hi@thenosh.co - Interested to learn more about our innovative F&B solution and how it can help your retail business? Get in touch with our team.
Our Privacy Policy
This Privacy Policy applies to the services and website(s) (“Platforms”) provided by
Nourish Limited trading as NOSH, a company incorporated in England and Wales with
company number 11676869 and whose registered office is at B03, Bourbon Studios,
The Biscuit Factory, 100 Drummond Road, SE16 4DG. (collectively and individually
referred to as “NOSH,” “we,” “our,” “us”) who is the controller and responsible for your
personal data.
We have appointed a data protection officer “DPO” who is responsible for overseeing
questions in relation to this Policy. If you have any questions about this Policy, including
any requests to exercise your legal rights, please contact the DPO at hi@thenosh.co.
What do we collect?
This Policy explains the way we use the information collected about you.
Unless otherwise defined in this Policy, terms used herein will have the same meaning
as those defined in the Nosh Terms of Use and Service Agreement.
“Personal data” is data that can be used to identify a natural person. During your access
and use of our Platforms and services, we collect personal data such as:
- Your name, gender, date of birth, nationality, telephone number, email address, contact address, identification number, and other related information;
- Your financial information (e.g., credit card numbers and bank account information);
- Personal data of other individuals (e.g., if you use our services to share content with other individuals, or invite them to use our Platforms or services); and
- Other information that we are required or authorized to collect under any applicable law to authenticate, identify, or verify any data that you have provided.
We do not collect any Special Categories of personal data about you (this includes
details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual
orientation, political opinions, trade union membership, information about your health,
and genetic and biometric data). Nor do we collect any information about criminal
convictions and offenses.
We may also collect personal data and information where required or permitted by any
applicable law.
We may also collect personal data and information from you when you submit an
enquiry, feedback, or email through our websites or other communication channels.
If you provide or allow the collection of personal data of anyone other than yourself, you warrant that you have informed him/her of the purposes for which we require his/her personal data and that he/she has consented to your disclosure of his/her personal data to us for those purposes.
If you provide or allow the collection of personal data of anyone other than yourself, you warrant that you have informed him/her of the purposes for which we require his/her personal data and that he/she has consented to your disclosure of his/her personal data to us for those purposes.
How we use personal data collected and our legal grounds for processing your information
We collect and use the personal data received from you for the purposes listed below
and any other related or associated purposes.
Service-related purposes
We collect and use your personal data for the purposes of providing you with the
services (on the basis that it is necessary for us to do so for the performance of our
contract or if it is in our legitimate interest to do so), such as:
- Providing you with the services that you have requested;
- To improve our service;
- Allow us to manage our service';
- Authenticating, operating, and maintaining your user account;
- Developing, operating, and improving our Platform, products, services, and content;
- To provide you with personalised services based on how you access and use our Platform and services;
- To send you important notices and announcements such as services-related information, modification to terms, rules, and software upgrading; and
- To respond to your feedback.
Business purposes
We may also collect and use your personal data for purposes connected or relevant to
our business (if it is in our legitimate interests to do so or pursuant to any legal
obligation we are subject to), such as:
- Complying with our legal obligations and requirements;
- Enforcing obligations owed to us, and contractual terms and conditions;
- Accounting, risk management, and record-keeping;
- Carrying out research, planning, and statistical analysis;
- To prevent, detect, process, and investigate fraudulent or other illegal activities, or mitigate the risk of occurrence of the aforementioned events;
- Staff training; and
- Any other reasonable purposes related to the aforesaid.
Business purposes
If you have consented, we may collect and use your personal data for additional
purposes such as:
- Inviting you to promote our Platforms and services on social media platforms;
- Informing you of our latest activities, special offers, and promotions;
- Informing you of other third-party products and/or services that you may be interested in;
- Inviting you to participate in polls and questionnaire surveys that may be conducted by us and/or third parties; and
- Publicizing your feedback about us and/or our services on our marketing materials (including but not limited to newspapers, social media channels, etc.).
Contacting you
When using your personal data to contact you for the above purposes, we may contact
you via regular mail, email, SMS, telephone, push notifications (on your devices) or
other means. You may determine the type and manner of information that you will Our Privacy Policy 4
receive from us by adjusting your communication preferences on our Platforms or your
device.
You can ask us to stop sending you marketing messages at any time by following the
opt-out links on any marketing message sent to you or by contacting us at any time.
We will only use your data for the purpose it was collected. If we need to use your
personal data for an unrelated purpose, we will notify you and we will explain the legal
basis which allows us to do so.
Cookies
Cookies are files with small amounts of data that are commonly used as an anonymous
unique identifier. These are sent to your browser from the website that you visit and are
stored on your device’s internal memory.
Our service does not use “cookies” explicitly. However, we may use third-party code and libraries that use “cookies” to collect information and to improve their services. You have the option to either accept or refuse these cookies and know when a cookie is being sent to your device. If you choose to refuse our cookies, you may not be able to use some portions of our service.
Our service does not use “cookies” explicitly. However, we may use third-party code and libraries that use “cookies” to collect information and to improve their services. You have the option to either accept or refuse these cookies and know when a cookie is being sent to your device. If you choose to refuse our cookies, you may not be able to use some portions of our service.
Disclosure of Personal data, Disclosure to service providers
We may disclose your personal data with third parties such as:
- Our service providers and data processors that provide services to us (e.g., accounting, hosting and maintenance services, data analytics services, e-mail message services, delivery services, payment transactions services, marketing, etc.); and
- Our consultants and professional advisors (e.g., accountants, lawyers, auditors).
Disclosure for corporate transactions
We and our affiliates may be engaged in business asset transactions e.g. mergers,
acquisitions and transfer of assets. In such circumstances, we may transfer and/or
disclose your personal data to facilitate the completion of the transactions.
Other permitted disclosure
We may disclose your personal data as required or permitted by law, e.g., to regulatory
authorities, statutory bodies, or public agencies to comply with their requirements,
policies, and directives.
We want to inform users that these third parties have access to your Personal data. The reason is to perform the tasks assigned to them on our behalf. However, they are obligated not to disclose or use the information for any other purpose. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We will not transfer personal data relating to you to a country which is outside the European Economic Area (EEA) unless:
We want to inform users that these third parties have access to your Personal data. The reason is to perform the tasks assigned to them on our behalf. However, they are obligated not to disclose or use the information for any other purpose. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We will not transfer personal data relating to you to a country which is outside the European Economic Area (EEA) unless:
- The country or recipient is covered by an adequacy decision of the Commission under GDPR Article 45;
- Appropriate safeguards have been put in place which meet the requirements of GDPR Article 46 (for example using the European Commission's Standard Model Clauses for transfers of personal data outside the EEA); or
- One of the derogations for specific situations under GDPR Article 49 is applicable to the transfer. These include (in summary):
- The country or recipient is covered by an adequacy decision of the Commission under GDPR Article 45;
- with you; or
- with a third party where the contract is in your interests;
- the transfer is necessary for the establishment, exercise, or defense of legal claims;
- you have provided your explicit consent to the transf er; or
- the transfer is of a limited nature and is necessary for the purpose of our compelling legitimate interests.
Retention and protection of personal data
We will retain your personal data for so long as we need the personal data for to fulfill
the purpose we collected it for, and for our business and legal purposes. We will Our Privacy Policy 6
dispose of or delete such information if it is no longer necessary for us to retain your
personal data.
We will take reasonable precautions to safeguard your personal data to prevent the
loss, improper use, or unauthorized disclosure of your personal data. However, we
cannot be held responsible for any safety or security breach (e.g., hacking) that is
beyond our control.
When you use our Platforms and services, you may choose to share and upload your personal data to be publicly available to other users. We are not responsible for protecting and may not be able to remove from our Platforms any personal data that you have made publicly available. Please carefully consider any content that you share, upload, release, or communicate through our Platforms and services.
When you use our Platforms and services, you may choose to share and upload your personal data to be publicly available to other users. We are not responsible for protecting and may not be able to remove from our Platforms any personal data that you have made publicly available. Please carefully consider any content that you share, upload, release, or communicate through our Platforms and services.
About integrating third-party SDKs
Nosh currently integrates third-party SDKs in order to collect users’ usage behaviour of
website features, including: the number of times users click function buttons in a certain
period of time, and the path behaviour of users entering key pages.
This collection will not compromise the user’s privacy in any way. This will be used exclusively to optimize the behaviour functionality to improve the user experience.
This collection will not compromise the user’s privacy in any way. This will be used exclusively to optimize the behaviour functionality to improve the user experience.
Your rights
Your provision of personal data to us is voluntary. If you choose not to provide us with
your personal data, it may not be possible for us to provide you with access to our
Platforms or the services that you require.
It is important that the personal data we hold about you is accurate and current. Please
keep us informed if your personal data changes during your relationship with us.
You have the following rights under data protection laws:
- The right to access - You have the right to request us for copies of your personal data. We may charge you a small fee for this service.
- The right to rectification - You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
- The right to erasure - You have the right to request that we erase your personal data, under certain conditions.
- The right to restrict processing - You have the right to request that we restrict the processing of your personal data, under certain conditions.
- The right to object to processing - You have the right to object to our processing of your personal data, under certain conditions.
- The right to data portability - You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to
exercise any of these rights, please contact us using the contact details provided in this
Policy.
Changes to our Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes
by posting the new Privacy Policy on this page.
This Policy is effective as of October 1st 2022.
This Policy is effective as of October 1st 2022.