Page updated: October 2018 (v1)

This privacy policy governs your use of the software application Your Places (“Application”) for mobile devices. The Application is a click and collect app that allows mobile users a fast and convenient way to order their food and drink in advance

About this privacy policy

This privacy policy explains how we (Torus Connect Limited) collect, use, share and transfer your personal data when you use the mobile application Your Places.

Personal data is any information about you by which you can be identified. This can include information such as:

  • your name, date of birth, email address, postal address, phone number, mobile number;
  • debit card details.
  • information about your device (such as the IP address, which is a numerical code to identify your device that can provide information about the country, region or city where you are based); and
  • information relating to your personal circumstances and how you use our sites, apps and services.

Who we are and how to contact us

Torus Connect Ltd

Parker House, 44 Stafford Road, Wallington  SM6 9AA

If you want to contact us, you can find our contact details via the “Contact” menu button above.

What personal data we collect and how we use it

We collect personal data when you sign up for our services. This information is used to provide authentication services, allows the end merchant to process the transaction and provides the basis for a loyalty service.

When you register for a Your Places account on Your Places platform we collect:

  • your name;
  • your email address;
  • date of birth;

All of the above are stored with AES encryption on our servers.

When you register for a Your Places account, we assign you a unique ID that we use to recognise you when you are signed in to our services. This will recognise you if you sign in using the same account on a new device.

When you use our app, both we and the third party card processor (Alternative Payments Ltd) may also use cookies or similar technology to collect extra data, including:

  • your IP address – a numerical code to identify your device and which can provide information about the country, region or city where you are based;
  • details of your devices, for example, the unique device ID, unique advertising ID and browsers used to access our content.

You are advised to read the Alternative Payments Ltd privacy policy: www.judopay.com/legal/privacy-policy/

We will not collect special categories of data – such as information about your race, political opinions, religion, health or sexual orientation.

Using your social media details to sign into your Your Places account:

If you sign in to Your Places using your Facebook login details, you give permission to Facebook to share with us your email address and certain aspects of your Facebook profile if you have made these public on your Facebook profile. This only includes your first and last name, age range, link to your Facebook profile and profile picture. We do not have access to updates on your Facebook profile.

We will then use this information to form a profile for your account. If you remove the app from your Facebook settings, we will no longer have access to this data. However, we will still have the information that we received when you first set up your account using your Facebook login.

Using our app

The Your Places app gathers information about the items you have ordered. A list of previous transactions is cached in the local storage on your mobile device to allow the provision of a receipt for your purchases. You can delete this history in the settings of the app. Information on what you have viewed/ordered in the app and information on bugs and crashes is also sent to us. You can choose to receive notifications on your mobile device via the app. You can manage these notifications in the settings of the app.

How we collect personal data

We collect personal data when you:

  • sign up for the Your Places platform;
  • place an order on the Your Places platform;

Why we use your personal data

We use personal data collected through our platform for a number of purposes, including the following:

  • To provide the services you sign up for.
  • For internal administrative purposes, such as making you aware of any changes to our services.
  • To send marketing communications when we have your permission, or when permitted by law.
  • To personalise our services (for example, so you can sign in), remembering your settings, displaying personalised in-app recommendations and recognising you when you sign in on different devices.
  • To provide an optional personalised loyalty system, for example birthdays offers. We will give you the opportunity to opt in to this service, in accordance with GDPR regulations.
  • For statistical purposes such as analysing the performance of our sites and apps and to understand how visitors use them.  Any information used on this basis will be wholly anonymised.
  • To respond to your queries and to resolve complaints.
  • For security and fraud prevention, and to ensure that our sites and apps are safe and secure and used in line with our terms of use.
  • To comply with applicable laws and regulations.

Access permissions:

When you use the Your Places app, we ask for the following permissions to access particular functions of your mobile device:

  • For the Android version, we ask for permission to access the storage on your mobile device to allow secure saving of preferences, together with the camera and GPS to allow addition of new stores to your favourites list.
  • For the iOS version, we ask for identical permissions.

Legal grounds for using your personal data

We will only use your personal data where we have a legal ground to do so. We determine the legal grounds based on the purposes for which we have collected and used your personal data. In every case, the legal ground will be one of the following:

  • Consent: For example, where you have provided your consent for the personalised loyalty scheme. You can withdraw your consent at any time by removing your date of birth from your preferences.
  • Our legitimate interests: Where it is necessary for us to authenticate the user, maintain the operation of the app and for the end user to track their app usage through receipts and a history of transactions.
  • In the case of transaction dispute, sufficient information will be passed to the merchant to allow resolving of the matter.
  • Wholly anonymised data is provided to merchants to allow analysis of sales reporting, history of transactions etc.
  • We also store data on items purchased to allow personalised recommendations via the app.
  • Compliance with law: In some cases, we may have a legal obligation to use or keep your personal data.

Updating your personal data and your profile page on our sites

When you register for Your Places, you have access to a profile page. Under “edit profile” you can also update your information.

Using children’s personal data

We do not aim our app directly at children under the age of 13 and we do not knowingly collect personal data about children under 13.

Security of your personal data

We have implemented appropriate technical and organisational controls to protect your personal data against unauthorised processing and against accidental loss, damage or destruction. You are responsible for choosing a secure password when we ask you to set up a password to access our app. You should keep this password confidential and you should choose a password that you do not use on any other site. You should not share your password with anyone else, including anyone who works for us. Unfortunately, sending information via the internet is not completely secure. Although we will do our best to protect your personal data once with us, we cannot guarantee the security of any personal data sent to our site while still in transit and so you provide it at your own risk.

Who we share your personal data with

We do not share your personal data with other people or organisations that are not directly linked to us except under the following circumstances:

  • We may share your data with other organisations that provide services on our behalf such as dealing with online payments and other forms of payment processing, ie credit card transactions and preventing fraud.
  • We may reveal your personal data to any law enforcement agency, court, regulator, government authority or other organisation if we are required to do so to meet a legal or regulatory obligation, or otherwise to protect our rights or the rights of anyone else.
  • We may reveal your personal data to any other organisation that buys, or to which we transfer all, or substantially all, of our assets and business. If this sale or transfer takes place, we will use reasonable efforts to try to make sure that the organisation we transfer your personal data to uses it in line with our privacy policy.

Any organisations which access your data in the course of providing services on our behalf will be governed by strict contractual restrictions to make sure that they protect your data and keep to all data privacy laws that apply. We may also independently audit these service providers to make sure that they meet our standards.

International data transfers

Data we collect may be transferred to, stored and processed in any country or territory where one of our service providers are based or have facilities. While other countries or territories may not have the same standards of data protection as those in your home country, we will continue to protect personal data that we transfer in line with this privacy policy.

Whenever we transfer your personal data out of the European Economic Area (EEA), we ensure similar protection and put in place at least one of these safeguards:

  • We will only transfer your personal data to countries that have been found to provide an adequate level of protection for personal data.
  • We may also use specific approved contracts with our service providers that are based in countries outside the EEA. These contracts give your personal data the same protection it has in the EEA .
  • Where we use service providers in the United States, we may transfer personal data to them if they are part of the Privacy Shield scheme, which requires them to provide a similar level of protection of your personal data to what is required in the EEA.

How long we keep your personal data

We keep your personal data for only as long as we need to. How long we need you personal data depends on what we are using it for, as set out in this privacy policy. For example, we may need to use it to answer your queries about a product or service and as a result may keep personal data while you are still using our product or services. We may also need to keep your personal data for accounting purposes, for example, where you have bought a subscription. If we no longer need your data, we will delete it or make it anonymous by removing all details that identify you. If we have asked for your permission to process your personal data and we have no other lawful grounds to continue with that processing, and you withdraw your permission, we will delete your personal data. However, when you unsubscribe from marketing communications, we will keep your email address to ensure that we do not send you any marketing in future.

How we may contact you

Service communications

From time to time we may send you service emails, for example, thanking you when you place an order.

Marketing communications

If we have your permission, we may send you details of, or updates to, the loyalty system.

You can decide not to receive theses communications by removing your date of birth from the profile page.

Responding to your queries or complaints

If you have raised a query or a complaint with us, we may contact you to answer your query or to resolve your complaint.

Your rights with regard to the personal data that we hold about you

You have a right under GDPR regulations as follows:

  1. Right to amend your data.
  2. Right to remove your data.
  3. Right to see what information is held about you.

Any alterations to your data will be immediately reflected on our systems. Any data not required for our legitimate interests e.g. date of birth, can be removed on the profile page.  All information held on our systems is reflected onto the mobile device.

  • If you would like to have a copy of the personal data we hold on you or if you think that we hold incorrect personal data about you, all information held is reflected on the app itself and can be accessed and amended in-app.
  • Where you have provided us with consent to use your personal data, you can withdraw this at any time.
  • You also have the right to ask us to delete your personal data or restrict how it is used which is dealt with in-app. There may be exceptions to the right to erasure for specific legal reasons which, if applicable, we will set out for you in response to your request. Where applicable, you have the right to object to processing of your personal data for certain purposes.

We may need to request specific information from you to help us confirm your identity.

Requests for information held by Alternative Payments Ltd should be addressed directly to them via e-mail on: hkjhkjhjh

Contact us for information about how we use your personal data

If you have any questions about how we use your personal data or if you have a concern about how your personal data is used, please contact info@torusconnect.com

Complaints will be responded to within 30 days.

If you are not satisfied with the way your concern has been handled, you can refer your complaint to the Information Commissioner’s Office.

Changes to the Privacy Policy

If we decide to change our privacy policy we will post the changes here.


More information

This section is coming soon