal data has been unlawfully processed;
  5. there is a legal obligation to erase your Personal data;
  6. erasure is required to ensure compliance with applicable laws.
RIGHT TO RESTRICTION OF PROCESSING You may request the restriction of processing in the cases where:
  1. You contest the accuracy of the Personal data;
  2. Sodexo no longer needs the Personal data, for the purposes of the processing;
  3. You have objected to processing for legitimate reasons.
RIGHT TO DATA PORTABILITY You can request, where applicable, the portability of your Personal data that You have provided to Sodexo, in a structured, commonly used, and machine-readable format You have the right to transmit this data to another Controller without hindrance from Sodexo where:
  1. the processing of your Personal data is based on consent or on a contract; and
  2. the processing is carried out by automated means.
You can also request to transmit directly your Personal data to a third party of your choice (where technically feasible).
RIGHT TO OBJECT TO PROCESSING FOR THE PURPOSES OF DIRECT MARKETING You may object (right to “opt-out”) to the processing of your Personal data (notably to profiling or to marketing communications). When we process your Personal data on the basis of your consent, You can withdraw your consent at any time.
RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISIONS You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning You or similarly significantly affects You.
RIGHT TO LODGE A COMPLAINT TO THE COMPETENT SUPERVISORY AUTHORITY You can choose to lodge a Complaint with the Data Protection Supervisory Authority in the country of your habitual residence, place of work or place of the alleged infringement, regardless of whether you have suffered damages. Personal Data
You have also the right to lodge your Complaint before the courts where the Sodexo entity has an establishment or where you have your habitual residence. In the UK the authority is the ICO https://ico.org.uk

You can use this form to make a request : click here

This electronic system allows you to log in and see the progress of your request,  see and send messages and review your documents securely. This system is called One Trust and after making the request you will be sent details about how to log on. 


Alternatively you can also send your request by email to  DSAR.UKandIE@sodexo.com , in writing to 310 Broadway, Salford, M50 2UE or by calling Sodexo PeopleCentre on 0845 603 3644 and asking for DSAR team. The team will liaise with you about how you to contact you about your request and receive information.  Please note that it is usually necessary to arrange a telephone appointment to discuss your request once it has been made.


If you wish to unsubscribe to marketing emails communications, you can also do so by using the unsubscribe function on the email.

For more details, please consult the Global Data Protection Rights Management Policy

Third Party beneficiary rights

If applicable in your country, you can enforce third-party beneficiary rights afforded to you by the Sodexo BRCs.

How long will my personal data be held

Generally, the Personal data collected through the App will be deleted after 12 months of inactivity/closure of the account or three years after its collection unless it is required to kept for a legal reason.

How will I be notified if the uses of my data change?

If the use of your Personal data in the App significantly change, we will issue an updated Policy and/or take other steps to notify You beforehand of such changes so that You may review them and check whether they are acceptable (to the extent necessary) to You.

Who is my local system administrator?

If You should require any further information concerning this Policy and/or the App, please contact our Customer Support Team by raising a ticket in the “Support” menu option within the Everyday (formerly known as Twelve Pay) app

Privacy Policy (United Kingdom Schools) - Purpose of this policy

This Privacy Policy (“Policy”) describes how we use and protect your personal data for the management of this app, who will have access to it and for what purposes, what your rights are and how you can get in touch with us to exercise these rights or to ask us any questions you might have concerning the protection of your personal data. If there is any conflict between this Policy and the data protection laws in your country, then such laws, where applicable, will prevail.

This Policy may be amended, supplemented or updated, to comply with any legal, regulatory, case law or technical developments that may arise.

What is the app?

The App is designed to facilitate contact-free ordering and payment of catering services.

The App is provided by Sodexo to customers for the express purpose of purchasing products and services.

Access to the personal data processed through the App is limited to Sodexo authorized persons on a need-to-know basis.

Definitions

“App” or “Application” means the consumer app called Everyday (formerly known as Twelve Pay) available on iOS and Android devices.

“Controller” means any natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal data.

“Personal data” means any information relating to an identified natural person or one that can be directly or indirectly identified by reference to an identification number or to one or more factors specific to this person.

“Us” or “Our” means Sodexo and its subsidiaries, insofar as it is concerned.

“You” any App user.

Identity and contact details of the controller

Sodexo Ltd, Registered No: 2987170, registered office at One Southampton Row, London, WC1B 5HA.  Email : DataProtection.UKandIE@Sodexo.com

Collection and source of personal data

We will most likely collect your Personal data directly (in particular via the data collection forms on the App).

We undertake to obtain your consent and/or to allow You to refuse the use of your Personal data for certain purposes whenever necessary.

What are the types of personal data collected and used by us?

We may collect and use the following categories of Personal data relating to you:
  • The information that You provide when filling in the forms on the App or corresponding with us by phone, email or via the app, (for example, for subscription purposes, to participate in surveys, for marketing and rewards purposes, etc.); This may include your name, email address, phone number , employer details ( e.g. organization, building, floor number) and personal description.
  • The information that You provide for authentication purposes your name and contact details (email and phone);
  • The information that You provide for order fulfillment or to receive a service;
  • Your dietary preferences including your food tastes, your dietary constraints (including allergens and more);
  • Your location data; (where activated and You have agreed to this on your mobile device) so that the appropriate venues serving your physical location (office or otherwise) can be shown in the Application.
  • Your transactional data; this may included abandoned basket information and use of loyalty points/QR codes 
  • Metadata and navigation data; (usage and permissions on the app)
  • Anonymised statistical data; With regard to each of your visits to the Application we may automatically collect information about your computer and/or your mobile device, including, where available, your IP address, operating system and browser type, for system administration and to report aggregate information. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
  • Payment Information ; In order to pay a bill using the Application, you will need to enter your payment information. Payment processing services are provided by a specialist third party provider called Stripe (the "Payments Processor").

Is it mandatory that I provide personal data to the app?

Yes, some personal data mandatory. If we do not get your Personal data, You will not be able to use the App and benefit from the services offered.

Some personal data is optional. For example, you can provide dietary and other information to receive a more personalized service, chose to provide your telephone number for customer service and chose whether to receive offers and news.

How and for which purposes will the personal data collected be used?

We use your Personal data specifically for the following purposes:
  • To manage your account and your access to the platform;
  • To communicate with You and to respond to your queries or requests;
  • To provide, deliver and improve the services and offers available on Our App;
  • To allow you to pay your order on Our App
  • To conduct satisfaction surveys and perform statistics analyses;
  • To make available to You or notify You about exclusive offers, products or services, unless objected by You;
  • To carry out data analytics and statistical analysis to monitor the quality and operational excellence of Our services and the App;
  • To manage Our contractual relationship with You;
  • To customize your experience on the App;
  • To prevent potential fraud and ensure the security of Our IT systems
  • To comply with Our legal and regulatory obligations
  • Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
  • Cookies. In order to improve the Application, or where necessary ( eg real time customer service chat or making payments) we may use small files commonly known as "cookies". A cookie is a small amount of data which often includes a unique identifier that is sent to your computer or mobile phone (referred to in this policy as a "device") from the Application and is stored on your device's hard drive. A cookie records on your device information relating to your internet activity (such as whether you have visited our website before). The cookies we use on the Application won't collect personally identifiable information about you and we won't disclose information stored in cookies that we place on your device to third parties.
  • Google Analytics. We use Google Analytics which is a web analytics service provided by Google Inc. in order to understand how visitors to the Application use the Application. The Google Analytics cookies collect information about how people are using the Application, for example which pages are visited the most often, how people are moving from one link to another and if they get error messages from certain pages. The cookies do not gather any information that identifies you. The information these cookies collect is grouped together with information from other people's use of the Application on an anonymous basis. Overall, these cookies provide us with analytical information about how the Application is performing and how we can improve our service.

On which legal basis will my personal data be collected and processed?

We may have to collect and process your Personal data where necessary for the performance of a contract to which You are subject as well as for Sodexo’s legitimate interests except where such interests are overridden by your interests or fundamental rights and freedoms. We will also rely on your consent to collect and process any sensitive Personal data. You will be able to withdraw your consent at any time.

To whom will the personal data be disclosed?

We will not disclose your Personal data to any unauthorized third parties. Your Personal data will only be available to internal or external third parties, who need such access for the purposes listed above or where required by law, for claims or to prevent fraud. Personal data may be shared with other Sodexo Group Companies only where necessary, for fulfilment of an order (for example if you use the app in another country),  where joint services are provided, or for legal, reporting or business re-organisation.

The main categories of data recipients are the following (without this list being exhaustive): authorized internal persons, third-party service providers or other contractors who process Personal data on behalf of Sodexo and, as the case may be, judicial and regulatory authorities.

We will need to pass your details to the payment processor in order for you to make payments on the App.

Different access levels are applied to data captured by the App to ensure that such data is visible only to appropriate persons who need such access for the purposes listed above or where required by law.

We do not authorize Our service providers to use or disclose your Personal data, except to the extent necessary to deliver the services on Our behalf or to comply with legal obligations. This app is provided by Dynamify Limited, a company registered in England and Wales under number 09575041 with its registered office at 20-22 Wenlock Road, London, N1 7GU.

The data that we collect from you will be stored on our secure servers within the European Economic Area ("EEA") or UK.

How will my personal data be protected?

We implement appropriate technical and organizational measures to protect Personal data against accidental or unlawful alteration or loss, or from unauthorized, use, disclosure or access, in accordance with Our Group Information & Systems Security Policy.

We take, when appropriate, all reasonable measures based on privacy by design and privacy by default principles to implement the necessary safeguards and protect the Personal data processing. We also carry out, depending on the level of risk raised by the processing, a privacy impact assessment to adopt appropriate safeguards and ensure the protection of the Personal data. We also provide additional security safeguards for data considered to be sensitive Personal data.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Application, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Application; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

How can I access my personal data?

Sodexo is committed to ensure protection of your rights under applicable laws. You will find below a table summarizing your different rights where applicable:
RIGHT OF ACCESS You can request access to your Personal data. You may also request rectification of inaccurate Personal data, or to have incomplete Personal data completed.
You can request any available information as to the source of the Personal data, and You may also request a copy of your Personal data being processed by Sodexo.
RIGHT TO BE FORGOTTEN Your right to be forgotten entitles You to request the erasure of your Personal data in cases where:
  1. the data is no longer necessary in relation for the purposes of its collection or processing;
  2. You choose to withdraw your consent;
  3. You object to the processing by automated means using technical specifications;
  4. your Personal data has been unlawfully processed;
  5. there is a legal obligation to erase your Personal data;
  6. erasure is required to ensure compliance with applicable laws.
RIGHT TO RESTRICTION OF PROCESSING You may request the restriction of processing in the cases where:
  1. You contest the accuracy of the Personal data;
  2. Sodexo no longer needs the Personal data, for the purposes of the processing;
  3. You have objected to processing for legitimate reasons.
RIGHT TO DATA PORTABILITY You can request, where applicable, the portability of your Personal data that You have provided to Sodexo, in a structured, commonly used, and machine-readable format You have the right to transmit this data to another Controller without hindrance from Sodexo where:
  1. the processing of your Personal data is based on consent or on a contract; and
  2. the processing is carried out by automated means.
You can also request to transmit directly your Personal data to a third party of your choice (where technically feasible).
RIGHT TO OBJECT TO PROCESSING FOR THE PURPOSES OF DIRECT MARKETING You may object (right to “opt-out”) to the processing of your Personal data (notably to profiling or to marketing communications). When we process your Personal data on the basis of your consent, You can withdraw your consent at any time.
RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISIONS You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning You or similarly significantly affects You.
RIGHT TO LODGE A COMPLAINT TO THE COMPETENT SUPERVISORY AUTHORITY You can choose to lodge a Complaint with the Data Protection Supervisory Authority in the country of your habitual residence, place of work or place of the alleged infringement, regardless of whether you have suffered damages. Personal Data
You have also the right to lodge your Complaint before the courts where the Sodexo entity has an establishment or where you have your habitual residence. In the UK the authority is the ICO https://ico.org.uk

You can use this form to make a request : click here

This electronic system allows you to log in and see the progress of your request,  see and send messages and review your documents securely. This system is called One Trust and after making the request you will be sent details about how to log on. 


Alternatively you can also send your request by email to  DSAR.UKandIE@sodexo.com , in writing to 310 Broadway, Salford, M50 2UE or by calling Sodexo PeopleCentre on 0845 603 3644 and asking for DSAR team. The team will liaise with you about how you to contact you about your request and receive information.  Please note that it is usually necessary to arrange a telephone appointment to discuss your request once it has been made.


If you wish to unsubscribe to marketing emails communications, you can also do so by using the unsubscribe function on the email.

How long will my personal data be held

Generally, the Personal data collected through the App will be deleted after 12 months of inactivity/closure of the account or three years after its collection unless it is required to kept for a legal reason.

How will I be notified if the uses of my data change?

If the use of your Personal data in the App significantly change, we will issue an updated Policy and/or take other steps to notify You beforehand of such changes so that You may review them and check whether they are acceptable (to the extent necessary) to You.

Who is my local system administrator?

If You should require any further information concerning this Policy and/or the App, please contact our Customer Support Team by raising a ticket in the “Support” menu option within the Everyday Pay app. 

Privacy Policy (Hong Kong) - Purpose of this policy

This Privacy Policy (“Policy”) describes how we use and protect your personal data for the management of this app, who will have access to it and for what purposes, what your rights are and how you can get in touch with us to exercise these rights or to ask us any questions you might have concerning the protection of your personal data. If there is any conflict between this Policy and the data protection laws in your country, then such laws, where applicable, will prevail.

This Policy may be amended, supplemented or updated, to comply with any legal, regulatory, case law or technical developments that may arise.

What is the app?

The App is designed to facilitate contact-free ordering and payment of catering services.

The App is provided by Sodexo to customers for the express purpose of purchasing products and services.

Access to the personal data processed through the App is limited to Sodexo authorized persons on a need-to-know basis.

Definitions

“App” or “Application” means the consumer app called Everyday (formerly known as Twelve Pay) available on iOS and Android devices.

“Controller” means any natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal data.

“Personal data” means any information relating to an identified natural person or one that can be directly or indirectly identified by reference to an identification number or to one or more factors specific to this person.

“Us” or “Our” means Sodexo and its subsidiaries, insofar as it is concerned.

“You” any App user.

Identity and contact details of the controller

Sodexo Ltd, Registered No: 2987170, registered office at One Southampton Row, London, WC1B 5HA.  Email : DataProtection.UKandIE@Sodexo.com

Collection and source of personal data

We will most likely collect your Personal data directly (in particular via the data collection forms on the App).

We undertake to obtain your consent and/or to allow You to refuse the use of your Personal data for certain purposes whenever necessary.

What are the types of personal data collected and used by us?

We may collect and use the following categories of Personal data relating to you:
  • The information that You provide when filling in the forms on the App or corresponding with us by phone, email or via the app, (for example, for subscription purposes, to participate in surveys, for marketing and rewards purposes, etc.); This may include your name, email address, phone number , employer details ( e.g. organization, building, floor number) and personal description.
  • The information that You provide for authentication purposes your name and contact details (email and phone);
  • The information that You provide for order fulfillment or to receive a service;
  • Your dietary preferences including your food tastes, your dietary constraints (including allergens and more);
  • Your location data; (where activated and You have agreed to this on your mobile device) so that the appropriate venues serving your physical location (office or otherwise) can be shown in the Application.
  • Your transactional data;
  • Metadata and navigation data; (usage and permissions on the app)
  • Anonymised statistical data; With regard to each of your visits to the Application we may automatically collect information about your computer and/or your mobile device, including, where available, your IP address, operating system and browser type, for system administration and to report aggregate information. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
  • Payment Information ; In order to pay a bill using the Application, you will need to enter your payment information. Payment processing services are provided by a specialist third party provider called Stripe (the "Payments Processor").

Is it mandatory that I provide personal data to the app?

Yes, some personal data mandatory. If we do not get your Personal data, You will not be able to use the App and benefit from the services offered.

Some personal data is optional. For example, you can provide dietary and other information to receive a more personalized service, chose to provide your telephone number for customer service and chose whether to receive offers and news.

How and for which purposes will the personal data collected be used?

We use your Personal data specifically for the following purposes:
  • To manage your account and your access to the platform;
  • To communicate with You and to respond to your queries or requests;
  • To provide, deliver and improve the services and offers available on Our App;
  • To allow you to pay your order on Our App
  • To conduct satisfaction surveys and perform statistics analyses;
  • To make available to You or notify You about exclusive offers, products or services, unless objected by You;
  • To carry out data analytics and statistical analysis to monitor the quality and operational excellence of Our services and the App;
  • To manage Our contractual relationship with You;
  • To customize your experience on the App;
  • To prevent potential fraud and ensure the security of Our IT systems
  • To comply with Our legal and regulatory obligations
  • Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
  • Cookies. In order to improve the Application, or where necessary ( eg real time customer service chat or making payments) we may use small files commonly known as "cookies". A cookie is a small amount of data which often includes a unique identifier that is sent to your computer or mobile phone (referred to in this policy as a "device") from the Application and is stored on your device's hard drive. A cookie records on your device information relating to your internet activity (such as whether you have visited our website before). The cookies we use on the Application won't collect personally identifiable information about you and we won't disclose information stored in cookies that we place on your device to third parties.
  • Google Analytics. We use Google Analytics which is a web analytics service provided by Google Inc. in order to understand how visitors to the Application use the Application. The Google Analytics cookies collect information about how people are using the Application, for example which pages are visited the most often, how people are moving from one link to another and if they get error messages from certain pages. The cookies do not gather any information that identifies you. The information these cookies collect is grouped together with information from other people's use of the Application on an anonymous basis. Overall, these cookies provide us with analytical information about how the Application is performing and how we can improve our service.

On which legal basis will my personal data be collected and processed?

We may have to collect and process your Personal data where necessary for the performance of a contract to which You are subject as well as for Sodexo’s legitimate interests except where such interests are overridden by your interests or fundamental rights and freedoms. We will also rely on your consent to collect and process any sensitive Personal data. You will be able to withdraw your consent at any time.

To whom will the personal data be disclosed?

We will not disclose your Personal data to any unauthorized third parties. Your Personal data will only be available to internal or external third parties, who need such access for the purposes listed above or where required by law, for claims or to prevent fraud. Personal data may be shared with other Sodexo Group Companies only where necessary, for fulfilment of an order (for example if you use the app in another country),  where joint services are provided, or for legal, reporting or business re-organisation.

The main categories of data recipients are the following (without this list being exhaustive): authorized internal persons, third-party service providers or other contractors who process Personal data on behalf of Sodexo and, as the case may be, judicial and regulatory authorities.

We will need to pass your details to the payment processor in order for you to make payments on the App.

Different access levels are applied to data captured by the App to ensure that such data is visible only to appropriate persons who need such access for the purposes listed above or where required by law.

We do not authorize Our service providers to use or disclose your Personal data, except to the extent necessary to deliver the services on Our behalf or to comply with legal obligations. This app is provided by Dynamify Limited, a company registered in England and Wales under number 09575041 with its registered office at 20-22 Wenlock Road, London, N1 7GU.

The data that we collect from you will be stored on our secure servers within the European Economic Area ("EEA") or UK.

How will my personal data be protected?

We implement appropriate technical and organizational measures to protect Personal data against accidental or unlawful alteration or loss, or from unauthorized, use, disclosure or access, in accordance with Our Group Information & Systems Security Policy.

We take, when appropriate, all reasonable measures based on privacy by design and privacy by default principles to implement the necessary safeguards and protect the Personal data processing. We also carry out, depending on the level of risk raised by the processing, a privacy impact assessment to adopt appropriate safeguards and ensure the protection of the Personal data. We also provide additional security safeguards for data considered to be sensitive Personal data.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Application, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Application; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

How can I access my personal data?

Sodexo is committed to ensure protection of your rights under applicable laws. You will find below a table summarizing your different rights where applicable:
RIGHT OF ACCESS You can request access to your Personal data. You may also request rectification of inaccurate Personal data, or to have incomplete Personal data completed.
You can request any available information as to the source of the Personal data, and You may also request a copy of your Personal data being processed by Sodexo.
RIGHT TO BE FORGOTTEN Your right to be forgotten entitles You to request the erasure of your Personal data in cases where:
  1. the data is no longer necessary in relation for the purposes of its collection or processing;
  2. You choose to withdraw your consent;
  3. You object to the processing by automated means using technical specifications;
  4. your Personal data has been unlawfully processed;
  5. there is a legal obligation to erase your Personal data;
  6. erasure is required to ensure compliance with applicable laws.
RIGHT TO RESTRICTION OF PROCESSING You may request the restriction of processing in the cases where:
  1. You contest the accuracy of the Personal data;
  2. Sodexo no longer needs the Personal data, for the purposes of the processing;
  3. You have objected to processing for legitimate reasons.
RIGHT TO DATA PORTABILITY You can request, where applicable, the portability of your Personal data that You have provided to Sodexo, in a structured, commonly used, and machine-readable format You have the right to transmit this data to another Controller without hindrance from Sodexo where:
  1. the processing of your Personal data is based on consent or on a contract; and
  2. the processing is carried out by automated means.
You can also request to transmit directly your Personal data to a third party of your choice (where technically feasible).
RIGHT TO OBJECT TO PROCESSING FOR THE PURPOSES OF DIRECT MARKETING You may object (right to “opt-out”) to the processing of your Personal data (notably to profiling or to marketing communications). When we process your Personal data on the basis of your consent, You can withdraw your consent at any time.
RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISIONS You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning You or similarly significantly affects You.
RIGHT TO LODGE A COMPLAINT TO THE COMPETENT SUPERVISORY AUTHORITY You can choose to lodge a Complaint with the Data Protection Supervisory Authority in the country of your habitual residence, place of work or place of the alleged infringement, regardless of whether you have suffered damages. Personal Data
You have also the right to lodge your Complaint before the courts where the Sodexo entity has an establishment or where you have your habitual residence. In the UK the authority is the ICO https://ico.org.uk

You can use this form to make a request : click here

This electronic system allows you to log in and see the progress of your request,  see and send messages and review your documents securely. This system is called One Trust and after making the request you will be sent details about how to log on. 


Alternatively you can also send your request by email to  DSAR.UKandIE@sodexo.com , in writing to 310 Broadway, Salford, M50 2UE or by calling Sodexo PeopleCentre on 0845 603 3644 and asking for DSAR team. The team will liaise with you about how you to contact you about your request and receive information.  Please note that it is usually necessary to arrange a telephone appointment to discuss your request once it has been made.


If you wish to unsubscribe to marketing emails communications, you can also do so by using the unsubscribe function on the email.

How long will my personal data be held

Generally, the Personal data collected through the App will be deleted after 12 months of inactivity/closure of the account or three years after its collection unless it is required to kept for a legal reason.

How will I be notified if the uses of my data change?

If the use of your Personal data in the App significantly change, we will issue an updated Policy and/or take other steps to notify You beforehand of such changes so that You may review them and check whether they are acceptable (to the extent necessary) to You.

Who is my local system administrator?

If You should require any further information concerning this Policy and/or the App, please contact our Customer Support Team by raising a ticket in the “Support” menu option within the Everyday (formerly known as Twelve Pay)

PROPÓSITO DE ESTA POLÍTICA

En esta Política de privacidad (la "Política") se describe cómo utilizamos y protegemos sus datos personales para administrar esta App, quién tendrá acceso a ellos y con qué fines, cuáles son sus derechos y cómo puede ponerse en contacto con nosotros para ejercerlos o para plantearnos cualquier duda sobre la protección de sus datos personales. Si existe algún conflicto entre esta Política y las leyes de protección de datos de su país, prevalecerán dichas leyes, según corresponda.

Esta Política se podrá modificar, complementar o actualizar para cumplir con los avances legales, reglamentarios, jurisprudenciales o técnicos que puedan surgir.

¿QUÉ ES LA APP?

La App se ha diseñado para facilitar el pedido y el pago de servicios de restauración sin contacto.

Sodexo proporciona la App a los clientes con el propósito expreso de comprar productos y servicios.

El acceso a los datos personales tratados a través de la App está limitado a las personas autorizadas por Sodexo según su necesidad.

DEFINICIONES

Por "App" o "Aplicación" se entiende la aplicación para clientes llamada Everyday (formerly Twelve Pay), disponible en dispositivos iOS y Android.

Por "Responsable del tratamiento" se entiende toda persona física o jurídica, autoridad pública, organismo o cualquier otro órgano que, de manera individual o junto con otros, determine los fines y los medios del tratamiento de los datos personales.

Por "Datos personales" se entiende cualquier información sobre una persona física identificada o que pueda ser identificada directa o indirectamente mediante referencia a un número de identificación o a uno o más factores específicos de esta persona.

Por "Nosotros" o "Nuestro" se entienden Sodexo y sus filiales, en lo que a ella respecta.

Por "Usted" se entiende cualquier usuario de la App.

IDENTIDAD Y DATOS DE CONTACTO DEL RESPONSABLE DEL TRATAMIENTO

Sodexo Iberia, S.A . es una empresa inscrita en el Registro Mercantil de Madrid, con domicilio social calle Chile nº8, Edificio Azasol, 1ª planta, 28290 las Rozas ( Madrid), España. Correo electrónico:   funcion.lopd.es@sodexo.com

RECOGIDA Y ORIGEN DE LOS DATOS PERSONALES

Lo más probable es que recojamos sus datos personales directamente (sobre todo, a través de los formularios de recogida de datos de la App).

Nos comprometemos a obtener su consentimiento y/o a permitirle rechazar el uso de sus datos personales para determinados fines siempre que sea necesario.

¿QUÉ TIPOS DE DATOS PERSONALES RECOGEMOS Y UTILIZAMOS?

Podremos recoger y utilizar las siguientes categorías de Datos personales relacionados con Usted:
  • La información que Usted proporciona al rellenar los formularios de la App o al comunicarse con Nosotros por teléfono, correo electrónico o la App (por ejemplo, con fines de suscripción, para participar en encuestas, con fines de marketing y recompensas, etc.); esto puede incluir su nombre, dirección de correo electrónico, número de teléfono, datos del empleador (por ejemplo, organización, edificio, número de planta) y descripción personal.
  • La información que Usted proporciona para fines de autenticación es su nombre y sus datos de contacto (correo electrónico y teléfono).
  • La información que Usted proporciona para la realización de un pedido o para recibir un servicio.
  • Sus preferencias alimentarias, como la comida que le gusta y los alimentos que no puede tomar (como alérgenos).
  • Los datos sobre su ubicación (cuando estén activados y Usted haya aceptado esto en su dispositivo móvil), de modo que en la App puedan mostrarse los lugares correspondientes que atienden en el lugar donde Usted se encuentra (oficina u otros).
  • Sus datos transaccionales.
  • Metadatos y datos de navegación (uso y permisos en la App).
  • Datos estadísticos anonimizados; con respecto a cada una de sus visitas a la App, podremos recoger automáticamente información sobre su ordenador y/o su dispositivo móvil, incluyendo, cuando esté disponible, su dirección IP, sistema operativo y tipo de navegador, para la administración del sistema y para elaborar informes de datos agregados. Son datos estadísticos sobre las acciones y patrones de navegación de nuestros usuarios y no sirven para identificar a ninguna persona.
  • Información de pago; para pagar una factura con la App, tendrá que introducir su información de pago. Los servicios de tramitación de pagos los proporciona un proveedor externo especializado llamado Stripe (la "Entidad procesadora de pagos").

¿ES OBLIGATORIO PROPORCIONAR DATOS PERSONALES A LA APP?

Sí, algunos Datos personales son obligatorios. Si no obtenemos sus Datos personales, no podrá utilizar la App ni beneficiarse de los servicios ofrecidos.

Algunos Datos personales son opcionales. Por ejemplo, puede proporcionar información alimentaria y de otro tipo para recibir un servicio más personalizado, elegir proporcionar su número de teléfono para el servicio de atención al cliente y elegir si desea recibir ofertas y noticias.

¿CÓMO Y CON QUÉ FINES SE UTILIZARÁN LOS DATOS PERSONALES RECOGIDOS?

Utilizamos sus Datos personales específicamente para los siguientes fines:
  • Para administrar su cuenta y su acceso a la plataforma.
  • Para comunicarnos con Usted y responder a sus consultas o solicitudes.
  • Proporcionar, entregar y mejorar los servicios y ofertas disponibles en nuestra App.
  • Permitirle pagar su pedido en nuestra App.
  • Realizar encuestas de satisfacción y análisis estadísticos.
  • Ofrecerle o notificarle ofertas, productos o servicios exclusivos, a menos que Usted se oponga.
  • Realizar análisis de datos y estadísticos para supervisar la calidad y la excelencia operativa de nuestros servicios y la App.
  • Gestionar nuestra relación contractual con Usted.
  • Personalizar su experiencia en la App.
  • Prevenir posibles fraudes y garantizar la seguridad de nuestros sistemas informáticos.
  • Cumplir con nuestras obligaciones legales y reglamentarias.
  • Información que recibimos de otras fuentes. Podremos combinar esta información con la que Usted nos proporcione y la que recojamos sobre Usted. Podremos utilizar esta información y la información combinada para los fines indicados anteriormente (según los tipos de información que recibimos).
  • Cookies. Con el fin de mejorar la App o cuando sea necesario (por ejemplo, en el chat de atención al cliente en tiempo real o para la realización de pagos), podremos utilizar pequeños archivos conocidos comúnmente como cookies. Una cookie es una pequeña cantidad de datos que suele incluir un identificador único y que se envía a su ordenador o teléfono móvil (en esta política, un "Dispositivo") desde la App y se almacena en el disco duro de su dispositivo. Una cookie registra en su dispositivo información relacionada con su actividad en Internet (por ejemplo, si ha visitado nuestro sitio web anteriormente). Las cookies que utilizamos en la App no recogerán información personal identificable sobre Usted y no divulgaremos a terceros la información almacenada en las cookies que colocamos en su dispositivo.
  • Google Analytics. Utilizamos Google Analytics, un servicio de análisis web proporcionado por Google Inc., para entender el modo en que los visitantes de la App la utilizan. Las cookies de Google Analytics recogen información sobre el uso que hacen los usuarios de la App; por ejemplo, las páginas visitadas con más frecuencia, cómo se mueven los usuarios entre enlaces y si reciben mensajes de error de determinadas páginas. Las cookies no recogen ninguna información que pueda servir para identificarle. La información que recogen estas cookies se agrupa con la información procedente del uso que otras personas hacen de la App de forma anónima. En general, estas cookies nos proporcionan información analítica sobre el rendimiento de la App y cómo podemos mejorar nuestro servicio.

¿BAJO QUÉ FUNDAMENTO JURÍDICO SE RECOGERÁN Y TRATARÁN MIS DATOS PERSONALES?

Es posible que tengamos que recoger y tratar sus datos personales cuando sea necesario para la ejecución de un contrato al que Usted está sujeto, así como para los intereses legítimos de Sodexo, excepto cuando sus intereses o derechos y libertades fundamentales prevalezcan sobre dichos intereses. También nos basaremos en su consentimiento para recoger y tratar cualquier dato personal sensible. Podrá retirar su consentimiento en cualquier momento.

¿A QUIÉN SE COMUNICARÁN LOS DATOS PERSONALES?

No revelaremos sus Datos personales a terceros no autorizados. Sus Datos personales solo estarán a disposición de terceros internos o externos que necesiten acceder a ellos para los fines mencionados anteriormente o cuando así lo exija la ley, para presentar reclamaciones o para prevenir fraudes. Los Datos personales podrán intercambiarse con otras empresas del Grupo Sodexo solo cuando sea necesario, para la realización de un pedido (por ejemplo, si utiliza la App desde otro país), cuando se presten servicios conjuntos o para fines jurídicos, de elaboración de informes o de reorganización empresarial.

Las principales categorías de destinatarios de datos son las siguientes (no se trata de una lista exhaustiva): personas internas autorizadas, proveedores de servicios externos u otros contratistas que traten datos personales en nombre de Sodexo y, según el caso, autoridades judiciales y reguladoras.

Tendremos que facilitar sus datos a la Entidad procesadora de pagos para que pueda realizar pagos en la App.

Se aplican diferentes niveles de acceso a los datos registrados por la App para garantizar que dichos datos solo sean visibles para las personas adecuadas que necesiten dicho acceso para los fines enumerados anteriormente o cuando así lo exija la ley.

No autorizamos a que nuestros proveedores de servicios utilicen o comuniquen sus Datos personales, excepto en la medida necesaria para prestar los servicios en nuestro nombre o para cumplir con obligaciones legales. Esta App la proporciona Dynamify Limited, una empresa registrada en Inglaterra y Gales con el número 09575041 y con domicilio social en 20-22 Wenlock Road, Londres, N1 7GU.

Los datos que recojamos acerca de Usted se almacenarán en nuestros servidores seguros dentro del Espacio Económico Europeo (EEE) o del Reino Unido.

¿Cómo se protegerán mis datos personales?

Adoptamos medidas técnicas y organizativas adecuadas para proteger los datos personales contra la alteración o pérdida accidental o ilícita, o contra el uso, la comunicación o el acceso no autorizados, de acuerdo con la Política de seguridad de la información y los sistemas de nuestro Grupo.

Adoptamos, cuando procede, todas las medidas razonables basadas en los principios de privacidad por diseño y privacidad por defecto para aplicar las medidas de protección necesarias y proteger el tratamiento de los datos personales. También llevamos a cabo, según el nivel de riesgo que plantea el tratamiento, una evaluación del impacto sobre la privacidad para adoptar medidas de protección adecuadas y garantizar la protección de los datos personales. También proporcionamos medidas de protección de seguridad adicionales para los datos que se consideren datos personales sensibles.

Cuando le hayamos dado (o cuando Usted haya elegido) una contraseña que le permita acceder a determinadas partes de la App, usted será responsable de mantener la confidencialidad de la contraseña. Le pedimos que no comparta la contraseña con nadie.

Lamentablemente, la transmisión de información a través de Internet no es completamente segura. Aunque haremos todo lo posible por proteger sus datos personales, no podemos garantizar la seguridad de sus datos transmitidos a la App; cualquier transmisión se realiza bajo su propio riesgo. Una vez que hayamos recibido su información, utilizaremos procedimientos estrictos y prestaciones seguridad para tratar de evitar el acceso no autorizado.

¿CÓMO PUEDO ACCEDER A MIS DATOS PERSONALES?

Sodexo se compromete a asegurar la protección de sus derechos en virtud de las leyes aplicables. A continuación, puede encontrar una tabla donde se resumen sus diferentes derechos, según correspondan:
DERECHO DE ACCESO Puede solicitar el acceso a sus Datos personales. También podrá solicitar la rectificación de los datos personales inexactos o que se completen los datos personales incompletos.Puede solicitar cualquier información disponible sobre el origen de los datos personales y también puede solicitar una copia de sus datos personales tratados por Sodexo.
DERECHO DE SUPRESIÓN ("AL OLVIDO") Su derecho al olvido le permite solicitar la supresión de sus datos personales si:
  1. los datos ya no son necesarios en relación con los fines de su recogida o tratamiento;
  2. usted decide retirar su consentimiento;
  3. usted se opone al tratamiento por medios automatizados utilizando especificaciones técnicas;
  4. sus datos personales se han tratado ilegalmente;
  5. existe una obligación legal de borrar sus datos personales;
  6. el borrado es necesario para garantizar el cumplimiento de la legislación aplicable.
DERECHO A LA LIMITACIÓN DEL TRATAMIENTO Puede solicitar la restricción del tratamiento si:
  1. puede impugnar la exactitud de los Datos personales;
  2. Sodexo ya no necesita los Datos personales para los fines del tratamiento;
  3. se ha opuesto al tratamiento por motivos legítimos.
DERECHO A LA PORTABILIDAD DE LOS DATOS Usted puede solicitar, cuando corresponda, la portabilidad de los datos personales que haya proporcionado a Sodexo, en un formato estructurado, de uso común y legible por máquina. Tiene derecho a transmitir estos datos a otro responsable del tratamiento sin que Sodexo se oponga cuando:
  1. el tratamiento de sus datos personales se base en un consentimiento o contrato; y
  2. el tratamiento se realice por medios automatizados.
También puede solicitar la transmisión directa de sus Datos personales a un tercero de su elección (siempre que sea técnicamente posible).
DERECHO DE OPOSICIÓN AL TRATAMIENTO PARA FINES DE MARKETING DIRECTO Puede oponerse (derecho a la exclusión voluntaria) al tratamiento de sus datos personales (especialmente a la elaboración de perfiles o a las comunicaciones de marketing). Cuando tratemos sus datos personales basándonos en su consentimiento, Usted podrá retirar su consentimiento en cualquier momento.
DERECHO A NO SER OBJETO DE DECISIONES AUTOMATIZADAS Tiene derecho a no ser objeto de una decisión basada únicamente en el tratamiento automatizado, incluida la elaboración de perfiles, que produzca efectos jurídicos sobre Usted o que le afecte significativamente de forma similar.
DERECHO A NO SER OBJETO DE DECISIONES AUTOMATIZADAS Puede decidir presentar una reclamación ante la autoridad nacional de control de protección de datos de su lugar de residencia habitual, lugar de trabajo o lugar donde se haya cometido la supuesta infracción, independientemente de que haya sufrido daños y perjuicios. También tiene derecho a presentar una reclamación ante los tribunales de donde esté establecida la entidad Sodexo o de donde Usted tenga su residencia habitual.

Puede utilizar este formulario para realizar una solicitud: haga clic aquí

This electronic system allows you to log in and see the progress of your request,  see and send messages and review your documents securely. This system is called One Trust and after making the request you will be sent details about how to log on. 


Alternatively you can also send your request by email to  DSAR.UKandIE@sodexo.com , in writing to 310 Broadway, Salford, M50 2UE or by calling Sodexo PeopleCentre on 0845 603 3644 and asking for DSAR team. The team will liaise with you about how you to contact you about your request and receive information.  Please note that it is usually necessary to arrange a telephone appointment to discuss your request once it has been made.


If you wish to unsubscribe to marketing emails communications, you can also do so by using the unsubscribe function on the email.

¿DURANTE CUÁNTO TIEMPO SE CONSERVARÁN MIS DATOS PERSONALES?

Por lo general, los Datos personales recogidos a través de la App se eliminarán después de 12 meses de inactividad/cierre de la cuenta o tres años después de su recogida, a menos que sea necesario conservarlos por una razón legal.

¿Cómo se me informará si cambian los usos de mis datos?

Si el uso de sus Datos personales en la App cambia significativamente, publicaremos una política actualizada y/o adoptaremos otras medidas para notificarle de antemano dichos cambios, de modo que pueda revisarlos y comprobar si le resultan aceptables (en la medida necesaria).

INFORMACIÓN PERSONAL Y NIÑOS

La App está dirigida a personas mayores de edad con la capacidad de formalizar un contrato conforme a la legislación del país en el que se encuentren.

Esta App no está dirigida a niños menores de 16 años. Los menores de 16 años no pueden proporcionar ninguna información a la App. No recogemos deliberadamente datos personales de niños menores de 16 años. Si eres menor de 16 años, no utilices ni proporciones ninguna información en esta App o a través de cualquiera de sus funciones o el registro en la App, incluyendo tu nombre, dirección, número de teléfono o dirección de correo electrónico. Si descubrimos que hemos recogido o recibido información personal de un menor de 16 años sin verificar el consentimiento de sus padres, eliminaremos dicha información. Si cree que podemos tener información de un menor de 16 años o acerca de él, póngase en contacto con nosotros inmediatamente en funcion.lopd.es@sodexo.com.

¿QUIÉN ES MI ADMINISTRADOR DE SISTEMAS LOCAL?

Si necesita más información sobre esta Política o la App, póngase en contacto con nuestro equipo de atención al cliente enviando una solicitud a través de la opción del menú "Support" (Soporte) de la aplicación Everyday (formerly known as Twelve Pay)

Privacy Policy (Ireland) - Purpose of this policy

This Privacy Policy (“Policy”) describes how we use and protect your personal data for the management of this app, who will have access to it and for what purposes, what your rights are and how you can get in touch with us to exercise these rights or to ask us any questions you might have concerning the protection of your personal data. If there is any conflict between this Policy and the data protection laws in your country, then such laws, where applicable, will prevail.

This Policy may be amended, supplemented or updated, to comply with any legal, regulatory, case law or technical developments that may arise.

What is the app?

The App is designed to facilitate contact-free ordering and payment of catering services.

The App is provided by Sodexo to customers for the express purpose of purchasing products and services.

Access to the personal data processed through the App is limited to Sodexo authorized persons on a need-to-know basis.

Definitions

“App” or “Application” means the consumer app called Everyday (formerly known as Twelve Pay) available on iOS and Android devices.

“Controller” means any natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal data.

“Personal data” means any information relating to an identified natural person or one that can be directly or indirectly identified by reference to an identification number or to one or more factors specific to this person.

“Us” or “Our” means Sodexo and its subsidiaries, insofar as it is concerned.

“You” any App user.

Identity and contact details of the controller

Sodexo Ireland Limited, a company incorporated in Ireland with registration number 180309 and having it’s registered office at Temple House, 57 Temple Road, Blackrock, Co. Dublin.  Email : DataProtection.UKandIE@Sodexo.com

Collection and source of personal data

We will most likely collect your Personal data directly (in particular via the data collection forms on the App).

We undertake to obtain your consent and/or to allow You to refuse the use of your Personal data for certain purposes whenever necessary.

What are the types of personal data collected and used by us?

We may collect and use the following categories of Personal data relating to you:
  • The information that You provide when filling in the forms on the App or corresponding with us by phone, email or via the app, (for example, for subscription purposes, to participate in surveys, for marketing and rewards purposes, etc.); This may include your name, email address, phone number , employer details ( e.g. organization, building, floor number) and personal description.
  • The information that You provide for authentication purposes your name and contact details (email and phone);
  • The information that You provide for order fulfillment or to receive a service;
  • Your dietary preferences including your food tastes, your dietary constraints (including allergens and more);
  • Your location data; (where activated and You have agreed to this on your mobile device) so that the appropriate venues serving your physical location (office or otherwise) can be shown in the Application.
  • Your transactional data;
  • Metadata and navigation data; (usage and permissions on the app)
  • Anonymised statistical data; With regard to each of your visits to the Application we may automatically collect information about your computer and/or your mobile device, including, where available, your IP address, operating system and browser type, for system administration and to report aggregate information. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
  • Payment Information ; In order to pay a bill using the Application, you will need to enter your payment information. Payment processing services are provided by a specialist third party provider called Stripe (the "Payments Processor").

Is it mandatory that I provide personal data to the app?

Yes, some personal data mandatory. If we do not get your Personal data, You will not be able to use the App and benefit from the services offered.

Some personal data is optional. For example, you can provide dietary and other information to receive a more personalized service, chose to provide your telephone number for customer service and chose whether to receive offers and news.

How and for which purposes will the personal data collected be used?

We use your Personal data specifically for the following purposes:
  • To manage your account and your access to the platform;
  • To communicate with You and to respond to your queries or requests;
  • To provide, deliver and improve the services and offers available on Our App;
  • To allow you to pay your order on Our App
  • To conduct satisfaction surveys and perform statistics analyses;
  • To make available to You or notify You about exclusive offers, products or services, unless objected by You;
  • To carry out data analytics and statistical analysis to monitor the quality and operational excellence of Our services and the App;
  • To manage Our contractual relationship with You;
  • To customize your experience on the App;
  • To prevent potential fraud and ensure the security of Our IT systems
  • To comply with Our legal and regulatory obligations
  • Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
  • Cookies. In order to improve the Application, or where necessary ( eg real time customer service chat or making payments) we may use small files commonly known as "cookies". A cookie is a small amount of data which often includes a unique identifier that is sent to your computer or mobile phone (referred to in this policy as a "device") from the Application and is stored on your device's hard drive. A cookie records on your device information relating to your internet activity (such as whether you have visited our website before). The cookies we use on the Application won't collect personally identifiable information about you and we won't disclose information stored in cookies that we place on your device to third parties.
  • Google Analytics. We use Google Analytics which is a web analytics service provided by Google Inc. in order to understand how visitors to the Application use the Application. The Google Analytics cookies collect information about how people are using the Application, for example which pages are visited the most often, how people are moving from one link to another and if they get error messages from certain pages. The cookies do not gather any information that identifies you. The information these cookies collect is grouped together with information from other people's use of the Application on an anonymous basis. Overall, these cookies provide us with analytical information about how the Application is performing and how we can improve our service.

On which legal basis will my personal data be collected and processed?

We may have to collect and process your Personal data where necessary for the performance of a contract to which You are subject as well as for Sodexo’s legitimate interests except where such interests are overridden by your interests or fundamental rights and freedoms. We will also rely on your consent to collect and process any sensitive Personal data. You will be able to withdraw your consent at any time.

To whom will the personal data be disclosed?

We will not disclose your Personal data to any unauthorized third parties. Your Personal data will only be available to internal or external third parties, who need such access for the purposes listed above or where required by law, for claims or to prevent fraud. Personal data may be shared with other Sodexo Group Companies only where necessary, for fulfilment of an order (for example if you use the app in another country),  where joint services are provided, or for legal, reporting or business re-organisation.

The main categories of data recipients are the following (without this list being exhaustive): authorized internal persons, third-party service providers or other contractors who process Personal data on behalf of Sodexo and, as the case may be, judicial and regulatory authorities.

We will need to pass your details to the payment processor in order for you to make payments on the App.

Different access levels are applied to data captured by the App to ensure that such data is visible only to appropriate persons who need such access for the purposes listed above or where required by law.

We do not authorize Our service providers to use or disclose your Personal data, except to the extent necessary to deliver the services on Our behalf or to comply with legal obligations. This app is provided by Dynamify Limited, a company registered in England and Wales under number 09575041 with its registered office at 20-22 Wenlock Road, London, N1 7GU.

The data that we collect from you will be stored on our secure servers within the European Economic Area ("EEA") or UK.

How will my personal data be protected?

We implement appropriate technical and organizational measures to protect Personal data against accidental or unlawful alteration or loss, or from unauthorized, use, disclosure or access, in accordance with Our Group Information & Systems Security Policy.

We take, when appropriate, all reasonable measures based on privacy by design and privacy by default principles to implement the necessary safeguards and protect the Personal data processing. We also carry out, depending on the level of risk raised by the processing, a privacy impact assessment to adopt appropriate safeguards and ensure the protection of the Personal data. We also provide additional security safeguards for data considered to be sensitive Personal data.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Application, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Application; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

How can I access my personal data?

Sodexo is committed to ensure protection of your rights under applicable laws. You will find below a table summarizing your different rights where applicable:
RIGHT OF ACCESS You can request access to your Personal data. You may also request rectification of inaccurate Personal data, or to have incomplete Personal data completed.
You can request any available information as to the source of the Personal data, and You may also request a copy of your Personal data being processed by Sodexo.
RIGHT TO BE FORGOTTEN Your right to be forgotten entitles You to request the erasure of your Personal data in cases where:
  1. the data is no longer necessary in relation for the purposes of its collection or processing;
  2. You choose to withdraw your consent;
  3. You object to the processing by automated means using technical specifications;
  4. your Personal data has been unlawfully processed;
  5. there is a legal obligation to erase your Personal data;
  6. erasure is required to ensure compliance with applicable laws.
RIGHT TO RESTRICTION OF PROCESSING You may request the restriction of processing in the cases where:
  1. You contest the accuracy of the Personal data;
  2. Sodexo no longer needs the Personal data, for the purposes of the processing;
  3. You have objected to processing for legitimate reasons.
RIGHT TO DATA PORTABILITY You can request, where applicable, the portability of your Personal data that You have provided to Sodexo, in a structured, commonly used, and machine-readable format You have the right to transmit this data to another Controller without hindrance from Sodexo where:
  1. the processing of your Personal data is based on consent or on a contract; and
  2. the processing is carried out by automated means.
You can also request to transmit directly your Personal data to a third party of your choice (where technically feasible).
RIGHT TO OBJECT TO PROCESSING FOR THE PURPOSES OF DIRECT MARKETING You may object (right to “opt-out”) to the processing of your Personal data (notably to profiling or to marketing communications). When we process your Personal data on the basis of your consent, You can withdraw your consent at any time.
RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISIONS You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning You or similarly significantly affects You.
RIGHT TO LODGE A COMPLAINT TO THE COMPETENT SUPERVISORY AUTHORITY You can choose to lodge a Complaint with the Data Protection Supervisory Authority in the country of your habitual residence, place of work or place of the alleged infringement, regardless of whether you have suffered damages. Personal Data
You have also the right to lodge your Complaint before the courts where the Sodexo entity has an establishment or where you have your habitual residence. In the UK the authority is the ICO https://ico.org.uk

You can use this form to make a request : click here

This electronic system allows you to log in and see the progress of your request,  see and send messages and review your documents securely. This system is called One Trust and after making the request you will be sent details about how to log on. 


Alternatively you can also send your request by email to  DSAR.UKandIE@sodexo.com , in writing to 310 Broadway, Salford, M50 2UE or by calling Sodexo PeopleCentre on 0845 603 3644 and asking for DSAR team. The team will liaise with you about how you to contact you about your request and receive information.  Please note that it is usually necessary to arrange a telephone appointment to discuss your request once it has been made.


If you wish to unsubscribe to marketing emails communications, you can also do so by using the unsubscribe function on the email.

How long will my personal data be held

Generally, the Personal data collected through the App will be deleted after 12 months of inactivity/closure of the account or three years after its collection unless it is required to kept for a legal reason.

How will I be notified if the uses of my data change?

If the use of your Personal data in the App significantly change, we will issue an updated Policy and/or take other steps to notify You beforehand of such changes so that You may review them and check whether they are acceptable (to the extent necessary) to You.

Who is my local system administrator?

If You should require any further information concerning this Policy and/or the App, please contact our Customer Support Team by raising a ticket in the “Support” menu option within the Everyday (formerly known as Twelve Pay)

Privacy Policy (Netherlands) - Purpose of this policy

The following information is provided to you to inform you of Sodexo Nederland B.V. commitments in terms of Personal data protection. Sodexo Nederland B.V. belongs to Sodexo Group (hereafter “SODEXO”).  

SODEXO builds strong, lasting relationships with its customers, partners and consumers based on mutual trust: making sure that their Personal data is safe and remains confidential is an absolute priority for SODEXO.

SODEXO is committed to comply with all applicable regulatory and legal provisions governing the protection of Personal data.

SODEXO enforces a very strict privacy policy to guarantee the protection of the Personal data of those who use its websites, portals, applications, and platforms (our “Sites”):
Users remain in control of their own data. The data is processed in a transparent, confidential and secure manner
.SODEXO is committed to a continuing quest to protect its users’ Personal data in accordance with the EU GDPR.
SODEXO has a Global Data Protection Office dedicated to data protection, supported by a network of local data protection single points of contact or data protection officers.

PURPOSE OF THIS POLICY

SODEXO takes the protection of your Personal data very seriously.  

We have developed this policy to inform you of the conditions under which we collect, process, use and protect your Personal data on our App and in the context of the services provided by Sodexo Nederland B.V. (the "Services"). This policy covers all users, including those who use the App and the Services without being registered or subscribing to a specific service or account (hereinafter collectively, the "Users").  

Please read it carefully to familiarize yourself with the categories of Personal data that are subject to collection and processing, how we use this Personal data and with whom we are likely to share it. This policy also describes your rights and how you can get in touch with us to exercise these rights or to ask us any questions you might have concerning the protection of your Personal data.

This policy may be amended, supplemented or updated, in particular to comply with any legal, regulatory, case law or technical developments that may arise. However, your Personal data will always be processed in accordance with the policy in force at the time of the data collection, unless a compulsory legal prescription determines otherwise and must be enforced retroactively.

IDENTITY AND CONTACT DETAILS OF THE CONTROLLER

The data Controller is:Sodexo Nederland B.V.Registered No: 24112619,Registered office at Watermanweg 30, 3067 GG, Rotterdam Email :  Dataprivacy.NL@sodexo.com

Definitions

Account” - the User’s dedicated personal area within the App, which he or she accesses when he or she registers and connects to the App. It enables the User to access the Services.

Controller” - The Sodexo entity which determines the purposes and means of the processing of personal data.

Cookies” - As defined in the Cookies Policy

Personal data” - Means any information relating to an identified natural person or one that can be directly or indirectly identified by reference to an identification number or to one or more factors specific to this person.

Processing” - Any operation or set of operations which is performed on Personal data or on sets of Personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Processor” - A legal person which processes personal data on behalf of the controller.

App” - The Everyday application of Sodexo Nederland B.V.  available on the AppStore and Google Play

us” “we” or “our” - Sodexo Nederland B.V. (hereinafter “Sodexo Nederland”), acting as controller

you” or “Users” - Any App user.

Collection and source of personal data

We will most likely collect your Personal data directly (in particular via the data collection forms on our App) or indirectly via our service providers and/or technologies on our App.

We undertake to obtain your consent and/or to allow you to refuse the use of your data for certain purposes whenever necessary.

You will in any event be informed of the purposes for which your data is collected via the various online data collection forms and via the Cookies Policy

What are the types of personal data collected and used by us?

We may collect and use the following categories of Personal data relating to you:
  • the information that you provide when filling in the forms on the App, or corresponding with us by phone, email or via the app, (for example, for subscription purposes, to participate in surveys, for marketing purposes, when downloading the application, etc.)
  • the information that you provide for authentication purposes;
  • the information that you provide for order fulfillment or to receive a service
  • the data relating to your purchases such as products, quantity, price, billing and delivery addresses including health information about you only where you volunteer and consent to this, for example if you report any specific food allergies;
  • the transaction data such as payment information and credit/debit card information that is transmitted directly to third parties who process your requests (a “Payment Processor”);-        the information provided via “posts”, comments or other content that you post on the App, or when you use the chat function on our App;
  • the information regarding your location at a specific moment (where activated and you have agreed to this on your mobile device) so that the appropriate venues serving your physical location (office or otherwise) can be shown in the App;
  • your preferences in receiving marketing from us and our third parties and your communication preferences
  • information collected through Cookies as defined in our Cookies Policy
Personal data identified by an asterisk in the data collection forms is compulsory as these are necessary to fulfill any orders placed.In the absence of this compulsory information, these transactions cannot be processed.

We may combine this information with information we receive from other sources. We may use this information and the combined information for the purposes set out below (depending on the types of information we receive).

Please find details of the different data collected for the various purposes in the chart (Annex 1).

Is it mandatory that I provide personal data to the app?

Yes, some personal data mandatory. If we do not get your Personal data, You will not be able to use the App and benefit from the services offered.

Some personal data is optional. For example, you can provide dietary and other information to receive a more personalized service, chose to provide your telephone number for customer service and chose whether to receive offers and news.

PURPOSES FOR WHICH WE USE PERSONAL DATA

Personal data may be collected for the following general purposes (a more precise description of the processing of your data can be found in the Annex 1 below):
·       Cookies
·       Account creation and management
·       Customer Relationship Management
·       Marketing Management
·       Legal Obligation

 In addition, please note that you have the option to click on the dedicated icons of social networks such as Twitter, Facebook, LinkedIn, etc. that appear on our App.

When you click on these icons, we may have access to the Personal data that you have made public and accessible via your profiles on the social networks in question. We neither create nor use any separate databases from these social networks based on the Personal data that you have published there, and we do not process any Personal data relating to your private life through these means.

If you do not want us to have access to your Personal data published in the public spaces of your profile or your social accounts, then you should use the procedures provided by the social networks in question to limit access to this information.

These links to other websites should not be considered as navigation tracking and we decline any responsibility concerning the Personal data protection practices implemented by these third-party companies, each of which acts as a separate Controller of your Personal data on their own perimeter. Once you leave our App or click on the logo/link to one of these social networks, it is your responsibility to check the privacy policy applicable to that other platform.

LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

We process your Personal data as part of the performance and management of our contractual relationship with you, in our legitimate interest to improve the quality and operational excellence of the Services we offer to you or in compliance with certain regulatory obligations depending on the purpose of processing as identified in the chart in Annex 1.

Your Personal data may also be processed based on your prior consent in the event that under certain circumstances, your consent would be requested (e.g., regarding health data or for certain communication sent you way or certain types of Cookies).  

Please find more information about the legal basis for each of our processing in the Annex 1 below.

DISCLOSURE OF PERSONAL DATA

The security and confidentiality of your Personal data is of great importance to us. This is why we restrict access to your Personal data, through different access levels, only to members of our staff and only to the extent strictly necessary to process your orders or to provide the requested Services. We ensure that persons authorized to process the Personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

We will not disclose your Personal data to any unauthorized third parties. We may, however, share your Personal data with entities within SODEXO and with authorized service providers (for example: technical service providers [hosting, maintenance], consultants, etc.) whom we may call upon for the purpose of providing our Services.

In addition, we will need to pass your details to the Payment Processor in order for you to make payments on the App.

We ensure that every disclosure of your Personal data to an authorized service provider is framed by a data processing agreement, reflecting the commitments laid out in this policy. We do not authorize our service providers to use or disclose your data, except to the extent necessary to deliver the Services on our behalf or to comply with legal obligations. Furthermore, we may share your Personal data (i) if the law or a legal procedure requires us to do so, (ii) in response to a request by public authorities or other officials or (iii) if we are of the opinion that transferring these data is necessary or appropriate to prevent any physical harm or financial loss or in respect of an investigation concerning a suspected or proven unlawful activity.

STORAGE PERIOD OF YOUR PERSONAL DATA

We will store your Personal data only for as long as necessary to fulfill the purposes for which it was collected and processed. This period may be extended, if applicable, for any amount of time prescribed by any legal or regulatory provisions that may apply.

‍ To determine the retention period of your Personal data, we take into consideration several criteria such as:
·       The purpose for which we hold your Personal data (e.g., when you purchase products on our App, we keep your Personal data for the duration of our contractual relationship);
·      Our legal and regulatory obligations in relation to that Personal data (e.g., accounting reporting obligations);·       Whether you are an active user of our Services, you continue to receive marketing communications, or you regularly browse or purchase off our Sites or whether you do not open our emails or visit our Sites; For instance, if you have agreed to receive marketing communications, we keep your Personal data until you: (i) unsubscribe from receiving marketing communications (ii) request we delete your Personal data, or (iii) after a period of inactivity (i.e. where you have not interacted with us for a period of time). This period is defined in accordance with local regulations and guidance;
·       Any specific requests from you in relation to the deletion of your Personal data or Account;
·       Any statutory limitation periods allowing us to manage our own rights, for example the defense of any legal claims in case of litigation; and
·       Any local regulations or guidance (e.g., regarding cookies).

Please find more information about the storage period of your Personal data in Annex 1 below.

SENSITIVE PERSONAL DATA

As a general rule, we do not collect sensitive Personal data via our App. “Sensitive Personal data” refers to any information concerning a person’s racial or ethnic origins, political opinions, religious or philosophical beliefs, union membership, health data or data relating to the sexual life or the sexual orientation of a natural person. This definition also includes personal data relating to criminal convictions and offenses.

Nonetheless, you can, on a voluntary basis provide information regarding your allergies or dietary preferences. We only collect this data strictly to achieve the purpose for which the processing is performed, and we do so in accordance with local legal requirements for the protection of Personal data and, in particular, with your explicit prior consent and under the conditions described in this policy.  

TRANSFER OF PERSONAL DATA

As SODEXO is an international group, your Personal data may be transmitted to internal or external recipients that are authorized to perform Services on our behalf. Some of these recipients are located in countries outside of the European Union or the European Economic Area which do not offer an adequate level of Personal data protection. To guarantee the security and confidentiality of Personal data thus transmitted, we will take all necessary measures to ensure that this data receives adequate protection, such as entering into data transfer agreements with the recipients of your personal data based on the European Commission's standard contractual clauses (“EU SCCs”) or other valid transfer mechanisms and we carry out, in accordance with the European Court of Justice's decision of 16 July 2020 "Schrems II" (Case C 311-18) and with the guidance of the European Data Protection Board, a risk assessment of the transferred data. In addition, all entities of SODEXO have entered into an Intra-Group Data Processing Agreement, based on the EU SCCs, that provides for an equivalent protection of Personal data by all entities of SODEXO wherever it is established.  

YOUR RIGHTS

Sodexo is committed to ensure protection of your rights under applicable laws. You will find below a table summarizing your different rights where applicable:
RIGHT OF ACCESS You can request access to your Personal data. You may also request rectification of inaccurate Personal data, or to have incomplete Personal data completed.
You can request any available information as to the source of the Personal data, and You may also request a copy of your Personal data being processed by Sodexo.
RIGHT TO BE FORGOTTEN Your right to be forgotten entitles You to request the erasure of your Personal data in cases where:
  1. the data is no longer necessary in relation for the purposes of its collection or processing;
  2. You choose to withdraw your consent;
  3. You object to the processing by automated means using technical specifications;
  4. your Personal data has been unlawfully processed;
  5. there is a legal obligation to erase your Personal data;
  6. erasure is required to ensure compliance with applicable laws.
RIGHT TO RESTRICTION OF PROCESSING You may request the restriction of processing in the cases where:
  1. You contest the accuracy of the Personal data;
  2. Sodexo no longer needs the Personal data, for the purposes of the processing;
  3. You have objected to processing for legitimate reasons.
RIGHT TO DATA PORTABILITY You can request, where applicable, the portability of your Personal data that You have provided to Sodexo, in a structured, commonly used, and machine-readable format You have the right to transmit this data to another Controller without hindrance from Sodexo where:
  1. the processing of your Personal data is based on consent or on a contract; and
  2. the processing is carried out by automated means.
You can also request to transmit directly your Personal data to a third party of your choice (where technically feasible).
RIGHT TO OBJECT TO PROCESSING FOR THE PURPOSES OF DIRECT MARKETING You may object (right to “opt-out”) to the processing of your Personal data (notably to profiling or to marketing communications). When we process your Personal data on the basis of your consent, You can withdraw your consent at any time.
RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISIONS You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning You or similarly significantly affects You.
RIGHT TO LODGE A COMPLAINT TO THE COMPETENT SUPERVISORY AUTHORITY You can choose to lodge a Complaint with the Data Protection Supervisory Authority in the country of your habitual residence, place of work or place of the alleged infringement, regardless of whether you have suffered damages. In the Netherlands the authority is the Autoriteit Persoonsgegevens: Home | Autoriteit Persoonsgegevens
You have also the right to lodge your Complaint before the courts where Sodexo Nederland has an establishment or where you have your habitual residence.
You can use this form to make a request: Privacy Web Form

This electronic system allows you to log in and see the progress of your request, see and send messages and review your documents securely. This system is called One Trust and after making the request you will be sent details about how to log on.


Alternatively, you can also send your request by filling in this form and sending it by email to  Dataprivacy.NL@sodexo.com. The team will liaise with you about how you to contact you about your request and receive information.  Please note that it is usually necessary to arrange a telephone appointment to discuss your request once it has been made.

If you wish to unsubscribe to marketing emails communications, you can also do so by using the unsubscribe function on the email.

SECURITY

We implement all possible technical and organizational security measures to ensure security and confidentiality in processing your Personal data in accordance with Our Group Information & Systems Security Policy.

To this end, we take all necessary precautions given the nature of the Personal data and the risks related to its processing, in order to maintain data security and in particular to prevent distortion, damage or unauthorized third-party access (physical protection of the premises, authentication procedures with personal, secured access via identifiers and confidential passwords, a connection log, encryption of certain data, etc.).

In addition, if we contract with Processors for all or part of the Processing of your Personal data, we require a contractual agreement from our service providers to guarantee the security and confidentiality of the Personal data that we transmit to them or that they collect on our behalf, in accordance with the applicable regulations on the protection of Personal data.

We regularly conduct audits to verify the proper operational application of the rules relating to the security of your Personal data.

Nevertheless, you also have a responsibility to ensure the security and confidentiality of your Personal data, so we invite you to remain vigilant, especially when using an open system such as the Internet.

LINKS TO OTHER SITES

Occasionally, we provide links to other platforms for practical and informative purposes. These platforms operate independently from our App and are not under our control. These platforms have their own privacy policy or terms of use which we strongly advise you to read. We do not accept any liability with regards to the content on these platforms, for the products and services that may be offered there or for any other use thereof.

UPDATES OF OUR ONLINE PRIVACY POLICY

We may update or amend this policy as and when needed. In this case, amendments will only become applicable after a period of 30 business days from the date of the amendment. Please consult this page from time to time if you want to be informed of any possible changes.

HOW TO CONTACT US

If you have any questions or comments with regard to this policy, please do not hesitate to contact us at the following address: Dataprivacy.NL@sodexo.com.  

Last updated: 21 November 2024

Privacy Policy (Belgium) - Purpose of this policy

English 🏴󠁧󠁢󠁥󠁮󠁧󠁿
Dutch 🇳🇱
French 🇫🇷
Everyday Online Privacy policy 🏴󠁧󠁢󠁥󠁮󠁧󠁿

The following information is provided to you to inform you of Sodexo Belgium SA/NV. commitments in terms of Personal data protection. Sodexo Belgium SA/NV. belongs to Sodexo Group (hereafter “SODEXO”).  SODEXO builds strong, lasting relationships with its customers, partners and consumers based on mutual trust: making sure that their Personal data is safe and remains confidential is an absolute priority for SODEXO.

SODEXO is committed to comply with all applicable regulatory and legal provisions governing the protection of Personal data.

SODEXO enforces a very strict privacy policy to guarantee the protection of the Personal data of those who use its websites, portals, applications, and platforms (our “Sites”):

•       Users remain in control of their own data. The data is processed in a transparent, confidential and secure manner.
•       SODEXO is committed to a continuing quest to protect its users’ Personal data in accordance with the EU GDPR.
•       SODEXO has a Global Data Protection Office dedicated to data protection, supported by a network of local data protection single points of contact or data protection officers.  

PURPOSE OF THIS POLICY

SODEXO takes the protection of your Personal data very seriously.  

We have developed this policy to inform you of the conditions under which we collect, process, use and protect your Personal data on our App and in the context of the services provided by Sodexo Belgium SA/NV. (the "Services"). This policy covers all users, including those who use the App and the Services without being registered or subscribing to a specific service or account (hereinafter collectively, the "Users").  

Please read it carefully to familiarize yourself with the categories of Personal data that are subject to collection and processing, how we use this Personal data and with whom we are likely to share it. This policy also describes your rights and how you can get in touch with us to exercise these rights or to ask us any questions you might have concerning the protection of your Personal data.

This policy may be amended, supplemented or updated, in particular to comply with any legal, regulatory, case law or technical developments that may arise. However, your Personal data will always be processed in accordance with the policy in force at the time of the data collection, unless a compulsory legal prescription determines otherwise and must be enforced retroactively.  

IDENTITY AND CONTACT DETAILS OF THE CONTROLLER

The data Controller is:
Sodexo Belgium SA/NV.
Registered No: 0407.246.778,
Registered office at Rue Ravenstein, 36, 1000 Brussels
Email :  dataprivacy.OSS.BE@sodexo.com  

DEFINITIONS

Account” The User’s dedicated personal area within the App, which he or she accesses when he or she registers and connects to the App. It enables the User to access the Services.

Controller”  The Sodexo entity which determines the purposes and means of the processing of personal data.

Cookies”  As defined in the Cookies Policy

Personal data”  Means any information relating to an identified natural person or one that can be directly or indirectly identified by reference to an identification number or to one or more factors specific to this person.  

Processing”   Any operation or set of operations which is performed on Personal data or on sets of Personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Processor”  A legal person which processes personal data on behalf of the controller.

App” The Everyday application of Sodexo Belgium SA/NV.  available on the AppStore and Google Play

us” “we” or “our”  Sodexo Belgium SA/NV (hereinafter “Sodexo Belgium”), acting as controller

you” or “Users”  Any App user


COLLECTION AND SOURCE OF PERSONAL DATA

We will most likely collect your Personal data directly (in particular via the data collection forms on our App) or indirectly via our service providers and/or technologies on our App. We undertake to obtain your consent and/or to allow you to refuse the use of your data for certain purposes whenever necessary. You will in any event be informed of the purposes for which your data is collected via the various online data collection forms and via the Cookies Policy

TYPES OF PERSONAL DATA COLLECTED AND USED BY US

We may specifically collect and process the following types of Personal data:
-        the information that you provide when filling in the forms on the App, or corresponding with us by phone, email or via the app, (for example, for subscription purposes, to participate in surveys, for marketing purposes, when downloading the application, etc.)-        the information that you provide for authentication purposes;
-        the information that you provide for order fulfillment or to receive a service
-        the data relating to your purchases such as products, quantity, price, billing and delivery addresses including health information about you only where you volunteer and consent to this, for example if you report any specific food allergies;
-        the transaction data such as payment information and credit/debit card information that is transmitted directly to third parties who process your requests (a “Payment Processor”);
-        the information provided via “posts”, comments or other content that you post on the App, or when you use the chat function on our App;
-        the information regarding your location at a specific moment (where activated and you have agreed to this on your mobile device) so that the appropriate venues serving your physical location (office or otherwise) can be shown in the App;
-        your preferences in receiving marketing from us and our third parties and your communication preferences
-        information collected through Cookies as defined in our Cookies Policy.Personal data identified by an asterisk in the data collection forms is compulsory as these are necessary to fulfill any orders placed.In the absence of this compulsory information, these transactions cannot be processed. We may combine this information with information we receive from other sources. We may use this information and the combined information for the purposes set out below (depending on the types of information we receive). Please find details of the different data collected for the various purposes in the chart (Annex 1).  

PURPOSES FOR WHICH WE USE PERSONAL DATA

Personal data may be collected for the following general purposes (a more precise description of the processing of your data can be found in the Annex 1 below):
·       Cookies·       Account creation and management
·       Customer Relationship Management
·       Marketing Management
·       Legal Obligation  

In addition, please note that you have the option to click on the dedicated icons of social networks such as Twitter, Facebook, LinkedIn, etc. that appear on our App. When you click on these icons, we may have access to the Personal data that you have made public and accessible via your profiles on the social networks in question. We neither create nor use any separate databases from these social networks based on the Personal data that you have published there, and we do not process any Personal data relating to your private life through these means. If you do not want us to have access to your Personal data published in the public spaces of your profile or your social accounts, then you should use the procedures provided by the social networks in question to limit access to this information. These links to other websites should not be considered as navigation tracking and we decline any responsibility concerning the Personal data protection practices implemented by these third-party companies, each of which acts as a separate Controller of your Personal data on their own perimeter. Once you leave our App or click on the logo/link to one of these social networks, it is your responsibility to check the privacy policy applicable to that other platform.

LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

We process your Personal data as part of the performance and management of our contractual relationship with you, in our legitimate interest to improve the quality and operational excellence of the Services we offer to you or in compliance with certain regulatory obligations depending on the purpose of processing as identified in the chart in Annex 1. Your Personal data may also be processed based on your prior consent in the event that under certain circumstances, your consent would be requested (e.g., regarding health data or for certain communication sent you way or certain types of Cookies).  Please find more information about the legal basis for each of our processing in the Annex 1 below.

DISCLOSURE OF PERSONAL DATA

The security and confidentiality of your Personal data is of great importance to us. This is why we restrict access to your Personal data, through different access levels, only to members of our staff and only to the extent strictly necessary to process your orders or to provide the requested Services. We ensure that persons authorized to process the Personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality. We will not disclose your Personal data to any unauthorized third parties. We may, however, share your Personal data with entities within SODEXO and with authorized service providers (for example: technical service providers [hosting, maintenance], consultants, etc.) whom we may call upon for the purpose of providing our Services. In addition, we will need to pass your details to the Payment Processor in order for you to make payments on the App. We ensure that every disclosure of your Personal data to an authorized service provider is framed by a data processing agreement, reflecting the commitments laid out in this policy. We do not authorize our service providers to use or disclose your data, except to the extent necessary to deliver the Services on our behalf or to comply with legal obligations. Furthermore, we may share your Personal data (i) if the law or a legal procedure requires us to do so, (ii) in response to a request by public authorities or other officials or (iii) if we are of the opinion that transferring these data is necessary or appropriate to prevent any physical harm or financial loss or in respect of an investigation concerning a suspected or proven unlawful activity.  

STORAGE PERIOD OF YOUR PERSONAL DATA

We will store your Personal data only for as long as necessary to fulfill the purposes for which it was collected and processed. This period may be extended, if applicable, for any amount of time prescribed by any legal or regulatory provisions that may apply. To determine the retention period of your Personal data, we take into consideration several criteria such as:
·       The purpose for which we hold your Personal data (e.g., when you purchase products on our App, we keep your Personal data for the duration of our contractual relationship);
·       Our legal and regulatory obligations in relation to that Personal data (e.g., accounting reporting obligations);
·       Whether you are an active user of our Services, you continue to receive marketing communications, or you regularly browse or purchase off our Sites or whether you do not open our emails or visit our Sites; For instance, if you have agreed to receive marketing communications, we keep your Personal data until you: (i) unsubscribe from receiving marketing communications (ii) request we delete your Personal data, or (iii) after a period of inactivity (i.e. where you have not interacted with us for a period of time). This period is defined in accordance with local regulations and guidance;
·       Any specific requests from you in relation to the deletion of your Personal data or Account;
·       Any statutory limitation periods allowing us to manage our own rights, for example the defense of any legal claims in case of litigation; and
·       Any local regulations or guidance (e.g., regarding cookies). Please find more information about the storage period of your Personal data in Annex 1 below.  

SENSITIVE PERSONAL DATA

As a general rule, we do not collect sensitive Personal data via our App. “Sensitive Personal data” refers to any information concerning a person’s racial or ethnic origins, political opinions, religious or philosophical beliefs, union membership, health data or data relating to the sexual life or the sexual orientation of a natural person. This definition also includes personal data relating to criminal convictions and offenses. Nonetheless, you can, on a voluntary basis provide information regarding your allergies or dietary preferences. We only collect this data strictly to achieve the purpose for which the processing is performed, and we do so in accordance with local legal requirements for the protection of Personal data and, in particular, with your explicit prior consent and under the conditions described in this policy.  

TRANSFER OF PERSONAL DATA

As SODEXO is an international group, your Personal data may be transmitted to internal or external recipients that are authorized to perform Services on our behalf. Some of these recipients are located in countries outside of the European Union or the European Economic Area which do not offer an adequate level of Personal data protection. To guarantee the security and confidentiality of Personal data thus transmitted, we will take all necessary measures to ensure that this data receives adequate protection, such as entering into data transfer agreements with the recipients of your personal data based on the European Commission's standard contractual clauses (“EU SCCs”) or other valid transfer mechanisms and we carry out, in accordance with the European Court of Justice's decision of 16 July 2020 "Schrems II" (Case C 311-18) and with the guidance of the European Data Protection Board, a risk assessment of the transferred data. In addition, all entities of SODEXO have entered into an Intra-Group Data Processing Agreement, based on the EU SCCs, that provides for an equivalent protection of Personal data by all entities of SODEXO wherever it is established.

YOUR RIGHTS

SODEXO is committed to ensure protection of your rights under applicable laws. You will find below a table summarizing your different rights:

Right of access and rectification You can request a copy of the Personal data we hold about you. You may also request rectification of inaccurate Personal data, or to have incomplete Personal data completed.
Right to erasure Your right to be forgotten entitles you to request the erasure of your Personal data in cases where:
  1. the data is no longer necessary for the purpose for which it was collected;
  2. you choose to withdraw your consent;
  3. you object to the processing of your Personal data;
  4. your Personal data has been unlawfully processed;
  5. there is a legal obligation to erase your Personal data;
  6. erasure is required to ensure compliance with applicable laws.
Right to restriction of Processing You may request that processing of your Personal data be restricted in the cases where:
  1. you contest the accuracy of your Personal data;
  2. SODEXO no longer needs your Personal data for the purposes of the processing;
  3. you have objected to processing for legitimate reasons.
  4. the processing of your Personal data is unlawful and you prefer the restriction of their use instead of their deletion
Right to data portability You can request, where applicable, the portability of your Personal data that you have provided to SODEXO, in a structured, commonly used, and machine-readable format you have the right to transmit this data to another Controller without hindrance from SODEXO where:
  1. the processing of your Personal data is based on consent or on a contract; and
  2. the processing is carried out by automated means.
You can also request that your Personal data be transmitted to a third party of your choice (where technically feasible).
Right to object to Processing You may object (i.e. exercise your right to “opt-out”) to the processing of your Personal data particularly in relation to profiling or to marketing communications. When we process your Personal data on the basis of your consent, you can withdraw your consent at any time.
Right not to be subject to automated decisions You have the right not to be subject to a decision based solely on automated processing, including profiling, which has a legal effect upon you or significantly affects you.
Right to lodge a Complaint You can choose to lodge a Complaint with the Data Protection Supervisory Authority in the country of your habitual residence, place of work or place of the alleged infringement, regardless of whether you have suffered damages. In Belgium the authority is the Autorité de protection des données: Home | Autorité de protection des données

You have also the right to lodge your Complaint before the courts where Sodexo Belgium has an establishment or where you have your habitual residence.

You can use this form to make a request: Privacy Web Form

This electronic system allows you to log in and see the progress of your request, see and send messages and review your documents securely. This system is called One Trust and after making the request you will be sent details about how to log on.

Alternatively, you can also send your request by filling in this form and sending it by email to  dataprivacy.OSS.BE@sodexo.com. The team will liaise with you about how you to contact you about your request and receive information.  Please note that it is usually necessary to arrange a telephone appointment to discuss your request once it has been made.

If you wish to unsubscribe to marketing emails communications, you can also do so by using the unsubscribe function on the email.

SECURITY

We implement all possible technical and organizational security measures to ensure security and confidentiality in processing your Personal data in accordance with Our Group Information & Systems Security Policy.

To this end, we take all necessary precautions given the nature of the Personal data and the risks related to its processing, in order to maintain data security and in particular to prevent distortion, damage or unauthorized third-party access (physical protection of the premises, authentication procedures with personal, secured access via identifiers and confidential passwords, a connection log, encryption of certain data, etc.).

In addition, if we contract with Processors for all or part of the Processing of your Personal data, we require a contractual agreement from our service providers to guarantee the security and confidentiality of the Personal data that we transmit to them or that they collect on our behalf, in accordance with the applicable regulations on the protection of Personal data.

We regularly conduct audits to verify the proper operational application of the rules relating to the security of your Personal data.

Nevertheless, you also have a responsibility to ensure the security and confidentiality of your Personal data, so we invite you to remain vigilant, especially when using an open system such as the Internet.  

LINKS TO OTHER SITES

Occasionally, we provide links to other platforms for practical and informative purposes. These platforms operate independently from our App and are not under our control. These platforms have their own privacy policy or terms of use which we strongly advise you to read. We do not accept any liability with regards to the content on these platforms, for the products and services that may be offered there or for any other use thereof.

UPDATES OF OUR ONLINE PRIVACY POLICY

We may update or amend this policy as and when needed. In this case, amendments will only become applicable after a period of 30 business days from the date of the amendment. Please consult this page from time to time if you want to be informed of any possible changes.

HOW TO CONTACT US

If you have any questions or comments with regard to this policy, please do not hesitate to contact us at the following address: dataprivacy.OSS.BE@sodexo.com.

Last updated: January 7th 2025


Online privacybeleid Everyday 🇳🇱

De volgende informatie is bedoeld om u te informeren over de verplichtingen van Sodexo Belgium NV. op het gebied van de bescherming van persoonsgegevens. Sodexo Belgium NV. maakt deel uit van de Sodexo Group (hierna "SODEXO" genoemd).  

SODEXO bouwt sterke, duurzame relaties op met zijn klanten, partners en consumenten, gebaseerd op wederzijds vertrouwen: Sodexo maakt er een absolute prioriteit van dat hun persoonsgegevens veilig en vertrouwelijk blijven.  

SODEXO verbindt zich ertoe alle toepasselijke wet- en regelgeving inzake de bescherming van Persoonsgegevens na te leven.

SODEXO hanteert een zeer strikt privacybeleid om de bescherming te waarborgen van de persoonsgegevens van degenen die gebruikmaken van zijn websites, portalen, applicaties en platforms (onze "Sites"):
•       Gebruikers behouden de controle over hun eigen gegevens. De gegevens worden op een transparante, vertrouwelijke en veilige manier verwerkt.
•       SODEXO zet zich voortdurend in om de persoonsgegevens van zijn gebruikers te beschermen in overeenstemming met de AVG van de EU.
•       SODEXO heeft een Global Data Protection Office dat zich bezighoudt met gegevensbescherming, ondersteund door een netwerk van lokale contactpunten of functionarissen voor gegevensbescherming.

DOEL VAN DIT BELEID

SODEXO neemt de bescherming van uw persoonsgegevens uiterst serieus.  

Wij hebben dit beleid opgesteld om u te informeren over de voorwaarden waaronder wij uw persoonsgegevens verzamelen, verwerken, gebruiken en beschermen in onze App en in het kader van de diensten die worden geleverd door Sodexo Belgium NV. (de "Diensten"). Dit beleid heeft betrekking op alle gebruikers, met inbegrip van degenen die de App en de Diensten gebruiken zonder geregistreerd te zijn of zich te abonneren op een specifieke dienst of account (hierna gezamenlijk de "Gebruikers" genoemd).  

Lees het zorgvuldig door om te weten te komen welke categorieën Persoonsgegevens we verzamelen en verwerken, hoe we deze Persoonsgegevens gebruiken en met wie we deze gegevens kunnen delen. Dit beleid beschrijft ook uw rechten en hoe u contact met ons kunt opnemen om deze rechten uit te oefenen of om ons vragen te stellen over de bescherming van uw Persoonsgegevens.

Dit beleid kan van tijd tot tijd worden gewijzigd, aangevuld of geactualiseerd, met name om te voldoen aan eventuele veranderingen in wet- en regelgeving, jurisprudentie of technische ontwikkelingen. Uw Persoonsgegevens worden echter te allen tijde verwerkt in overeenstemming met het beleid dat van kracht was op het moment dat de gegevens werden verzameld, tenzij een dwingend wettelijk voorschrift anders bepaalt en met terugwerkende kracht moet worden toegepast.  

IDENTITEIT EN CONTACTGEGEVENS VAN DE VERWERKINGSVERANTWOORDELIJKE

De verwerkingsverantwoordelijke is:
Sodexo Belgium NV.
KvK-nr.: 0407.246.778.
Statutair gevestigd te Ravensteinstraat, 36, 1000 Brussel
E-mail: dataprivacy.OSS.BE@sodexo.com.  

DEFINITIES

"Account"  De persoonlijke ruimte van de Gebruiker in de App, waartoe hij of zij toegang heeft na zich te hebben geregistreerd voor en verbinding maakt met de App. Hiermee krijgt de Gebruiker toegang tot de Diensten.

"Verwerkingsverantwoordelijke" De Sodexo-entiteit die het doel van en de middelen voor de verwerking van Persoonsgegevens vaststelt.

"Cookies" Zoals gedefinieerd in het Cookiebeleid "

Persoonsgegevens"  Alle informatie met betrekking tot een geïdentificeerde natuurlijke persoon of een persoon die direct of indirect kan worden geïdentificeerd aan de hand van een identificatienummer of van of een of meer factoren die kenmerkend zijn voor die persoon.

 "Verwerking"  Elke bewerking of elk geheel van bewerkingen met betrekking tot Persoonsgegevens of een geheel van Persoonsgegevens, al dan niet uitgevoerd via geautomatiseerde procedés, zoals het verzamelen, vastleggen, ordenen, structureren, opslaan, bijwerken of wijzigen, opvragen, raadplegen, gebruiken, verstrekken door middel van doorzending, verspreiden of op andere wijze ter beschikking stellen, harmoniseren of combineren, afschermen, wissen of vernietigen van gegevens.

"Verwerker" Een rechtspersoon die namens de verwerkingsverantwoordelijke Persoonsgegevens verwerkt. "App"   De Everyday-applicatie van Sodexo Belgium NV., die beschikbaar is in de AppStore en Google Play

"ons" "wij" of "onze" Sodexo Belgium NV. (hierna Sodexo Belgium), die optreedt als verwerkingsverantwoordelijke

"u" of "Gebruikers" Elke gebruiker van de App.
 
VERZAMELING EN HERKOMST VAN PERSOONSGEGEVENS

Uw Persoonsgegevens worden in principe direct door ons verzameld (met name via de formulieren in de App bestemd voor het verstrekken van gegevens) of indirect via onze dienstverleners en/of de technologieën in onze App.

Wij verbinden ons ertoe uw toestemming te vragen en/of u de mogelijkheid te bieden het gebruik van uw gegevens voor bepaalde doeleinden te weigeren.

U wordt in ieder geval geïnformeerd over de doeleinden waarvoor uw gegevens worden verzameld via de verschillende onlineformulieren voor gegevensverzameling en via het Cookiebeleid.

SOORTEN PERSOONSGEGEVENS DIE WIJ VERZAMELEN EN GEBRUIKEN

Wij kunnen in het bijzonder de volgende soorten Persoonsgegevens verzamelen en verwerken:
-        de gegevens die u verstrekt bij het invullen van de formulieren in de App, of wanneer u met ons per telefoon, e-mail of via de App correspondeert, (bijvoorbeeld voor het afsluiten van een abonnement, om deel te nemen aan enquêtes, voor marketingdoeleinden, bij het downloaden van de App etc.);
-        de gegevens die u verstrekt voor verificatiedoeleinden;
-        de gegevens die u verstrekt bij het plaatsen van een bestelling of voor het ontvangen van een dienst;
-        gegevens met betrekking tot uw aankopen, zoals producten, hoeveelheid, prijs, factuur- en leveringsadres, inclusief gegevens over uw gezondheid, doch alleen wanneer u de laatste vrijwillig verstrekt en hiermee akkoord gaat, bijvoorbeeld als u melding maakt van specifieke voedselallergieën;
-        transactiegegevens, zoals betalingsinformatie en creditcard-/debetkaartgegevens die rechtstreeks worden doorgegeven aan derden die uw opdrachten verwerken (een "Betalingsverwerker");
-        gegevens die worden verstrekt via "posts", opmerkingen of andere content die u in de App plaatst, of wanneer u de chatfunctie in onze App gebruikt;
-        gegevens met betrekking tot uw locatie op een specifiek moment (indien u deze functie op uw mobiele apparaat hebt geactiveerd en u hiermee hebt ingestemd), voor het tonen in de App van de locatie waar u zich op dat moment fysiek bevindt (kantoor of anderszins);
-        uw voorkeuren voor het ontvangen van marketingberichten van ons en onze derden en uw voorkeuren voor de manier waarop wij met u communiceren;
-        gegevens verzameld via Cookies, zoals gedefinieerd in ons Cookiebeleid.In de gegevensverzamelingsformulieren met een sterretje gemarkeerde Persoonsgegevens zijn verplicht, omdat deze nodig zijn om eventuele bestellingen te kunnen uitvoeren.Zonder deze verplichte gegevens kunnen deze transacties niet worden verwerkt.  We kunnen deze gegevens combineren met informatie die we uit andere bronnen verkrijgen. We kunnen deze gegevens en de gecombineerde informatie gebruiken voor de hieronder beschreven doeleinden (afhankelijk van de soorten gegevens die we ontvangen). In het overzicht (bijlage 1) wordt nader uiteengezet welke soorten gegevens voor de verschillende doeleinden worden verzameld.
 
DOELEINDEN WAARVOOR WE PERSOONSGEGEVENS GEBRUIKEN

Persoonsgegevens kunnen worden verzameld voor de volgende algemene doeleinden (bijlage 1 hieronder bevat een nadere omschrijving van de verwerking van uw gegevens):  

·       Cookies
·       Aanmaken en beheren van een Account
·       Klantbeheer
·       Marketingbeheer
·       Wettelijke verplichting  

NB U hebt de mogelijkheid om in de App te klikken op de pictogrammen van sociale netwerken, zoals Twitter, Facebook, LinkedIn etc.

Wanneer u op deze pictogrammen klikt, kunnen wij toegang krijgen tot de Persoonsgegevens die u in uw profielen op de betreffende sociale netwerken openbaar en toegankelijk hebt gemaakt. Wij creëren noch gebruiken afzonderlijke databases van deze sociale netwerken op basis van de Persoonsgegevens die u daarop hebt gepubliceerd en wij verwerken geen Persoonsgegevens met betrekking tot uw privéleven via deze middelen.

Als u niet wilt dat wij toegang hebben tot uw Persoonsgegevens die zijn gepubliceerd in de openbare ruimtes van uw profiel of uw sociale accounts, dan dient u gebruik te maken van de procedures die door de sociale netwerken in kwestie worden aangeboden om de toegang tot deze informatie te beperken.

Deze links naar andere websites mogen niet worden beschouwd als het volgen van surfgedrag en we wijzen elke verantwoordelijkheid af met betrekking tot de praktijken inzake de bescherming van Persoonsgegevens die worden toegepast door deze externe bedrijven, die elk op hun eigen terrein optreden als afzonderlijke Verwerkingsverantwoordelijke van uw Persoonsgegevens. Zodra u onze App verlaat of op het logo van/de link naar een van deze sociale netwerken klikt, is het uw verantwoordelijkheid om het privacybeleid te raadplegen dat van toepassing is op dat andere platform.

RECHTSGROND VOOR DE VERWERKING VAN PERSOONSGEGEVENS

Wij verwerken uw Persoonsgegevens in het kader van de uitvoering en het beheer van onze contractuele relatie met u, ons gerechtvaardigd belang om de kwaliteit en operationele uitmuntendheid van de Diensten die wij u aanbieden te verbeteren of om te voldoen aan bepaalde wettelijke verplichtingen, afhankelijk van het doel van de verwerking, zoals vermeld in het overzicht in bijlage 1.

Uw Persoonsgegevens kunnen ook worden verwerkt op basis van uw voorafgaande toestemming, indien onder bepaalde omstandigheden uw toestemming zou worden gevraagd (bijv. met betrekking tot gezondheidsgegevens of voor bepaalde berichten die u ontvangt of bepaalde soorten Cookies).  

Meer informatie over de rechtsgrond voor elk van onze verwerkingen kunt u vinden in bijlage 1 hieronder.

OPENBAARMAKING VAN PERSOONSGEGEVENS

De veiligheid en vertrouwelijkheid van uw Persoonsgegevens is voor ons van groot belang. Daarom wordt de toegang tot uw Persoonsgegevens, op verschillende niveaus, beperkt tot die leden van ons personeel en uitsluitend voor die doeleinden als strikt noodzakelijk zijn om uw bestelling te verwerken of de gevraagde Diensten te leveren.

Wij zorgen ervoor dat personen die gemachtigd zijn om Persoonsgegevens te verwerken, zich tot geheimhouding hebben verbonden of onder een toepasselijke wettelijke geheimhoudingsplicht vallen. Wij geven uw Persoonsgegevens niet door aan onbevoegde derden. Wij kunnen uw Persoonsgegevens echter delen met andere entiteiten binnen SODEXO en met geautoriseerde dienstverleners (bijvoorbeeld met technische dienstverleners [hosting, onderhoud], consultants etc.) op wie wij eventueel een beroep doen voor het verlenen van onze Diensten.

Daarnaast dienen wij uw gegevens door te geven aan de betalingsverwerker zodat u betalingen in de App kunt uitvoeren.

Wij zorgen ervoor dat op elke openbaarmaking van uw Persoonsgegevens aan een geautoriseerde dienstverlener een gegevensverwerkingsovereenkomst van toepassing is waarin de in onderhavig beleid vastgelegde verplichtingen zijn opgenomen. Wij geven onze dienstverleners geen toestemming om uw gegevens te gebruiken of openbaar te maken, anders dan voor zover nodig om de Diensten namens ons te leveren of om te voldoen aan wettelijke verplichtingen. Bovendien kunnen wij uw Persoonsgegevens delen (i) voor zover de wet of een juridische procedure ons daartoe verplicht, (ii) in reactie op een verzoek van een overheidsinstantie of andere functionarissen of (iii) als wij van mening zijn dat het doorgeven van deze gegevens noodzakelijk of gepast is om fysieke schade of financieel verlies te voorkomen of in verband met een onderzoek naar een vermoede of bewezen onwettige activiteit.  

BEWAARTERMIJN VAN UW PERSOONSGEGEVENS

Wij bewaren uw Persoonsgegevens uitsluitend voor zolang als nodig is voor de doeleinden waarvoor ze zijn verzameld en verwerkt. Deze termijn kan, indien van toepassing, worden verlengd met de periode als voorgeschreven in de daarop toepasselijke wet- en regelgeving. Bij het bepalen van de bewaartermijn van uw Persoonsgegevens houden wij rekening met verschillende criteria, zoals:
·       het doel waarvoor wij uw Persoonsgegevens bewaren (bijv. wanneer u producten koopt in onze App, bewaren wij uw Persoonsgegevens voor de duur van onze contractuele relatie);
·       onze verplichtingen op grond van de wet- en regelgeving met betrekking tot die Persoonsgegevens (bijv. boekhoudkundige rapportageverplichtingen);
·       ongeacht of u een actieve afnemer bent van onze Diensten, marketingberichten blijft ontvangen, regelmatig onze Sites bezoekt of daarop aankopen doet, of onze e-mails niet opent of onze Sites niet bezoekt. Wanneer u bijvoorbeeld hebt ingestemd met het ontvangen van marketingberichten bewaren wij uw Persoonsgegevens totdat u: (i) aangeeft dat u deze berichten niet langer wenst te ontvangen, (ii) ons verzoekt uw Persoonsgegevens te verwijderen of (iii) na een periode van inactiviteit (d.w.z. wanneer er gedurende een bepaalde periode geen contact tussen ons heeft plaatsgevonden). Deze termijn wordt bepaald in overeenstemming met lokale voorschriften en richtlijnen;
·       specifieke verzoeken van u ten aanzien van het verwijderen van uw Persoonsgegevens of Account;
·       wettelijke verjaringstermijnen die ons in staat stellen onze eigen rechten te beheren, bijvoorbeeld voor het voeren van de verdediging tegen juridische vorderingen in geval van een rechtszaak; en
·       lokale regelgeving of richtlijnen (bijvoorbeeld met betrekking tot cookies).

Meer informatie over de termijn gedurende welke wij uw Persoonsgegevens bewaren, kunt u vinden in bijlage 1 hieronder.  

GEVOELIGE PERSOONSGEGEVENS

In principe verzamelen wij geen gevoelige Persoonsgegevens via onze App. "Gevoelige Persoonsgegevens" verwijst naar alle informatie over iemands raciale of etnische afkomst, politieke opvattingen, religieuze of filosofische overtuigingen, lidmaatschap van een vakbond, gezondheidsgegevens of gegevens met betrekking tot het seksuele leven of de seksuele geaardheid van een natuurlijke persoon. Deze definitie omvat ook persoonsgegevens met betrekking tot strafrechtelijke veroordelingen en strafbare feiten.

Desalniettemin kunt u op vrijwillige basis informatie verstrekken over uw allergieën of dieetvoorkeuren. Wij verzamelen deze gegevens uitsluitend voor dit zover strikt noodzakelijk is in verband met het doel waarvoor de verwerking plaatsvindt, en met inachtneming van de lokale wettelijke voorschriften inzake de bescherming van Persoonsgegevens en, in het bijzonder, met uw uitdrukkelijke voorafgaande toestemming en met inachtneming van de in dit beleid vermelde voorwaarden.  

DOORGIFTE VAN PERSOONSGEGEVENS

Aangezien SODEXO een internationaal opererend concern is, kunnen uw persoonsgegevens worden doorgegeven aan interne of externe ontvangers die gemachtigd zijn om namens ons Diensten te verlenen. Sommige van deze ontvangers bevinden zich in landen buiten de Europese Unie of de Europese Economische Ruimte die geen adequaat niveau van bescherming van Persoonsgegevens bieden.

Om de veiligheid en vertrouwelijkheid van de aldus doorgegeven Persoonsgegevens te waarborgen, nemen wij alle nodige maatregelen om ervoor te zorgen dat deze gegevens adequaat beschermd zijn, zoals het sluiten van overeenkomsten voor gegevensoverdracht met de ontvangers van uw Persoonsgegevens op basis van de modelcontractbepalingen ("EU SCC's") van de Europese Commissie of andere geldige overdrachtsmechanismen en voeren wij, in overeenstemming met het besluit van het Europees Hof van Justitie van 16 juli 2020 "Schrems II" (zaak C 311-18), en de richtsnoeren van het Europees Comité voor gegevensbescherming, een risicobeoordeling uit van de overgedragen gegevens.

Daarnaast hebben alle onderdelen van SODEXO een op de SCC's van de EU gebaseerde intra-groep verwerkingsovereenkomst afgesloten, die voorziet in een gelijkwaardige bescherming van Persoonsgegevens door alle entiteiten van SODEXO, waar deze ook gevestigd zijn.  

UW RECHTEN

SODEXO zet zich in voor de bescherming van uw rechten die u op grond van de toepasselijke wetgeving geniet. Onderstaande tabel geeft een overzicht van de verschillende rechten waarover u beschikt:
Recht van inzage en rectificatie U kunt een kopie opvragen van de Persoonsgegevens die wij over u bewaren. U kunt ook verzoeken om rectificatie van onjuiste Persoonsgegevens of om onvolledige Persoonsgegevens aan te vullen.
Recht op wissing Uw recht om vergeten te worden, geeft u het recht om te verzoeken uw Persoonsgegevens te wissen in gevallen waarin:
  1. de gegevens niet langer nodig zijn voor het doel waarvoor ze zijn verzameld;
  2. u besluit uw toestemming in te trekken;
  3. u bezwaar maakt tegen de verwerking van uw Persoonsgegevens;
  4. uw Persoonsgegevens onrechtmatig zijn verwerkt;
  5. er een wettelijke verplichting bestaat om uw Persoonsgegevens te wissen;
  6. het wissen is vereist om naleving van de toepasselijke wetgeving te verzekeren.
Recht op beperking van de verwerking U kunt verzoeken om de verwerking van uw Persoonsgegevens te beperken in de gevallen waarin:
  1. u de juistheid van uw Persoonsgegevens betwist;
  2. SODEXO uw Persoonsgegevens niet langer nodig heeft voor de doeleinden waarvoor ze worden verwerkt;
  3. u op gerechtvaardigde gronden bezwaar hebt gemaakt tegen verwerking;
  4. de verwerking van uw Persoonsgegevens onwettig is en u er de voorkeur aan geeft het gebruik ervan te beperken in plaats van ze te laten verwijderen.
Recht op gegevensoverdraagbaarheid U kunt verzoeken de u betreffende, aan SODEXO verstrekte Persoonsgegevens, in een gestructureerde, gangbare en machineleesbare vorm te verkrijgen en het recht die gegevens aan een andere verwerkingsverantwoordelijke over te dragen, zonder daarbij te worden gehinderd door SODEXO, indien:
  1. de verwerking van uw Persoonsgegevens is gebaseerd op toestemming of op een overeenkomst; en
  2. de verwerking wordt uitgevoerd met geautomatiseerde middelen.
U kunt tevens verzoeken om uw Persoonsgegevens te laten doorgegeven aan een derde van uw keuze (indien technisch mogelijk).
Recht om bezwaar te maken tegen Verwerking U kunt bezwaar maken tegen de verwerking van uw Persoonsgegevens (d.w.z. uw recht op "opt-out" uitoefenen), met name in geval van profilering of marketingcommunicatie. Wanneer wij uw Persoonsgegevens verwerken op basis van uw toestemming, kunt u uw toestemming te allen tijde intrekken.
Recht om niet te worden onderworpen aan geautomatiseerde besluiten U hebt het recht om niet te worden onderworpen aan een uitsluitend op geautomatiseerde verwerking, waaronder profilering, gebaseerd besluit en waaraan rechtsgevolgen voor u zijn verbonden of dat u anderszins in aanmerkelijke mate treft.
Recht om een klacht in te dienen U kunt ervoor kiezen een klacht in te dienen bij de toezichthoudende autoriteit op het gebied van gegevensbescherming in het land waar u uw gewone verblijfplaats hebt, u werkt of het land waarin de vermeende inbreuk heeft plaatsgevonden, ongeacht of u schade hebt geleden. In Belgie is die autoriteit de Gegevensbeschermingsautoriteit: Home | Gegevensbeschermingsautoriteit

U kunt uw Klacht ook indienen bij de rechtbank in een plaats waar Sodexo Belgie een vestiging heeft of waar u uw gewone verblijfplaats hebt.

Voor het indienen van een verzoek kunt u gebruikmaken van dit formulier: Webformulier Privacy

Met dit elektronische systeem kunt u inloggen en de status van uw verzoek volgen, berichten bekijken en versturen en uw documenten in een beveiligde omgeving inzien. Dit systeem heet One Trust; nadat u het verzoek hebt ingediend, ontvangt u informatie over hoe u kunt inloggen.

U kunt uw verzoek ook indienen door dit formulier in te vullen en het per e-mail op te sturen naar Dataprivacy.NL@sodexo.com. Het team neemt vervolgens contact met u op over de manier waarop u contact kunt opnemen over uw verzoek en informatie kunt ontvangen.  NB Het is gewoonlijk nodig om nadat u een verzoek hebt ingediend een telefonische afspraak te maken om uw verzoek te bespreken.

Als u zich wilt afmelden voor marketinge-mails, kunt u dit ook doen door gebruik te maken van de afmeldfunctie in de e-mail.

BEVEILIGING  

Wij treffen alle mogelijke technische en organisatorische veiligheidsmaatregelen om gedurende de verwerking van uw Persoonsgegevens de beveiliging en vertrouwelijkheid daarvan te waarborgen, in overeenstemming met het Informatie- en Systeembeveiligingsbeleid van de Groep.

In dit kader nemen we alle voorzorgsmaatregelen die gezien de aard van de Persoonsgegevens en de risico's in verband met de verwerking ervan nodig zijn om de veiligheid van de gegevens in stand te houden en in het bijzonder om vervalsing, beschadiging of onbevoegde toegang door derden te voorkomen (fysieke beveiliging van gebouwen, verificatieprocedures met persoonlijke, beveiligde toegang via gebruikersnamen en vertrouwelijke wachtwoorden, aanmeldlogboeken, versleuteling van bepaalde gegevens etc.).

Indien wij voor de gehele of gedeeltelijke Verwerking van uw Persoonsgegevens Verwerkers inschakelen, verlangen wij bovendien dat zij een overeenkomst met ons sluiten waarin de beveiliging en vertrouwelijkheid van de Persoonsgegevens die wij aan hen doorgeven of die zij namens ons verzamelen wordt gegarandeerd, in overeenstemming met de toepasselijke regelgeving inzake de bescherming van Persoonsgegevens.

We voeren regelmatig audits uit om na te gaan of de regels met betrekking tot de beveiliging van uw Persoonsgegevens correct worden toegepast.

Desalniettemin bent u zelf ook verantwoordelijk om de beveiliging en vertrouwelijkheid van uw Persoonsgegevens te waarborgen. Wij vragen u dan ook om waakzaam te blijven, vooral wanneer u gebruikmaakt van een open systeem zoals het internet.  

LINKS NAAR ANDERE SITES  

Af en toe nemen we voor praktische en informatieve doeleinden links op naar andere platforms. Deze platforms werken onafhankelijk van onze App en wij oefenen daar geen controle over uit. Deze platforms hebben hun eigen privacybeleid of gebruiksvoorwaarden en wij raden u dringend aan deze door te lezen. Wij aanvaarden geen enkele aansprakelijkheid voor de op deze platforms opgenomen content, de producten en diensten die daar mogelijk op worden aangeboden of voor enig ander gebruik daarvan.

UPDATES VAN ONS ONLINE PRIVACYBELEID

We kunnen dit beleid waar en wanneer nodig actualiseren of wijzigen. In dat geval worden wijzigingen pas van kracht na een periode van 30 werkdagen vanaf de datum van wijziging. Raadpleeg deze pagina van tijd tot tijd om op de hoogte te blijven van eventuele wijzigingen.

HOE KUNT U CONTACT MET ONS OPNEMEN

Als u vragen of opmerkingen hebt met betrekking tot dit beleid, aarzel dan niet om contact met ons op te nemen op het volgende adres: dataprivacy.OSS.BE@sodexo.com.

Laatst bijgewerkt: 7 januari 2025

Politique de confidentialité en ligne de tous les jours 🇫🇷

Les informations suivantes vous sont fournies pour vous informer des engagements de Sodexo Belgium SA/NV. en matière de protection des données personnelles. Sodexo Belgium SA/NV. appartient au Groupe Sodexo (ci-après " SODEXO ").  

SODEXO construit des relations fortes et durables avec ses clients, partenaires et consommateurs, basées sur la confiance mutuelle : s'assurer que leurs données personnelles sont en sécurité et restent confidentielles est une priorité absolue pour SODEXO

SODEXO s'engage à respecter toutes les dispositions réglementaires et légales applicables en matière de protection des données personnelles.

SODEXO applique une politique de confidentialité très stricte afin de garantir la protection des données personnelles des personnes qui utilisent ses sites web, portails, applications et plateformes (nos "Sites"):

•       Les utilisateurs restent maîtres de leurs données. Les données sont traitées de manière transparente, confidentielle et sécurisée.
•       SODEXO s'engage dans une quête permanente de protection des données personnelles de ses utilisateurs conformément au GDPR de l'UE.
•       SODEXO dispose d'un bureau mondial dédié à la protection des données, soutenu par un réseau de points de contact uniques ou de responsables de la protection des données au niveau local

OBJECTIF DE CETTE POLITIQUE

SODEXO prend très au sérieux la protection de vos données personnelles.  

Nous avons élaboré cette politique pour vous informer des conditions dans lesquelles nous collectons, traitons, utilisons et protégeons vos données personnelles sur notre App et dans le cadre des services fournis par Sodexo Belgium SA/NV. (les " Services "). Cette politique couvre tous les utilisateurs, y compris ceux qui utilisent l'App et les Services sans être inscrits ou souscrire à un service ou un compte spécifique (ci-après collectivement, les " Utilisateurs ")

Veuillez la lire attentivement pour vous familiariser avec les catégories de données à caractère personnel qui font l'objet d'une collecte et d'un traitement, la manière dont nous utilisons ces données à caractère personnel et les personnes avec lesquelles nous sommes susceptibles de les partager.

Cette politique décrit également vos droits et la manière dont vous pouvez nous contacter pour exercer ces droits ou pour nous poser toute question relative à la protection de vos données à caractère personnel. Cette politique peut être modifiée, complétée ou mise à jour, notamment pour se conformer à toute évolution légale, réglementaire, jurisprudentielle ou technique. Toutefois, vos données personnelles seront toujours traitées conformément à la politique en vigueur au moment de la collecte des données, à moins qu'une prescription légale obligatoire n'en décide autrement et ne doive être appliquée rétroactivement.  

L'IDENTITÉ ET LES COORDONNÉES DU RESPONSABLE DU TRAITEMENT

Le contrôleur des données est :
Sodexo Belgium SA/NV.
Numéro d'enregistrement : 0407.246.778,
Siège social : Rue Ravenstein, 36, 1000 Bruxelles
Courriel : dataprivacy.OSS.BE@sodexo.com  

DÉFINITIONS

"Compte " L'espace personnel dédié de l'Utilisateur au sein de l'Application, auquel il accède lorsqu'il s'inscrit et se connecte à l'Application. Il permet à l'Utilisateur d'accéder aux Services.

"Responsable du traitement  L'entité de Sodexo qui détermine les finalités et les moyens du traitement des données à caractère personnel.

"Cookies" Tels que définis dans la politique en matière de cookies

"Données à caractère personnel Toute information relative à une personne physique identifiée ou qui peut être identifiée directement ou indirectement par référence à un numéro d'identification ou à un ou plusieurs éléments qui lui sont propres.  

"Traitement" Toute opération ou tout ensemble d'opérations effectuées ou non à l'aide de procédés automatisés et appliquées à des données ou des ensembles de données à caractère personnel, telles que la collecte, l'enregistrement, l'organisation, la structuration, la conservation, l'adaptation ou la modification, l'extraction, la consultation, l'utilisation, la divulgation par transmission, la diffusion ou toute autre forme de mise à disposition, le rapprochement ou l'interconnexion, la limitation, l'effacement ou la destruction.

"Sous-traitant " Personne morale qui traite des données à caractère personnel pour le compte du responsable du traitement.

"App"   L'application quotidienne de Sodexo Belgium SA/NV. disponible sur AppStore et Google Play. "nous"

"nous" ou "notre"  Sodexo Belgium SA/NV (ci-après "Sodexo Belgium"), agissant en tant que responsable du traitement

"vous" ou "utilisateurs" Tout utilisateur de l'application.  

COLLECTE ET SOURCE DES DONNÉES PERSONNELLES

Nous collecterons très probablement vos données personnelles directement (notamment via les formulaires de collecte de données sur notre App) ou indirectement via nos prestataires de services et/ou les technologies sur notre App. Nous nous engageons à obtenir votre consentement et/ou à vous permettre de refuser l'utilisation de vos données à certaines fins chaque fois que cela est nécessaire. En tout état de cause, vous serez informé des finalités pour lesquelles vos données sont collectées via les différents formulaires de collecte de données en ligne et via la politique en matière de cookies.

TYPES DE DONNÉES PERSONNELLES COLLECTÉES ET UTILISÉES PAR NOUS

Nous pouvons spécifiquement collecter et traiter les types de données personnelles suivants :
-        les informations que vous fournissez lorsque vous remplissez les formulaires de l'application ou que vous correspondez avec nous par téléphone, par courrier électronique ou par l'intermédiaire de l'application (par exemple, à des fins d'abonnement, pour participer à des enquêtes, à des fins de marketing, lorsque vous téléchargez l'application, etc.)
-        les informations que vous fournissez à des fins d'authentification ;
-        les informations que vous fournissez pour l'exécution d'une commande ou pour recevoir un service
-        les données relatives à vos achats, telles que les produits, la quantité, le prix, les adresses de facturation et de livraison, y compris les informations de santé vous concernant, uniquement si vous le souhaitez et y consentez, par exemple si vous signalez des allergies alimentaires spécifiques ;
-        les données de transaction telles que les informations relatives au paiement et à la carte de crédit/débit qui sont transmises directement aux tiers qui traitent vos demandes (un "processeur de paiement") ;
-        les informations fournies par le biais de "posts", commentaires ou autres contenus que vous publiez sur l'application, ou lorsque vous utilisez la fonction de chat sur notre application
-        les informations relatives à votre localisation à un moment précis (lorsqu'elles sont activées et que vous y avez consenti sur votre appareil mobile) afin que les lieux appropriés desservant votre emplacement physique (bureau ou autre) puissent être affichés dans l'application ;-        vos préférences en matière de réception de messages publicitaires de notre part et de la part de nos tiers, ainsi que vos préférences en matière de communication
-        les informations collectées par le biais de cookies tels que définis dans notre politique en matière de cookies.Les données personnelles identifiées par un astérisque dans les formulaires de collecte de données sont obligatoires car elles sont nécessaires à l'exécution des commandes passées.En labsence de ces informations obligatoires, ces transactions ne peuvent être traitées.  Nous pouvons combiner ces informations avec celles que nous recevons d'autres sources. Nous pouvons utiliser ces informations et les informations combinées aux fins décrites ci-dessous (en fonction des types d'informations que nous recevons). Vous trouverez dans le tableau (annexe 1) les détails des différentes données collectées pour les différentes finalités  

RAISONS POUR LESQUELLES NOUS UTILISONS LES DONNÉES À CARACTÈRE PERSONNEL

Les données à caractère personnel peuvent être collectées aux fins générales suivantes (une description plus précise du traitement de vos données figure à l'annexe 1 ci-dessous) :  
·       Cookies
·       Création et gestion de comptes
·       Gestion des relations avec la clientèle
·       Gestion du marketing
·       Obligation légale  

En outre, veuillez noter que vous avez la possibilité de cliquer sur les icônes dédiées aux réseaux sociaux tels que Twitter, Facebook, LinkedIn, etc. qui apparaissent sur notre application.

Lorsque vous cliquez sur ces icônes, nous pouvons avoir accès aux données à caractère personnel que vous avez rendues publiques et accessibles via vos profils sur les réseaux sociaux en question. Nous ne créons ni n'utilisons aucune base de données distincte de ces réseaux sociaux sur la base des données à caractère personnel que vous y avez publiées, et nous ne traitons aucune donnée à caractère personnel relative à votre vie privée par ces moyens.

Si vous ne souhaitez pas que nous ayons accès à vos données personnelles publiées dans les espaces publics de votre profil ou de vos comptes sociaux, vous devez utiliser les procédures prévues par les réseaux sociaux en question pour limiter l'accès à ces informations.

Ces liens vers d'autres sites internet ne doivent pas être considérés comme un suivi de navigation et nous déclinons toute responsabilité concernant les pratiques de protection des données personnelles mises en œuvre par ces sociétés tierces, chacune d'entre elles agissant en tant que Contrôleur distinct de vos données personnelles sur leur propre périmètre. Dès lors que vous quittez notre App ou que vous cliquez sur le logo/lien vers l'un de ces réseaux sociaux, il vous appartient de vérifier la politique de confidentialité applicable à cette autre plateforme.

BASE JURIDIQUE DU TRAITEMENT DES DONNÉES PERSONNELLES

Nous traitons vos données personnelles dans le cadre de l'exécution et de la gestion de notre relation contractuelle avec vous, dans notre intérêt légitime à améliorer la qualité et l'excellence opérationnelle des Services que nous vous offrons ou en conformité avec certaines obligations réglementaires en fonction de la finalité du traitement telle qu'identifiée dans le tableau de l'annexe 1.

Vos données personnelles peuvent également être traitées sur la base de votre consentement préalable dans le cas où, dans certaines circonstances, votre consentement serait demandé (par exemple, en ce qui concerne les données relatives à la santé ou pour certaines communications qui vous sont envoyées ou certains types de cookies).  

Vous trouverez plus d'informations sur la base juridique de chacun de nos traitements dans l'annexe 1 ci-dessous.

DIVULGATION DE DONNÉES À CARACTÈRE PERSONNEL

La sécurité et la confidentialité de vos données personnelles sont d'une grande importance pour nous. C'est pourquoi nous limitons l'accès à vos données personnelles, par le biais de différents niveaux d'accès, aux seuls membres de notre personnel et uniquement dans la mesure strictement nécessaire au traitement de vos commandes ou à la fourniture des services demandés. Nous veillons à ce que les personnes autorisées à traiter les données personnelles se soient engagées à respecter la confidentialité ou soient soumises à une obligation légale de confidentialité.

Nous ne divulguerons pas vos données personnelles à des tiers non autorisés. Nous pouvons toutefois partager vos données personnelles avec des entités au sein de SODEXO et avec des prestataires de services autorisés (par exemple : prestataires de services techniques [hébergement, maintenance], consultants, etc.

En outre, nous devrons transmettre vos coordonnées au processeur de paiement afin que vous puissiez effectuer des paiements sur l'application.

Nous veillons à ce que toute divulgation de vos données personnelles à un prestataire de services autorisé soit encadrée par un accord de traitement des données, reflétant les engagements énoncés dans la présente politique. Nous n'autorisons pas nos fournisseurs de services à utiliser ou à divulguer vos données, sauf dans la mesure où cela est nécessaire pour fournir les services en notre nom ou pour se conformer à des obligations légales. En outre, nous pouvons partager vos données personnelles (i) si la loi ou une procédure judiciaire nous y oblige, (ii) en réponse à une demande des autorités publiques ou d'autres fonctionnaires ou (iii) si nous estimons que le transfert de ces données est nécessaire ou approprié pour prévenir tout dommage physique ou toute perte financière ou dans le cadre d'une enquête concernant une activité illégale suspectée ou avérée.  

LA DURÉE DE CONSERVATION DE VOS DONNÉES PERSONNELLES

Nous ne conserverons vos données personnelles que pendant la durée nécessaire à la réalisation des finalités pour lesquelles elles ont été collectées et traitées. Cette période peut être prolongée, le cas échéant, pour toute durée prescrite par les dispositions légales ou réglementaires applicables.

Pour déterminer la durée de conservation de vos données personnelles, nous prenons en considération plusieurs critères tels que
·La finalité pour laquelle nous conservons vos données personnelles (par exemple, lorsque vous achetez des produits sur notre App, nous conservons vos données personnelles pendant la durée de notre relation contractuelle) ;·

      nos obligations légales et réglementaires relatives à ces données à caractère personnel (par exemple, les obligations en matière de rapports comptables) ;
·       Que vous soyez un utilisateur actif de nos services, que vous continuiez à recevoir des communications marketing, que vous naviguiez ou achetiez régulièrement sur nos sites ou que vous n'ouvriez pas nos courriels ou ne visitiez pas nos sites ; par exemple, si vous avez accepté de recevoir des communications marketing, nous conservons vos données à caractère personnel jusqu'à ce que vous : (i) vous désinscriviez de la réception de communications marketing (ii) demandiez que nous supprimions vos données à caractère personnel, ou (iii) après une période d'inactivité (c'est-à-dire lorsque vous n'avez pas interagi avec nous pendant une certaine période de temps). Cette période est définie conformément aux réglementations et orientations locales ;·
      toute demande spécifique de votre part concernant la suppression de vos données personnelles ou de votre compte ;
·       Tout délai de prescription légal nous permettant de gérer nos propres droits, par exemple la défense de toute réclamation légale en cas de litige ; et
·       Toute réglementation ou orientation locale (par exemple, en ce qui concerne les cookies). Vous trouverez plus d'informations sur la durée de conservation de vos données personnelles dans l'annexe 1 ci-dessous  

LES DONNÉES PERSONNELLES SENSIBLES

En règle générale, nous ne collectons pas de données personnelles sensibles via notre App. Par "données personnelles sensibles", on entend toute information concernant les origines raciales ou ethniques d'une personne, ses opinions politiques, ses convictions religieuses ou philosophiques, son appartenance syndicale, ses données de santé ou les données relatives à la vie sexuelle ou à l'orientation sexuelle d'une personne physique. Cette définition inclut également les données à caractère personnel relatives aux condamnations pénales et aux infractions.

Néanmoins, vous pouvez, sur une base volontaire, fournir des informations concernant vos allergies ou vos préférences alimentaires. Nous ne collectons ces données que dans le strict but d'atteindre l'objectif pour lequel le traitement est effectué, et nous le faisons conformément aux exigences légales locales en matière de protection des données à caractère personnel et, en particulier, avec votre consentement explicite préalable et dans les conditions décrites dans la présente politique.

TRANSFERT DE DONNÉES À CARACTÈRE PERSONNEL

SODEXO étant un groupe international, vos données personnelles peuvent être transmises à des destinataires internes ou externes autorisés à exécuter des services en notre nom. Certains de ces destinataires sont situés dans des pays hors de l'Union européenne ou de l'Espace économique européen qui n'offrent pas un niveau adéquat de protection des données personnelles.

Pour garantir la sécurité et la confidentialité des données à caractère personnel ainsi transmises, nous prendrons toutes les mesures nécessaires pour que ces données bénéficient d'une protection adéquate, notamment en concluant avec les destinataires de vos données à caractère personnel des accords de transfert de données fondés sur les clauses contractuelles types de la Commission européenne ("CCN de l'UE") ou d'autres mécanismes de transfert valables, et nous procéderons, conformément à la décision de la Cour de justice de l'Union européenne du 16 juillet 2020 "Schrems II" (affaire C 311-18) et aux orientations du Comité européen de la protection des données, à une évaluation des risques liés aux données transférées. En outre, toutes les entités de SODEXO ont conclu un accord intra-groupe sur le traitement des données, fondé sur les CSC de l'UE, qui prévoit une protection équivalente des données à caractère personnel par toutes les entités de SODEXO, quel que soit leur lieu d'établissement.  

VOS DROITS

SODEXO s'engage à assurer la protection de vos droits en vertu des lois applicables. Vous trouverez ci-dessous un tableau résumant vos différents droits :

Droit d'accès et de rectification Vous pouvez demander une copie des données personnelles que nous détenons à votre sujet. Vous pouvez également demander la rectification de données à caractère personnel inexactes ou faire compléter des données à caractère personnel incomplètes.
Droit à l'effacement Votre droit à l'oubli vous permet de demander l'effacement de vos données à caractère personnel dans les cas suivants :
  1. les données ne sont plus nécessaires aux fins pour lesquelles elles ont été collectées ;
  2. vous choisissez de retirer votre consentement ;
  3. vous vous opposez au traitement de vos données personnelles ;
  4. vos données à caractère personnel ont fait l'objet d'un traitement illégal ;
  5. il existe une obligation légale d'effacer vos données à caractère personnel ;
  6. l'effacement est nécessaire pour assurer le respect des lois applicables.
Droit à la limitation du traitement Vous pouvez demander que le traitement de vos données personnelles soit limité dans les cas suivants :
  1. vous contestez l'exactitude de vos données personnelles ;
  2. SODEXO n'a plus besoin de vos données personnelles aux fins du traitement ;
  3. vous vous êtes opposé au traitement pour des motifs légitimes.
  4. le traitement de vos données à caractère personnel est illégal et vous préférez la restriction de leur utilisation à leur suppression
Droit à la portabilité des données Vous pouvez demander, le cas échéant, la portabilité de vos données personnelles que vous avez fournies à SODEXO, dans un format structuré, couramment utilisé et lisible par machine ; vous avez le droit de transmettre ces données à un autre responsable du traitement sans entrave de la part de SODEXO lorsque :
  1. le traitement de vos données à caractère personnel est fondé sur le consentement ou sur un contrat ; et
  2. le traitement est effectué par des moyens automatisés.
Vous pouvez également demander que vos données personnelles soient transmises à un tiers de votre choix (lorsque cela est techniquement possible)."
Droit de s'opposer au traitement Vous pouvez vous opposer (c'est-à-dire exercer votre droit de retrait) au traitement de vos données à caractère personnel, en particulier en ce qui concerne le profilage ou les communications marketing. Lorsque nous traitons vos données à caractère personnel sur la base de votre consentement, vous pouvez retirer votre consentement à tout moment.
Droit de ne pas faire l'objet de décisions automatisées Vous avez le droit de ne pas faire l'objet d'une décision fondée exclusivement sur un traitement automatisé, y compris le profilage, qui vous concerne juridiquement ou qui vous affecte de manière significative.
Droit de déposer une plainte Vous pouvez choisir de déposer une plainte auprès de l'autorité de contrôle de la protection des données dans le pays de votre résidence habituelle, de votre lieu de travail ou du lieu de l'infraction présumée, que vous ayez ou non subi des dommages. En Belgique, l'autorité compétente est l'Autorité de protection des données : Home | Autorité de protection des données

Vous avez également le droit de déposer votre plainte auprès des tribunaux où Sodexo Belgium a un établissement ou où vous avez votre résidence habituelle.

Vous pouvez utiliser ce formulaire pour faire une demande : Formulaire en ligne

Ce système électronique vous permet de vous connecter et de voir l'état d'avancement de votre demande, de voir et d'envoyer des messages et de consulter vos documents en toute sécurité. Ce système s'appelle One Trust et, après avoir introduit votre demande, vous recevrez des informations sur la manière de vous connecter.

Vous pouvez également envoyer votre demande en remplissant ce formulaire et en l'envoyant par courrier électronique à dataprivacy.OSS.BE@sodexo.com. L'équipe vous contactera pour savoir comment vous contacter au sujet de votre demande et recevoir des informations.  Veuillez noter qu'il est généralement nécessaire de prendre un rendez-vous téléphonique pour discuter de votre demande une fois qu'elle a été formulée.

Si vous souhaitez vous désabonner des communications par courrier électronique, vous pouvez également le faire en utilisant la fonction de désabonnement figurant dans le courrier électronique.

SÉCURITÉ

Nous mettons en œuvre toutes les mesures de sécurité techniques et organisationnelles possibles pour garantir la sécurité et la confidentialité du traitement de vos données personnelles sur , conformément à la politique de sécurité des systèmes d'information de notre groupe.

A cette fin, nous prenons toutes précautions utiles, au regard de la nature des données personnelles et des risques présentés par leur traitement, pour préserver la sécurité des données et, notamment, empêcher qu'elles soient déformées, endommagées ou que des tiers non autorisés y aient accès (protection physique des locaux, procédures d'authentification avec accès personnel et sécurisé via des identifiants et des mots de passe confidentiels, journal des connexions, cryptage de certaines données, etc.)

En outre, si nous faisons appel à des sous-traitants pour tout ou partie du traitement de vos données à caractère personnel, nous exigeons un accord contractuel de la part de nos prestataires de services pour garantir la sécurité et la confidentialité des données à caractère personnel que nous leur transmettons ou qu'ils collectent pour notre compte, conformément à la réglementation applicable en matière de protection des données à caractère personnel.

Nous effectuons régulièrement des audits pour vérifier la bonne application opérationnelle des règles relatives à la sécurité de vos données personnelles.

Néanmoins, vous avez également la responsabilité d'assurer la sécurité et la confidentialité de vos données personnelles, nous vous invitons donc à rester vigilant, en particulier lorsque vous utilisez un système ouvert tel que l'Internet.  

LIENS VERS D'AUTRES SITES

Occasionnellement, nous fournissons des liens vers d'autres plateformes à des fins pratiques et informatives. Ces plateformes fonctionnent indépendamment de notre application et ne sont pas sous notre contrôle. Ces plateformes ont leur propre politique de confidentialité ou conditions d'utilisation que nous vous conseillons vivement de lire. Nous n'acceptons aucune responsabilité quant au contenu de ces plateformes, aux produits et services qui peuvent y être proposés ou à toute autre utilisation de ceux-ci.

MISES À JOUR DE NOTRE POLITIQUE DE CONFIDENTIALITÉ EN LIGNE

Nous pouvons mettre à jour ou modifier cette politique si nécessaire. Dans ce cas, les modifications ne seront applicables qu'après une période de 30 jours ouvrables à compter de la date de la modification. Veuillez consulter cette page de temps à autre si vous souhaitez être informé de tout changement éventuel.

COMMENT NOUS CONTACTER

Si vous avez des questions ou des commentaires concernant cette politique, n'hésitez pas à nous contacter à l'adresse suivante : dataprivacy.OSS.BE@sodexo.com.  

Dernière mise à jour : 7 janvier 2025

Privacy Policy (Singapore) - Purpose of this policy

This Privacy Policy (“Policy”) describes how we use and protect your personal data for the management of this app, who will have access to it and for what purposes, what your rights are and how you can get in touch with us to exercise these rights or to ask us any questions you might have concerning the protection of your personal data. If there is any conflict between this Policy and the data protection laws in your country, then such laws, where applicable, will prevail.

This Policy may be amended, supplemented or updated, to comply with any legal, regulatory, case law or technical developments that may arise.

What is the app?

The App is designed to facilitate contact-free ordering and payment of catering services.

The App is provided by Sodexo to customers for the express purpose of purchasing products and services.

Access to the personal data processed through the App is limited to Sodexo authorized persons on a need-to-know basis.

Definitions

“App” or “Application” means the consumer app called Everyday (formerly known as Twelve Pay) available on iOS and Android devices.

“Controller” means any natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal data.

“Personal data” means any information relating to an identified natural person or one that can be directly or indirectly identified by reference to an identification number or to one or more factors specific to this person.

“Us” or “Our” means Sodexo and its subsidiaries, insofar as it is concerned.

“You” any App user.

Identity and contact details of the controller

Sodexo Ireland Limited, a company incorporated in Ireland with registration number 180309 and having it’s registered office at Temple House, 57 Temple Road, Blackrock, Co. Dublin.  Email : DataProtection.UKandIE@Sodexo.com

Collection and source of personal data

We will most likely collect your Personal data directly (in particular via the data collection forms on the App).

We undertake to obtain your consent and/or to allow You to refuse the use of your Personal data for certain purposes whenever necessary.

What are the types of personal data collected and used by us?

We may collect and use the following categories of Personal data relating to you:
  • The information that You provide when filling in the forms on the App or corresponding with us by phone, email or via the app, (for example, for subscription purposes, to participate in surveys, for marketing and rewards purposes, etc.); This may include your name, email address, phone number , employer details ( e.g. organization, building, floor number) and personal description.
  • The information that You provide for authentication purposes your name and contact details (email and phone);
  • The information that You provide for order fulfillment or to receive a service;
  • Your dietary preferences including your food tastes, your dietary constraints (including allergens and more);
  • Your location data; (where activated and You have agreed to this on your mobile device) so that the appropriate venues serving your physical location (office or otherwise) can be shown in the Application.
  • Your transactional data;
  • Metadata and navigation data; (usage and permissions on the app)
  • Anonymised statistical data; With regard to each of your visits to the Application we may automatically collect information about your computer and/or your mobile device, including, where available, your IP address, operating system and browser type, for system administration and to report aggregate information. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
  • Payment Information ; In order to pay a bill using the Application, you will need to enter your payment information. Payment processing services are provided by a specialist third party provider called Stripe (the "Payments Processor").

Is it mandatory that I provide personal data to the app?

Yes, some personal data mandatory. If we do not get your Personal data, You will not be able to use the App and benefit from the services offered.

Some personal data is optional. For example, you can provide dietary and other information to receive a more personalized service, chose to provide your telephone number for customer service and chose whether to receive offers and news.

How and for which purposes will the personal data collected be used?

We use your Personal data specifically for the following purposes:
  • To manage your account and your access to the platform;
  • To communicate with You and to respond to your queries or requests;
  • To provide, deliver and improve the services and offers available on Our App;
  • To allow you to pay your order on Our App
  • To conduct satisfaction surveys and perform statistics analyses;
  • To make available to You or notify You about exclusive offers, products or services, unless objected by You;
  • To carry out data analytics and statistical analysis to monitor the quality and operational excellence of Our services and the App;
  • To manage Our contractual relationship with You;
  • To customize your experience on the App;
  • To prevent potential fraud and ensure the security of Our IT systems
  • To comply with Our legal and regulatory obligations
  • Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
  • Cookies. In order to improve the Application, or where necessary ( eg real time customer service chat or making payments) we may use small files commonly known as "cookies". A cookie is a small amount of data which often includes a unique identifier that is sent to your computer or mobile phone (referred to in this policy as a "device") from the Application and is stored on your device's hard drive. A cookie records on your device information relating to your internet activity (such as whether you have visited our website before). The cookies we use on the Application won't collect personally identifiable information about you and we won't disclose information stored in cookies that we place on your device to third parties.
  • Google Analytics. We use Google Analytics which is a web analytics service provided by Google Inc. in order to understand how visitors to the Application use the Application. The Google Analytics cookies collect information about how people are using the Application, for example which pages are visited the most often, how people are moving from one link to another and if they get error messages from certain pages. The cookies do not gather any information that identifies you. The information these cookies collect is grouped together with information from other people's use of the Application on an anonymous basis. Overall, these cookies provide us with analytical information about how the Application is performing and how we can improve our service.

On which legal basis will my personal data be collected and processed?

We may have to collect and process your Personal data where necessary for the performance of a contract to which You are subject as well as for Sodexo’s legitimate interests except where such interests are overridden by your interests or fundamental rights and freedoms. We will also rely on your consent to collect and process any sensitive Personal data. You will be able to withdraw your consent at any time.

To whom will the personal data be disclosed?

We will not disclose your Personal data to any unauthorized third parties. Your Personal data will only be available to internal or external third parties, who need such access for the purposes listed above or where required by law, for claims or to prevent fraud. Personal data may be shared with other Sodexo Group Companies only where necessary, for fulfilment of an order (for example if you use the app in another country),  where joint services are provided, or for legal, reporting or business re-organisation.

The main categories of data recipients are the following (without this list being exhaustive): authorized internal persons, third-party service providers or other contractors who process Personal data on behalf of Sodexo and, as the case may be, judicial and regulatory authorities.

We will need to pass your details to the payment processor in order for you to make payments on the App.

Different access levels are applied to data captured by the App to ensure that such data is visible only to appropriate persons who need such access for the purposes listed above or where required by law.

We do not authorize Our service providers to use or disclose your Personal data, except to the extent necessary to deliver the services on Our behalf or to comply with legal obligations. This app is provided by Dynamify Limited, a company registered in England and Wales under number 09575041 with its registered office at 20-22 Wenlock Road, London, N1 7GU.

The data that we collect from you will be stored on our secure servers within the European Economic Area ("EEA") or UK.

How will my personal data be protected?

We implement appropriate technical and organizational measures to protect Personal data against accidental or unlawful alteration or loss, or from unauthorized, use, disclosure or access, in accordance with Our Group Information & Systems Security Policy.

We take, when appropriate, all reasonable measures based on privacy by design and privacy by default principles to implement the necessary safeguards and protect the Personal data processing. We also carry out, depending on the level of risk raised by the processing, a privacy impact assessment to adopt appropriate safeguards and ensure the protection of the Personal data. We also provide additional security safeguards for data considered to be sensitive Personal data.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Application, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Application; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

How can I access my personal data?

Sodexo is committed to ensure protection of your rights under applicable laws. You will find below a table summarizing your different rights where applicable:
RIGHT OF ACCESS You can request access to your Personal data. You may also request rectification of inaccurate Personal data, or to have incomplete Personal data completed.
You can request any available information as to the source of the Personal data, and You may also request a copy of your Personal data being processed by Sodexo.
RIGHT TO BE FORGOTTEN Your right to be forgotten entitles You to request the erasure of your Personal data in cases where:
  1. the data is no longer necessary in relation for the purposes of its collection or processing;
  2. You choose to withdraw your consent;
  3. You object to the processing by automated means using technical specifications;
  4. your Personal data has been unlawfully processed;
  5. there is a legal obligation to erase your Personal data;
  6. erasure is required to ensure compliance with applicable laws.
RIGHT TO RESTRICTION OF PROCESSING You may request the restriction of processing in the cases where:
  1. You contest the accuracy of the Personal data;
  2. Sodexo no longer needs the Personal data, for the purposes of the processing;
  3. You have objected to processing for legitimate reasons.
RIGHT TO DATA PORTABILITY You can request, where applicable, the portability of your Personal data that You have provided to Sodexo, in a structured, commonly used, and machine-readable format You have the right to transmit this data to another Controller without hindrance from Sodexo where:
  1. the processing of your Personal data is based on consent or on a contract; and
  2. the processing is carried out by automated means.
You can also request to transmit directly your Personal data to a third party of your choice (where technically feasible).
RIGHT TO OBJECT TO PROCESSING FOR THE PURPOSES OF DIRECT MARKETING You may object (right to “opt-out”) to the processing of your Personal data (notably to profiling or to marketing communications). When we process your Personal data on the basis of your consent, You can withdraw your consent at any time.
RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISIONS You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning You or similarly significantly affects You.
RIGHT TO LODGE A COMPLAINT TO THE COMPETENT SUPERVISORY AUTHORITY You can choose to lodge a Complaint with the Data Protection Supervisory Authority in the country of your habitual residence, place of work or place of the alleged infringement, regardless of whether you have suffered damages. Personal Data
You have also the right to lodge your Complaint before the courts where the Sodexo entity has an establishment or where you have your habitual residence. In the UK the authority is the ICO https://ico.org.uk

You can use this form to make a request : click here

This electronic system allows you to log in and see the progress of your request,  see and send messages and review your documents securely. This system is called One Trust and after making the request you will be sent details about how to log on. 


Alternatively you can also send your request by email to  DSAR.UKandIE@sodexo.com , in writing to 310 Broadway, Salford, M50 2UE or by calling Sodexo PeopleCentre on 0845 603 3644 and asking for DSAR team. The team will liaise with you about how you to contact you about your request and receive information.  Please note that it is usually necessary to arrange a telephone appointment to discuss your request once it has been made.


If you wish to unsubscribe to marketing emails communications, you can also do so by using the unsubscribe function on the email.

How long will my personal data be held

Generally, the Personal data collected through the App will be deleted after 12 months of inactivity/closure of the account or three years after its collection unless it is required to kept for a legal reason.

How will I be notified if the uses of my data change?

If the use of your Personal data in the App significantly change, we will issue an updated Policy and/or take other steps to notify You beforehand of such changes so that You may review them and check whether they are acceptable (to the extent necessary) to You.

Who is my local system administrator?

If You should require any further information concerning this Policy and/or the App, please contact our Customer Support Team by raising a ticket in the “Support” menu option within the Everyday (formerly known as Twelve Pay)