We at Tabit Technologies Inc. (“Tabit” “us“, “we“, or “our“) recognize and respect the importance of maintaining the privacy of our users, customers and their end users. If not otherwise defined herein, capitalized terms have the meaning given to them in the Terms of Service, available here: Terms of Service (“Terms“). Tabit has previously entered into an agreement with a Restaurant for management of ordering and service through Tabit’s proprietary System. This Privacy Notice describes the types of information we collect from you when use the System and the Services as an Employee of a Restaurant, including as a Managing Employee. This Privacy Notice also explains how we collect, process, transfer, store and disclose the information collected, as well as your ability to control certain uses of the collected information. “You” means any adult user of the System and/or Services

Tabit Technologies Inc. and Tabit Technologies Ltd. serve as joint data controllers in respect of certain processing activities outlined in this Privacy Notice related to your use of our Services. Please contact us at support-us@tabit.cloud for further details regarding our arrangement as joint controllers. The registered office of Tabit Technologies Inc. is at 7700 Windrose Ave, Suite G30, Plano, TX 75024, and the registered office of Tabit Technologies Ltd. is at GreenWork, Building D, 1st floor, Mindspace Yakum 6097200, Israel and its registration number is 514759661.

In addition, the applicable Restaurant serves as a separate, independent controller with respect to Personal Data of its Managing Employees and Employees. If you are an Employee whose account is linked to more than one Restaurant, each Restaurant will serve as a separate, independent controller of your Personal Data.

“Personal Data” means any information that refers, is related to, or is associated with an identified or identifiable individual or as otherwise may be defined by applicable law. This Privacy Notice details which Personal Data is collected by us in connection with provision of the Services.

Privacy Notice Key Points 

• Personal Data We Collect, Uses and Legal Basis. Depending on your usage, we collect different types of data and we and any of our third-party sub-contractors and service providers use the data we collect for different purposes, as specified below. It is your voluntary decision whether to provide us with certain Personal Data, but if you refuse to provide such Personal Data we may not be able to register you to the System and/or provide you with the Services or part thereof.
  
  • Account Data – When you register to use our System and/or receive related Services as a Managing Employee or, if you are an Employee, when you are registered to use the System by a Managing Employee, we collect Personal Data including your name, email address, phone number. If you wish, you may choose to upload a photo that will be associated with your account. We will also have information regarding the Restaurant(s) for which you work and your position within such Restaurant(s), as applicable.
    
    • How we use this data: (1) to provide you with the System and Services and to respond to your inquiries and requests and to contact and communicate with you; and (2) to prevent fraud, protect the security of and address any problems with the System. (3) If you are a Managing Employee and have requested that we do so, to provide you with informational newsletters and promotional materials related to the System and Services, including via email. For more information about our direct marketing activities and how you can control your preferences, please see the Direct Marketing section below.
    • Legal Basis: (1) We process this Personal Data for the purpose of providing the System and Services to you, which is considered performance of a contract with you, including responding to your inquiries and requests and providing customer support. (2) When we process your Personal Data for the purposes of preventing fraud, protecting the security of and/or addressing problems with the System and Services and/or, if you are a Managing Employee, for the purpose of providing you with informational newsletters and promotional materials relating to our Services, such processing is based on our legitimate interests.
  • Usage Information – When you use the System and Services, we collect information about your use of the System, which may include attendance records, such as the times when you sign in and out and other activities on the System.
    
    • How we use this data: We use this data to provide you with the System and Services.
    • Legal Basis: We process this Personal Data for the purpose of providing the System and Services to you, which is considered performance of a contract with you.
  • Facial Recognition/Special Categories – Depending on the Restaurant for which you work, it may be possible to use certain facial recognition functionalities on the System and in order to do so, we will collect facial images. This is considered biometric data and may be subject to special protections under applicable law. We will only collect such data if you provide your explicit consent.
    
    • How we use this data: We use this Personal Data in order to provide facial recognition functionalities on the Systems and part of the Services we provide to the Restaurants and Employees, such as recognition of Employees for purposes of attendance records.
    • Legal Basis: We process this Personal Data based on your explicit consent. You may withdraw your consent by updating your preferences within your account or by contacting us at support-us@tabit.cloud. If you withdraw your consent by email, we will process your request as soon as reasonably possible, however it may take a few days for us to update our records before any opt out is effective.
  • Contact Information – When you request information from us, or contact us for any other reason, we will collect any data you provide, such as your email address and the content of your inquiry.
    
    • How we use this data: To respond to your request or inquiry.
    • Legal Basis: We process this Personal Data based on performance of a contract when we respond to your inquiry.
  • Automatically Collected Data – When you use the System, we automatically collect information about your mobile device, including your operating system, IP address, device ID, as well as your usage history on the System.
    
    • How we use this data: (1) to review usage and operations, including in an aggregated non-specific analytical manner, develop new products or services and improve current content, products, and Services and to improve users’ experiences using the System and Services; (2) to prevent fraud, protect the security of our System and Services, and address any problems with the System and/or Services.
    • Legal Basis: We process this Personal Data for our legitimate interests to develop our products and Services, review usage, perform analytics, prevent fraud, for our recordkeeping and protection of our legal rights.
  • Geo-Location – Subject to you consent, we may collect your (geo)location in connection with certain features within the System.
    
    • How we use this data: We use your location to provide you with certain location-based features. For example, if you are an Employee providing in delivery services, we collect your live location and share it with the Restaurant and the relevant Restaurant customer in order to provide them with updates about the status of deliveries.
    • Legal Basis: We process your location based on your consent. You may withdraw your consent at any point by changing your device settings. Please note that if you decline to provide consent, it may not be possible for us to provide you with the associated services.
      
      
• Additional Uses. We share the Personal Data we collect with our service providers and subcontractors who assist us in the operation of the Site and process the information on our behalf and under our instructions.
  
  • Statistical Information – By analyzing all information we receive, including all information concerning users we may compile statistical information across a variety of platforms and users (“Statistical Information“). Statistical Information helps understand trends and customer needs so that new products and services can be considered and so that existing products and services can be tailored to customer desires. Statistical Information is anonymous and aggregated and we will not link Statistical Information to any Personal Data. We may share such Statistical Information with our partners, without restriction, on commercial terms that we can determine at our sole discretion.
  • Analytcis – We and/or our service providers or subcontractors, use analytics tools (“Tools“), including “Google Analytics” to collect information about the use of the System and/or Services. Such Tools collect information such as how often users use the System, what pages they visit when they do so. We use the information we get from the Tools to improve our System and Services. Google’s ability to use and share information collected by Google Analytics about your usage of our Services is restricted by the Google Analytics Terms of Service located at http://www.google.com/analytics/terms/us.html and the Google Privacy Policy located at http://www.google.com/policies/privacy/.
  • Direct Marketing – As described above, if you are a Managing Employee and have requested that we do so, we may use Personal Data to let you know about our products and Services that we believe will be of interest to you. We may contact you by email, SMS, or through other communication channels. In all cases, we will respect your preferences for how you would like us to manage marketing activity with respect to you. To protect privacy rights and to ensure you have control over how we manage marketing with you:
  • We will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you.
  • You can ask us to stop sending email marketing by following the “unsubscribe” link you will find on all the marketing messages we send you. Alternatively you can contact us at support-us@tabit.cloud.
  • Legal Uses – We may use your Personal Data as required or permitted by any applicable law, for example, to comply with audit and other legal requirements.
    
    

Sharing the Personal Data We Collect

We share your information, including Personal Data, as follows:

Affiliates

Tabit Technologies Inc. and Tabit Technologies Ltd. share information, including your Personal Data with one another, where this is necessary to provide you with our products and Services, and for the purpose of management of our business.

Service Providers, and Subcontractors

We also disclose information, including Personal Data we collect from and/or about you, to our trusted service providers and subcontractors, who have agreed to confidentiality restrictions and who use such information solely on our behalf in order to: (1) help us provide you with the System and/or Services; (2) aid in their understanding of how users are using our System and/or Services; and (3) for the purpose of direct marketing (see above for more details).

Such service providers and subcontractors provide us with IT and system administration services, data backup, security, and storage services, data analysis and help us serve advertisements and provide other marketing services.

Data Controllers

When you use our System and/or Services, we also disclose your Personal Data to the applicable Restaurants, which act as independent, separate controllers with respect to the collection of your Personal Data. At their instruction we may share certain data additional parties, such as sharing data with their business partners or sharing location data with customers for the purposes of delivery-tracking.

Business Transfers

Your Personal Data may be disclosed to service providers, potential transactional partners, or other third parties in the context of, or during negotiations of, any merger, sale of company assets or acquisition (including in cases of liquidation) in such case, your Personal Data shall continue being subject to the provisions of this Privacy Notice.

Law Enforcement Related Disclosure

We may share your Personal Data with third parties: (i) if we believe in good faith that disclosure is appropriate to protect our or a third party’s rights, property or safety (including the enforcement this Privacy Notice); (ii) when required by law, regulation subpoena, court order or other law enforcement related issues, agencies and/or authorities; or (iii) as is necessary to comply with any legal and/or regulatory obligation.

• Internationl Transfer

We use subcontractors and service providers and have affiliates who are located in countries other than your own, such as the US and send them information we receive (including Personal Data). We conduct such international transfers for the purposes described above. We will ensure that these third parties will be subject to written agreements ensuring the same level of privacy and data protection as set forth in this Privacy Notice, including appropriate remedies in the event of the violation of your data protection rights in such third country.

Whenever we transfer your Personal Data to third parties based outside of the European Economic Area (“EEA”), we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• • We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the European Commission.
  • Where we use certain service providers, we may use specific contracts approved by the European Commission which give Personal Data the same protection it has in the EEA.
  • Where we use service providers based in the US, we may transfer Personal Data to them if they have been certified by the EU-US Data Privacy Framework, which requires them to provide similar protection to Personal Data shared between the EU and the US or any other arrangement which has been approved by the European Commission or other body having jurisdiction to approve such arrangement.

Please contact us at support-us@tabit.cloud if you would like further information on the specific mechanism used by us when transferring your Personal Data out of the EEA.

• Security.

We have implemented and maintain appropriate technical and organization security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorized disclosure or access to Personal Data appropriate to the nature of such data. The measures we take include:

• • Safeguards –

The physical, electronic, and procedural safeguards we employ to protect your Personal Data include secure servers and SSL encryption of data.

• • Access Control –

We dedicate efforts for a proper management of system entries and limit access only to authorized personnel on a need to know basis of least privilege rules, review permissions quarterly, and revoke access immediately after employee termination.

• • Internal Policies –

We maintain and regularly review and update our privacy related and information security policies.

• • Personnel –

We require new employees to sign non-disclosure agreements according to applicable law and industry customary practice.

• • Encryption –

We encrypt the data in transit using secure SSL protocols.

• • Database Backup –

Our databases are backed up on a periodic basis for certain data and are verified regularly. Backups are encrypted and stored within the production environment to preserve their confidentiality and integrity, are tested regularly to ensure availability, and are accessible only by authorized personnel.

However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect user IDs and passwords, please take appropriate measures to protect this information.

• Your Rights – How to Access and Limit Our Use of Certain Personal Data.

Depending on which laws apply, you have certain legal rights over your data. Below is some general information about rights that may apply to you but we recommend checking the law or consulting with a lawyer to understand what applies in your specific case. To exercise your rights, please contact us at support-us@tabit.cloud. If you want to exercise your rights regarding your Personal Data held by other controllers you can contact the applicable controller directly. We may ask for reasonable evidence to verify your identity before we can comply with any request.

• Right of Access –

You may have a right to know what Personal Data we collect about you. We may charge you with a fee to provide you with this information, if permitted by law. If we are unable to provide you with all the information you request, we will do our best to explain why. See Article 15 of the GDPR for more details, if your Personal Data is subject to GDPR.

• • Right to Correct Personal Data –

You may request that we update, complete, correct or delete inaccurate, incomplete, or outdated Personal Data. See Article 16 of the GDPR for more details, if your Personal Data is subject to GDPR.

• • Deletion of Personal Data (“Right to Be Forgotten”) –

If you are located in the EU, you may have the right to request that we delete your Personal Data. Note that we cannot restore information once it has been deleted. Even after you ask us to delete your Personal Data, we may be allowed to keep certain data for specific purposes under applicable law. See Article 17 of the GDPR for more details, if your Personal Data is subject to GDPR.

• • Right to Restrict Processing –

If you are located in the EU, you may have the right to ask us to stop processing your Personal Data. See Article 18 of the GDPR for more details, if your Personal Data is subject to GDPR.

• • Right to Data Portability –

If you are located in the EU, you may have the right to request that we provide you with a copy of the Personal Data you provided to us in a structured, commonly-used, and machine-readable format. See Article 20 of the GDPR for more details, if your Personal Data is subject to GDPR.

• • Right to Object –

If you are located in the EU, you may have the right object to certain processing activities. See Article 21 of the GDPR for more details, if your Personal Data is subject to GDPR.

• • Withdrawal of Consent –

If we are processing your data based on your consent, you are always free to withdraw your consent, however, this won’t affect processing we have done from before you withdrew your consent.

• • Right to Lodge a Complaint with Your Local Data Protection Authority –

If you are located in the EU, you have the right to submit a complaint to the relevant data protection authority if you have any concerns about how we are processing your Personal Data, though we ask that as a courtesy you please attempt to resolve any issues with us first.

• Data Retention.

  • Subject to applicable law, we retain Personal Data as necessary for the purposes set forth above. We may delete information from our systems without notice to you once we deem it is no longer necessary for these purposes. Retention by any of our processors may vary in accordance with the processor’s retention policy.
  • In some circumstances, we may store your Personal Data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, audit, accounting requirements and so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your Personal Data or dealings. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data, and whether those purposes can be achieved through other means, as well as applicable legal requirements.
  • Please contact us at support-us@tabit.cloud if you would like details regarding the retention periods for different types of your Personal Data.
    
    

• Cookies and Similar Technologies

We use cookies and similar technologies for a number of reasons, including to help personalize your experience and to personalize the ads we serve you. Third parties through which we provide the Services and/or our business partners may be placing and reading cookies on your browser, or using web beacons to collect information in the course of advertising being served on different websites. When visiting this App, you shall be notified of the use of and placement of cookies and other similar technologies on your device as specified herein.

What are Cookies?

A cookie is a small piece of text that is sent to a user’s browser or device. The browser provides this piece of text to the device of the originating user when this user returns.

• • A “session cookie” is temporary and will remain on your device until you leave the App.
  • A “persistent” cookie may be used to help save your settings and customizations across visits. It will remain on your device until you delete it.
  • First-party cookies are placed by us, while third-party cookies may be placed by a third party. We use both first- and third-party cookies.
  • We may use the terms “cookies” to refer to all technologies that we may use to store data in your browser or device or that collect information or help us identify you in the manner described above, such as local storage.
    
    

How We Use Cookies

We use cookies and similar technologies for a number of reasons, as specified below.

The specific names and types of the cookies, web beacons, and other similar technologies we use may change from time to time. However, the cookies we use generally fall into one of the following categories:

How to Adjust Your Preferences

Most Web browsers are initially configured to accept cookies, but you can change this setting so your browser either refuses all cookies or informs you when a cookie is being sent. In addition, you are free to delete any existing cookies at any time. Please note that some features of the Services may not function properly when cookies are disabled or removed. For example, if you delete cookies that store your account information or preferences, you will be required to input these each time you visit.

By changing your device settings, you can prevent your device’s ad identifier being used for interest-based advertising, or you can reset your device’s ad identifier. Typically, you can find the ad identifier settings under “privacy” or “ads” in your device’s settings, although settings may vary from device to device. Adjusting your preferences as described in this section herein does not mean you will no longer receive advertisements, it only means the advertisements that you do see will be less relevant to your interests.

Third Party Cookies

• • Google Analytics
    
    

• Communications.

We reserve the right to send you service-related communications, including service announcements and administrative messages, without offering you the opportunity to opt out of receiving them. Should you not wish to receive such communications, you may stop using the System and terminate your account.

• Children.

We do not knowingly collect Personal Data from children under the age of sixteen (16). In the event that you become aware that an individual under the age of sixteen (16) has enrolled or been enrolled without parental permission, please advise us immediately.

• Changes to the Privacy Notice.

We may update this Privacy Notice from time to time to keep it up to date with legal requirements and the way we operate our business, and we will place any updates on this webpage. Please come back to this page every now and then to make sure you are familiar with the latest version. If we make fundamental changes to this Privacy Notice, we will seek to inform you by notice on the System or per email.

• Comments and Questions.

If you have any comments or questions about this Privacy Notice, or if you wish to exercise your legal rights with respect to your Personal Data, please contact us at support-us@tabit.cloud.