Privacy Policy
Last Updated: 26 August 2025
Welcome to Dinerly.com Privacy Policy ("Privacy Policy").
At Dinerly.com ("we," "us," or "our"), safeguarding your privacy and protecting your Personal Data is at the core of our commitment. We operate in full compliance with the United Kingdom General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all other mandatory laws and regulations applicable in the United Kingdom.
This Privacy Policy outlines how we collect, process, and securely manage your Personal Data. It also details your privacy rights, explains how the law protects you, and sets forth the obligations and protocols our employees and staff members must follow when handling data.
We may gather and use data from various individuals, including but not limited to:
Restaurants
Customers of Restaurant Partners (who interact with restaurant websites powered by our software)
Other Business Contacts
Employees/Staff Members
Third parties connected to our restaurant partners' customers
General users of Dinerly.com websites
Any other individuals with whom Dinerly.com has a relationship or may need to contact.
This Privacy Policy applies universally to all our employees and staff members, and to all Personal Data processed by Dinerly.com at any given time.
By accessing or using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If we make significant changes to our privacy practices, we will inform you (for instance, through the Dinerly.com administrative console or via email).
1. Information We Collect
"Personal Data" means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store, and transfer different kinds of Personal Data about you. Not all of the following types of data will necessarily be collected from you, but this section outlines the full scope of Personal Data we may collect:
1.1 Types of Personal Data We Collect
Profile/Identity Data: Your first name, last name, gender, date of birth.
Contact Data: Your phone numbers, addresses, email addresses.
Marketing and Communications Data: Your preferences in receiving marketing information and other communications from us.
Billing Data: Information related to your debit and credit card (e.g., card type, last four digits, expiration date, name associated with the card, billing address).
Financial Data: Your banking details, such as account number and sort code (primarily for restaurant partner payouts or refunds).
Transactional Data: Details and records of payments you have made for our services (e.g., subscriptions) or for products/services purchased through restaurant websites powered by our software.
Technical Data: Your IP address, browser type and version, time zone setting and location, operating system and platform, and other technology on the devices you use to engage with us.
Usage Data: Information about how you use our website, products, and services (e.g., clicks, page views, feature interactions).
Customer Support Data: This includes personal information provided in feedback and survey responses when you contact our support channels.
1.2 Special Categories of Personal Data
For the purposes of our business, we may collect certain special categories of Personal Data as defined under the UK GDPR. We specifically collect:
Health Data: Information about food and drink allergies (e.g., when provided by a customer during an order on a restaurant's website powered by Dinerly).
In order to collect and process this special kind of data, we need enhanced legal justifications beyond the ordinary legal bases under the UK GDPR. We explain which justifications we rely on in Section 2.2 below.
1.3 How We Collect Personal Data
Information You Provide Directly to Dinerly.com: We collect Personal Data directly from you when you interact with Dinerly.com, such as when you sign up for our platform, manage your account, or contact us for inquiries, support, or marketing communications. If you apply for a job with us, we collect the information you submit in your application.
Information Collected When You Use Our Services: We collect Personal Data automatically as you, or your customers (for restaurants), use our Services.
Restaurant Customer Order & Interaction Data: When customers use a restaurant's website powered by Dinerly's software to place an order, make a booking, or engage with loyalty programs and feedback features, we collect the Personal Data they provide to facilitate these interactions.
Payment Processing: When you make a payment for your Dinerly.com subscription, or when a customer makes a payment through a restaurant's website powered by our Services, these payments are handled by a third-party payment processor, Stripe ("Payment Processor"). The Payment Processor may collect Personal Data from you or the customer, including Profile/Identity Data, Contact Data, Billing Data, and Payment Information. Dinerly.com does not collect, store, or directly process your or your customers' sensitive Payment Information (e.g., full credit card numbers). The collection and use of Personal Data by the Payment Processor are governed by their own terms and conditions and privacy policy. Any Personal Data we receive about you or your customers from our Payment Processor (e.g., confirmation of payment status) is governed by this Privacy Policy.
Automatic Usage & Device Data: We automatically collect Technical Data and Usage Data about your interaction with our Service and the device you use (e.g., Log Data, Device Information, Usage Patterns).
Cookies and Tracking Technologies: We use cookies and similar tracking technologies (e.g., web beacons, pixels) to monitor activity on our Service and gather certain information (which may include Technical Data and Usage Data). You can manage your cookie preferences through your browser settings, but note that disabling cookies may affect the functionality of some parts of our Service.
1.4 Information Related to Your Materials
As a restaurant, when you provide "Materials" (as defined in our Terms of Service) to power your website through Dinerly's software, we process this content. This includes:
Your trademarks, copyright content, descriptions of services you offer, photos, images, videos, graphics, written content, audio files, code, information, and other business content and data.
1.5 Aggregated Data
We also collect, use, and share Aggregated Data such as ordering trends across restaurants, average delivery times, menu item popularity, customer behavior patterns, and system usage metrics. This data is used to improve our platform, power insights within Dinerly AI, and occasionally share industry-wide trends in our marketing content. Aggregated Data never identifies any individual customer or restaurant. Aggregated Data could be derived from your Personal Data but is not considered Personal Data in law as this data will not directly or indirectly reveal your identity. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data, which will be used in accordance with this Privacy Policy.
We may also aggregate data to enable research or analysis so that we can better understand and serve you and others. For example, we may conduct research on your demographics and usage patterns. Although this aggregated data may be based in part on Personal Data, it does not identify you personally. We may share this type of anonymous data with others, including service providers, our affiliates, agents, and current and prospective business partners.
2. Legal Basis for Processing Personal Data
Under the UK GDPR, we must have a lawful basis to process your Personal Data. The primary legal bases we rely on are:
Consent: We may collect and process your Personal Data where you have given us explicit consent for a specific purpose, such as when you opt-in to receive email newsletters from us. You have the right to withdraw consent at any time where we are relying on consent to process your Personal Data.
Contractual Obligations: We may require certain Personal Data to fulfill our contractual obligations to you and to provide you with the Services you have requested. If you fail to provide this data, we may not be able to perform the contract we have or are trying to enter into with you.
Legal Compliance: We are legally required to collect and process certain types of Personal Data to comply with laws and regulations, such as those related to fraudulent activity, anti-money laundering, or tax obligations.
Legitimate Interest: We may process your Personal Data when it is necessary for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests. This covers aspects that can be reasonably expected as part of running our business, such as improving our Services, providing customer support, or understanding user behavior to enhance the platform. We ensure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Data for our legitimate interests.
2.2 Legal Basis for Special Categories of Data
For the special categories of Personal Data we collect, such as Health Data (food and drink allergies), we rely on one or more of the following enhanced legal justifications under the UK GDPR:
(a) Explicit Consent: The data subject has given explicit consent to the processing of such Personal Data for one or more specified purposes (e.g., a customer explicitly agrees to provide allergy information for a specific order).
(b) Substantial Public Interest: Processing is necessary for reasons of substantial public interest, on the basis of Union or Member State law which will be proportionate to the aim pursued, respect the essence of the right to data protection, and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject (e.g., ensuring food safety, particularly concerning allergies, can be argued under this basis, though explicit consent is often the primary reliance).
3. How We Use Your Information
We use the Personal Information we collect for the following purposes:
To Provide, Maintain, Debug, Improve, and Enhance Our Services: This includes operating our platform, processing subscriptions, managing accounts, and delivering the core features of Dinerly.com and the software powering restaurant websites, as well as fulfilling customer orders and bookings.
To Understand and Analyze Usage: To understand how you use our Services, analyze usage patterns, and develop new products, services, features, and functionality.
To Communicate with You: To send service-related announcements, provide updates and other information relating to our Services, respond to comments and questions, provide information that you request, and otherwise offer customer support.
To Facilitate Transactions and Payments: To manage billing and payment for Dinerly.com subscriptions through Stripe, and to process and relay payment confirmations for customer transactions on restaurant sites.
For Marketing Purposes: Such as developing and providing promotional and advertising materials that may be useful, relevant, valuable, or otherwise of interest to you, based on your interactions with us and your preferences.
For Security, Fraud Prevention, and Trust & Safety: To find and prevent fraud, protect Dinerly.com, our users, restaurant partners, and their customers from unauthorized access and other illegal activities, and respond to any trust and safety issues that may arise.
For Compliance and Legal Enforcement: To comply with legal, regulatory, or tax requirements, enforce our Terms of Service or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency.
For Recruitment: To process and evaluate job applications.
For Other Purposes: For other purposes for which we provide specific notice at the time the Personal Data is collected.
4. How We Share Your Information
We do not share or otherwise disclose personal information we collect from or about you except as described below or otherwise disclosed to you at the time of collection.
To Facilitate Orders and Deliveries: When a customer places an order with a restaurant through our Services, we share their personal information with the specific restaurant from which they ordered. If the order is for delivery, we will also share relevant personal information with the designated delivery drivers to facilitate order fulfillment.
For Dispute Resolution: If you have an issue with an order or service provided through our Services and you contact us for support, we may share your personal information with the relevant restaurant or delivery driver to assist in resolving your issue.
With Vendors and Service Providers: We may share any personal information we receive with various vendors and external service providers retained to assist us with the provision, operation, and improvement of our Services (e.g., hosting, analytics, customer support platforms).
Stripe: For processing all subscription payments made to Dinerly.com and facilitating customer payments on Dinerly-powered restaurant websites. Your Payment Information is shared directly with Stripe, and their terms and privacy policy govern their handling of your (and your customers') data.
For Marketing Purposes (with Permission): We do not rent, sell, or share personal information about you with our affiliates or unaffiliated companies for their direct marketing purposes unless we have your explicit permission.
With Analytics Partners: We may utilize analytics services, such as Google Analytics, to collect and process certain usage and analytics data. These services may also gather information about your interactions with other websites, applications, and online resources.
With Third-Party Providers (Enabled by You): If you, as a restaurant partner, choose to install or enable Third-Party Services (e.g., integrations, apps) for use with your Dinerly-powered website, you grant us permission to share your (and potentially your customers') data and Materials with the applicable Third-Party Provider as required for the interoperation of that service. Your interaction with these providers is governed by their respective terms and privacy policies.
With Affiliates and Business Partners: We may share information with our affiliated entities and business partners for purposes consistent with this Privacy Policy, such as providing integrated services or conducting joint promotions.
As Required by Law and for Similar Disclosures: We may access, preserve, and disclose your personal information if we believe such action is required or appropriate to: (a) comply with law enforcement requests, legal processes (such as a court order or subpoena), or government regulations; (b) respond to your requests; or (c) protect your rights, our rights, the property, or the safety of Dinerly.com, our users, or others.
In Connection with Business Transfers: We may transfer your personal information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction, such as if we are acquired by or merge with another company, or if we sell, liquidate, or transfer all or a portion of our assets.
With Your Consent: We may also disclose your personal information with your explicit permission for other purposes not outlined above.
5. Data Security
The security of your data is important to us. We implement reasonable administrative, technical, and physical safeguards designed to protect the information we collect from unauthorized access, use, or disclosure. However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
6. Your Data Protection Rights
Under certain circumstances, you have the following rights under data protection laws in relation to your personal data:
Right to Be Informed: You have the right to be informed about our purposes for processing your personal data, how long we store it for, and who it will be shared with. We have provided this information to you in this Privacy Policy.
Right of Access: This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it (also known as a "data subject access request").
Right to Rectification: You have the right to request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Right to Erasure ("Right to Be Forgotten"): You have the right to ask us to delete or remove personal data where there is no good reason for us continuing to process it, where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully, or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons, which will be notified to you, if applicable, at the time of your request.
Right to Object to Processing: You can object to the processing of personal data we hold about you. This effectively allows you to stop or prevent us from processing your personal data. Note that this is not an absolute right and it only applies in certain circumstances, for example:
Where we are processing your personal data for direct marketing purposes.
Where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground, as you feel it impacts on your fundamental rights and freedoms.
In some cases, we may continue processing your data if we can demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Right to Restrict Processing: You have the right to request the restriction or suppression of your personal data. Note that this is not an absolute right and it only applies in certain circumstances:
If you want us to establish the data's accuracy.
Where our use of the data is unlawful, but you do not want us to erase it.
Where you need us to hold the data even if we no longer require it as you need it to establish, exercise, or defend legal claims.
You have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.
Right to Data Portability: You have the right to request the transfer of your personal data to you or to a third party. If you make such a request, we will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use, or where we used the information to perform a contract with you.
If you wish to make a request under any of these rights, please contact us at support@dinerly.com.
7. Data Retention
We will only retain your Personal Data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.
When we no longer need your Personal Data, we will securely destroy it in accordance with applicable laws and regulations.
In some circumstances, we may anonymize your Personal Data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
Note that we may not always be able to comply with your request for erasure for specific legal reasons, which will be notified to you at the time of your request, if applicable.
8. Third-Party Websites and Services
Our Service may contain links to websites or services operated by third parties, including restaurant websites powered by Dinerly's software and other Third-Party Services (as defined in our Terms of Service). This Privacy Policy applies to the data Dinerly.com collects and processes. It does not apply to the practices of other third parties. We are not responsible for the content, privacy policies, or practices of any third-party websites or services. We encourage you to review the privacy policies of any third-party sites or services you visit or interact with.
Sharing with Third-Party Providers
As a restaurant partner, if you choose to install or enable Third-Party Services (e.g., integrations or apps) on your Dinerly-powered website, you grant us permission to share your data and "Materials" with the applicable Third-Party Provider.
This is required for the interoperation of that service with our platform.
Your interaction with these providers is governed by their respective terms and privacy policies, not by our Privacy Policy.
Dinerly.com is not responsible for the content, privacy policies, or practices of any third-party websites or services.
We encourage you to review the privacy policies of any third-party sites or services you visit or interact with.
Any exchange of data between you and the Third-Party Provider is solely between you and that provider.
Dinerly.com is not responsible for any disclosure, modification, or deletion of your data that results from access by a Third-Party Service.
9. Children's Privacy
Our Service is not intended for individuals under the age of 18 or the age of majority in their jurisdiction, whichever is older. We do not knowingly collect personally identifiable information from anyone under these ages. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from anyone under the age of 18 without verification of parental consent, we take steps to remove that information from our servers.
10. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. If any changes are significant, we will let you know (for example, by sending an email to your Primary Email Address or through prominent notice on our Service). We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this policy. Your continued use of the Service after such modifications constitutes your acceptance of the revised Privacy Policy. We encourage you to review this Privacy Policy periodically for any changes.
11. Contact Us
If you have any questions about this Privacy Policy, please contact us at: support@dinerly.com
