Personal data

heiko-poke-bordeaux-ayres

1. Introduction

This personal data protection policy (the " Policy ("Heiko") describes the methods Heiko uses on its own behalf and on behalf of its subsidiaries ("Heiko"). Heiko "or " we We use the "personal data protection" ("PDS") policy to collect, use, protect and share the personal data of people who visit our restaurants, use our websites and/or mobile applications, and/or interact with us in any other way, including through our customer service, loyalty or relationship programs, and/or on social networks.

Heiko is committed to protecting personal data, with a view to fostering innovation while building a lasting relationship of trust based on shared social responsibility and respect for individual rights and freedoms.

This Policy applies to France. Its main purpose is to describe the way in which Heiko, as data controller, collects, uses, protects and shares the personal data of its contacts. In a concise, transparent, comprehensible and easily accessible format, it gathers information concerning the data processing implemented to enable contacts to understand under what conditions their data is processed, what their rights are in this respect and to present Heiko's commitments in its capacity as data controller.

This Policy is independent of any other document that may apply within the contractual relationship we may have with our contacts (cookies, commercial or partnership contracts, etc.).

We draw the attention of our contacts to the fact that many of our restaurants are operated by licensees or franchisees, i.e. independent merchants responsible for their own operations. This Policy does not apply to our licensees and/or franchisees, nor to their third-party websites or third-party mobile applications. To find out how our licensees and/or franchisees use the personal information of their contacts, please consult their own privacy and data protection policies.

For a better understanding of this Policy, it is specified that :

  • "Customer(s)", "Contact(s)" or "Applicant(s)" refers to any natural or legal person who has a relationship with Heiko or its subsidiaries (customers, applicants, partners, etc.);
  • "Data controller" means any natural or legal person who determines the purposes and means of the personal data processing operations defined in this Policy;
  • "Processor" refers to any natural or legal person who processes personal data on behalf of the data controller (in practice, this refers to the service providers with whom we work and who are involved in the processing of personal data);
  • "Recipients" refers to the natural or legal persons who receive personal data, and may therefore include both internal and external recipients.

2. About the personal data you give us

Depending on how you interact with us, you may be required to provide us with the following data:

  • personal information (names, postal and e-mail addresses, telephone numbers, date of birth, etc.), when you register for our online services, connect to our Wi-Fi network, participate in one of our games or through our online services; including when you apply as a franchise candidate or for an employee position;
  • information about your transactions (products purchased, prices, payment methods, payment details, etc.);
  • information about the account you use to access our online services, purchase or use our products and services (username, password or other identifier);
  • information about your profile (products and services you like, special times to visit us, etc.);
  • any other personal data that you agree to communicate to us when you interact with us.

3. About personal data we collect by automated means

We use automated technologies to collect data from your computer or mobile device (phone or tablet) when you visit our restaurants and use our online or on-site restaurant services. These automated technologies include cookies, local shared objects and web beacons. Further information is available in section 6 below.

We may therefore collect the following data

  • your IP (Internet Protocol) address ;
  • the dates and times when you access our online or on-site services;
  • the names and URLs of files consulted using our online services;
  • the type of operating system and browser used on the computer or cell phone;
  • the type of mobile device used and its settings ;
  • the Unique Device Identifier (UDID) or Mobile Equipment Identifier (MEID) associated with your cell phone;
  • the serial number of the device and its components;
  • advertising identifiers (IDFA and IFAex.) or other similar identifiers ;
  • the reference application or website (i.e. the site that led you to ours) and ;
  • the use you make of our online services (the pages consulted on our sites or in our mobile applications, for example).

Our online and on-site services enable us to collect precise information about the location of your mobile device (phone or tablet) or computer using geolocation functionality and technologies such as GPS, Wi-Fi, Bluetooth or nearby base stations. For most mobile devices and computers, you will be asked to authorize Heiko to process this information.

For most mobile devices and computers, you will be asked to authorize Heiko to process this information. You can revoke this authorization by changing your device or browser settings. If you would like to know how to prevent us from collecting specific information about your location, we recommend that you contact the supplier of your mobile device, its manufacturer or your browser provider. Some of our online or on-site services may not function properly without your location information. If you would like us to remove your location information from our records, please contact our Data Protection Officer, whose contact details are given at the bottom of this page.

We may be required by law to retain certain information.

4. How we use the personal data we collect

We may collect data about you from other companies and entities, including public databases, social networks or third-party partners such as analytics or marketing service providers. We may also collect publicly available information, such as your profile, when you interact with us on social networks. The latter also enable us to collect communications addressed to us or concerning us.

We may combine the data you provide with data collected by automated means and from other sources.

5. How we use the personal data we collect

We may use the personal data we collect for the purposes described below:

  • To provide our services and establish a contractual relationship with you;
  • Responding to your requests, fulfilling orders and processing payments for our online products and services;
  • Communicate with you regarding orders, purchases or accounts you make or hold with us, your requests, our loyalty program (Pongo external site), your questions (contact);
  • Provide you with our online services (including websites and mobile applications);
  • Provide customer support,
  • Contact you if you have applied as a licensee and/or franchisee or employee.

 

To inform you, improve our services and pursue the following legitimate business interests:

  • To let you know about our products and services, offers, news, promotions or events that we think may be of interest to you;
  • To offer you the best customer experience in our restaurants and with our online services;
  • To manage our business, including developing new products and services, conducting consumer and operational research, and evaluating the effectiveness of our sales and marketing activities;
  • Maintain, manage and improve our products, offers, promotions, online services and other technologies;
  • Guarantee the security of our network and systems.

Comply with applicable legislation:

  • Identify, prevent and protect against fraud and other offences, claims and liabilities;
  • Comply with our legal obligations and policies;
  • Establish, exercise or defend legal rights; and
  • Monitor and report non-compliance issues.
 

Provided you authorize us to do so (where required by applicable law), we may use the personal data we collect for the following purposes:

  • Send you e-mails or text messages via cell phone about our products and services as well as games, offers, promotions or events that we think may be of interest to you;
  • Providing services using geolocation ;
  • Activating cookies and similar technologies ;
  • Provide you with our online services (including upcoming websites and mobile applications).
 

We may use the information we collect about you in other ways. In such cases, we will inform you at the time of collection or ask for your consent.

How we share the personal data we collect

We do not sell any of your personal data and share it only in the ways set out in this privacy policy.

We may share your personal data within the Heiko group, which includes our subsidiaries, licensees, franchisees and subcontractors authorized to process your personal data.

We may share your personal information with service providers who provide us with services such as: fulfilling orders, delivering goods, providing data processing and other information technology services, managing promotions, contests, raffles and lotteries, conducting research and analysis, and providing a personalized experience for each Heiko customer. We prohibit them from using or sharing this information for any purpose other than to provide services on our behalf.

For strategic or other business reasons, we may decide to sell or transfer some or all of our business. As part of such a sale or transfer, we may transfer the information we have collected and retained (including personal data) to any person or entity involved in the transaction.

We may share information that does not directly identify you, such as anonymous aggregated statistics about your use of our online services. We may also combine information about you with information about other customers and share it in such a way that it cannot be associated with a specific customer.

We may use or share personal data as necessary to comply with any law, regulation or legal requirement, to protect our online and on-site services, to initiate or defend legal proceedings, to protect the rights, interests and safety of our organization, our employees, our franchisees or the general public, or in connection with the investigation of fraud or any other breach or violation of our policies.

6. Children's privacy policy and notice to parents and guardians

Children's privacy is important to us. We believe that children's use of the Internet and e-mail raises certain privacy and security issues relating to personal data.

We recommend that all parents check and monitor their children's online activities.

7. Your choices

Marketing communications

If you have agreed to receive marketing communications from Heiko, you have the option of reversing this decision at a later date by following the instructions contained in the communications in question. You can also change your preferences in your phone settings, or opt out of receiving these communications by contacting us.

Even if you opt out of receiving marketing communications from us, we may continue to send you communications regarding your transactions, accounts you have with us, and any games, contests, raffles or lotteries you have entered. Opting out of receiving one type of communication does not mean you opt out of receiving other types of communications. For example, even if you opt out of receiving marketing e-mails, you will continue to receive marketing text messages (SMS) if you have subscribed to this option via our partners, for example. Please note that if you receive communications from a Heiko licensee and/or franchisee, and/or from an external service provider, and/or from an external service (loyalty), you will have to contact them directly to stop these mailings.

We do not share any personal data with third parties for their own direct marketing activities.

8. Terms of use of our online services and other technologies

We and our service providers use cookies, web beacons and similar technologies in connection with our online services and other areas related to our business (such as online advertising) in order to collect information and provide you with the services or products you have requested. Cookies and other technologies

A "cookie" is a small text file that may be stored on your computer, smartphone, tablet or other device when you visit our website in order to collect information about your browsing.

A cookie enables its issuer to identify the computer or application in which it is stored, for the duration of the cookie's validity. Only the sender of a cookie can read or modify the information contained in it.

Please note that cookies do not collect any information from your personal files or documents on your computer. Furthermore, cookies cannot transmit viruses to your applications.

A "web beacon" is a small object or image embedded in a web page, application or e-mail, which tracks user activity. Also known as a "pixel" or "tag".

Please note the following:

  • A cookie may be sent to you when you use our online services.
  • Some of the functions we offer require the use of cookies and similar technologies.
  • The cookies and other tracking technologies we use may be either session-based (for the duration of your visit) or permanent (for a specific period of time).
  • Our online services and other areas related to our business may be accompanied by web beacons.

We use cookies, web beacons and similar technologies to collect information for the purposes set out in this privacy policy. We may also combine information collected through these technologies with information about you collected by us through other means described in this Privacy Policy.

We may use these technologies for the following purposes:

  • You identify yourself or your device unequivocally;
  • To enable you to access and use our online services smoothly (which would not necessarily be the case in their absence);
  • Reinforce system security where necessary;
  • To statistically measure the use of our websites and mobile applications;
  • Improve our products and services;
  • Monitor the performance (traffic, errors, page load times, popular sections, etc.) of our online services;
  • Recognize you when you access our online services, to facilitate your browsing;
  • Get your attention with targeted advertising; and
  • The other purposes set out in the section of this privacy policy entitled "Our use of collected information".


You can set your browser not to accept cookies, or to notify you when you receive one. Simply click on the "Help" section of your browser to learn how to modify your preferences in this respect. If you disable all cookies, you may not be able to access all website functions.

 

Targeted advertising

When you use our online services, we (and our service providers) may collect information about your activities that enables us to provide you with personalized advertisements.

As we are part of several advertising networks, you may see ads on other websites. Through these networks, we can target the information we send you based on your interests, other information about you and contextual means. These networks track your online activities over time by collecting information using cookies, web beacons and web server logs. They use this information to show you ads that may be of interest to you. The networks of which we are a part collect information about the websites you visit (such as the pages or ads you view, or how you use them) when these sites are also part of the networks in question. We use this information to offer you personalized ads - both via our online services and on third-party websites belonging to the advertising networks - and to evaluate the effectiveness of our marketing actions.

9. Links to other websites and social networks

Our online services may contain links to websites operated by third parties and not by Heiko. If you visit one of these sites, we recommend that you consult its privacy policy, terms and conditions and other policies. We are not responsible for the policies and practices of third parties. The information you provide to them is treated in accordance with their own privacy policies, terms and conditions and other policies.

Our online services may also contain applications, tools, widgets and plug-ins from other suppliers. These providers may also use automated means to collect information about how you use these features. They process your information in accordance with their own policies.

10. Sharing your personal data

This section replaces the sharing arrangements set out in Heiko's privacy policy. The personal data you provide to us may be shared with our subcontractors who provide services to us in connection with the management of our websites and your loyalty program and our online ordering tools and in particular :

  • To the service providers in charge of hosting and developing our sites and application;
  • The service providers responsible for putting the Clck & Collect service online (Innovorder or Zelty)
  • The Stripe or Paygreen service provider in charge of managing the payment module to enable payments to be made;
  • The service provider in charge of managing our loyalty program (Pongo);
  • Service providers in charge of segmentation, emailing and push notification;
  • To the service providers in charge of managing our competitions...

11. Bank details

This section replaces the sharing arrangements set out in Heiko's privacy policy. The personal data you provide to us may be shared with our subcontractors who provide services to us in connection with the management of our websites and your loyalty program and our online ordering tools and in particular :

  • To the service providers in charge of hosting and developing our sites and application;
  • The service providers responsible for putting the Clck & Collect service online (Innovorder or Zelty)
  • The Stripe or Paygreen service provider in charge of managing the payment module to enable payments to be made;
  • The service provider in charge of managing our loyalty program (Pongo);
  • Service providers in charge of segmentation, emailing and push notification;
  • To the service providers in charge of managing our competitions...

12. Home delivery

If you choose the delivery service when ordering online, we will share some of your personal data (first name, last name, telephone number, address) with the delivery service provider (Uber Direct or Stuart). We will also share your personal data with the delivery company for the sole purpose of delivering your order, in accordance with the delivery company's data-sharing terms and conditions.

13. Protection of personal data

We are committed to taking appropriate measures to protect your personal data. Our technical, organizational and physical procedures are designed to protect personal data against accidental, unlawful or unauthorized access, loss, disclosure, use, alteration or destruction. Despite our efforts to protect our information systems, no website, mobile application, computer system or transmission of information via the Internet or any other public network can be guaranteed to be totally secure.

14. Data retention

We retain your information for as long as is necessary to carry out the activities set out in this policy and to comply with our rules on the retention of personal data (unless legislation requires a longer or shorter retention period).

These rules comply with applicable laws. We will retain and use your data to the extent necessary to fulfill our legal obligations (such as the obligation to retain your information in accordance with applicable tax laws), resolve disputes, enforce our agreements and carry out any other activities contemplated by this policy.

Your personal data is hosted by us at our hosting company ovh.com on servers located in France and in the European Union.

Exceptionally and for certain functions, your personal data may be transferred to a subcontractor located outside Europe. In this case, we will give preference to subcontractors recognized as "adequate" by the European Union, who must comply with our instructions and use your data only for the purposes of processing. 

15. Changes to our privacy policy

This Privacy Policy is effective as of the date indicated at the top of this page. It may be updated from time to time. By continuing to use our Services following the posting of changes, you agree to abide by those changes. We invite you to consult the Policy regularly in order to be informed of any changes.

16. Contact us

If you have any questions about our privacy practices, you can contact us at any time.

By post: SODEV - HEIKO, 15 rue Lafaurie Monbadon 33000 Bordeaux

By e-mail : hello@heiko-poke.com

Online: via the "Contact us" form