Privacy Policy
Effective Date: September 26, 2022
Welcome to Dylish. This “Privacy Policy” describes the privacy practices of Dylish LLC (“Dylish”, “we”, “us”, or “our”) in connection with the www.dylish.com website, the progressive web applications operated by Dylish on behalf of our restaurant customers (the “Restaurant Apps”), and the services provided via such website and web applications (including, but not limited to, the Restaurant Apps) (collectively, the “Service”), and the rights and choices available to individuals with respect to their information.
Table of Contents
- Personal Information We Collect
- How We Use Your Personal Information
- How We Share Your Personal Information
- Your Choices
- Other Sites, Applications, and Services
- Security Practices
- International Data Transfers
- Children
- Changes to This Privacy Policy
- How to Contact Us
- Information for California Residents – Your California Privacy Rights
Personal Information We Collect
Information You Provide to Us. Personal information you provide to us through the Service or otherwise include:
- Account information, such as your account registration information, username, password, account activity information, your order activities, and your visit and login activity information, including the date and time, and other automatically-logged information described below in the “Cookies and Other Information Collected by Automated Means” part of this section.
- Content you choose to upload to the Service, such as text, along with the metadata associated with the text you upload.
- Customer contact information, such as your first and last name, your email, delivery and billing addresses, and your phone number.
- Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online.
- Demographic Information, such as your city, state, country of residence, postal code, and age.
- Financial information, such as your payment card information or other payment method, held only in the form of a token.
- Precise geolocation information, such as when you authorize Restaurant Apps to access your location, as described below in the “Geolocation Information We Obtain” part of this section.
- Transaction information, such as information about payments to and from you, other customer order details (date, time, name, phone number, delivery address, notes, menu items and quantities, restaurants ordered from, and order amount), and other restaurant order details (order manipulation activities and account connection keys for the delivery service and processing gateway).
- Any data, information, or content you make available via the Service, including via a Branded App, such as your communications with Restaurants via the Branded Apps, including the content and timing thereof.
- Vehicle information, such as license plate number and/or the make and model of your car, if you select curbside pickup when placing your order.
- Usage information, such as information about how you use the Service and interact with us, including information associated with any content you upload to the websites or otherwise submit to us, and information you provide when you use any interactive features of the Service.
- Marketing information, such as your preferences for receiving communications about our activities, events, and publications, and details about how you engage with our communications.
- Restaurant information, such as your restaurant’s contact information (restaurant name, phone number, fax number, address, and registered mailing address), your restaurant’s business-related information (menu, pricing, tax rate, etc.), and your restaurant owner’s contact information (name, phone number, and email address).
- Other information that we may collect which is not specifically listed here, but which we will use in accordance with this Privacy Policy or as otherwise disclosed at the time of collection.
Information We Obtain from Social Media Platforms. We may maintain pages for Dylish on social media platforms, such as Facebook, LinkedIn, Twitter, Google, YouTube, Instagram, and other third-party platforms. When you visit or interact with our pages on those platforms, the platform provider’s privacy policy will apply to your interactions and their collection, use, and processing of your personal information. You or the platforms may provide us with information through the platform, and we will treat such information in accordance with this Privacy Policy.
Information We Obtain from Other Third Parties. We may receive personal information about you from third-party sources. For example, a business partner may share your contact information with us if you have expressed interest in learning specifically about our products or services, or the types of products or services we offer. We may obtain your personal information from other third-parties, such as marketing partners, restaurants, delivery service providers, publicly-available sources, and data providers.
Geolocation Information We Obtain. To provide access to the Service while you are using the Restaurant Apps, we automatically collect geolocation information from your mobile device, your wireless carrier, or certain third-party service providers (as described below in the “Cookies and Other Information Collected by Automated Means” part of this section). Collection of such geolocation information of yours occurs only when the Service is running on your mobile device. You may control the collection of such geolocation information through the user settings on your device. You may decline to allow us to collect such geolocation information, and revoke any previously given consent to do so, at any time. In either case, please be aware that there are certain services that we will be unable to provide to you as a result.
Note that we use Google Maps and the Google Maps API as part of our Service. The Google Privacy Policy (at: https://policies.google.com/privacy or such other URL as Google may provide) is hereby incorporated by reference. Note that we also use the Census Geocoder and the Geocoding Services Web API to optimize the Service and corresponding delivery between the restaurant and you, by matching your geolocation information with the restaurant’s geolocation information. You may view the Census Bureau’s Privacy Policy here: https://www.census.gov/about/policies/privacy/privacy-policy.html.
Cookies and Other Information Collected by Automated Means.
We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and activity occurring on or through the Service, including but not limited to, your computer or mobile device operating system type and version number, manufacturer and model, carrier and network type, device identifier, browser type and language, screen resolution, IP address (which may consist of a static or dynamic IP address and will sometimes point to a specific identifiable computer or device), the website you visited before and after browsing to our website, general location information such as city, state or geographic area; information about your use of and actions on the Service, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access; and other personal information. Our service providers and business partners may collect this type of information over time and across third-party websites and applications.
On our web pages, this information is collected using cookies, browser web storage (also known as locally stored objects, or “LSOs”), web beacons, and similar technologies, and our emails may also contain web beacons. In our Restaurant Apps, we may collect this information directly or through our use of third-party software development kits (“SDKs”). SDKs may enable third parties to collect information directly from our Restaurant Apps.
A “cookie” is a text file that websites send to a visitor’s computer or other internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. Browser web storage, or LSOs, are used for similar purposes as cookies. Browser web storage enables the storage of a larger amount of data than cookies. A “web beacon,” also known as a pixel tag or clear GIF, is typically used to demonstrate that a webpage was accessed or that certain content was viewed, typically to measure the success of our marketing campaigns or engagement with our emails and to compile statistics about usage of our websites. An SDK is third-party computer code that we may incorporate into our Restaurant Apps that may be used for a variety of purposes, including to provide us with analytics regarding the use of our Restaurant Apps,to add features or functionality to our Restaurant Apps, or to facilitate online advertising.
Web browsers may offer users of our websites or Restaurant Apps the ability to disable receiving certain types of cookies; however, if cookies are disabled, some features or functionality of our websites or Restaurant Apps may not function correctly. Please see the “Targeted Online Advertising” section for information about how to exercise choice regarding the use of browsing behavior for purposes of targeted advertising.
Third Party Analytics.
We use third-party analytics services (such as Google Analytics and Facebook Analytics) to evaluate your use of the Services, compile reports on activity, collect demographic data, analyze performance metrics, and collect and evaluate other information relating to the Services and mobile and Internet usage. These third parties use cookies and other technologies to help analyze and provide us the data. By accessing and using the Services, you consent to the processing of data about you by these analytics providers in the manner and for the purposes set out in this Privacy Policy.For more information on Google Analytics and Facebook Analytics, including how to opt out from certain data collection, please visit https://www.google.com/analytics and https://analytics.facebook.com. Please be advised that if you opt out of any analytics service, you may not be able to use the full functionality of the Services.
How We Use Your Personal Information
We use your personal information for the following purposes and as otherwise described in this Privacy Policy or at the time of collection:
To Operate the Service. We use your personal information to:
- provide, operate, and improve the Service
- provide certain services to restaurants that use the Service, such as marketing services
- fulfill and deliver orders placed via the Service
- market and provide information about our products and services
- establish and maintain your user profile on the Service
- enable security features of the Service, such as by sending you security codes via email or SMS, and remembering devices from which you have previously logged in
- communicate with you about the Service, including by sending you notifications, announcements, updates, security alerts, and support and administrative messages
- understand your needs and interests, and personalize your experience with the Service and our communications
- provide support and maintenance for the Service
- to respond to your requests, questions, and feedback
For Research and Development. We analyze use of the Service to analyze and improve the Service and to develop new products and services, including by studying user demographics and use of the Service.
To Send You Marketing and Promotional Communications. We may send you Dylish-related marketing communications as permitted by law. You will have the ability to opt-out of our marketing and promotional communications as described in the Opt Out of Marketing section below.
To Display Advertisements. We work with advertising partners to display advertisements on social media sites, Google, Yelp, or elsewhere online. These advertisements are delivered by our advertising partners and may be targeted based on your use of the Service or your activity elsewhere online. To learn more about your choices in connection with advertisements, please see the section below titled “Targeted Online Advertising.”
To Comply with Laws. We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
For Compliance, Fraud Prevention, and Safety. We may use your personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) protect our, your, or others’ rights, privacy, safety, or property (including by making and defending legal claims);(b) enforce the terms and conditions that govern the Service; and (c) protect, investigate, and deter against fraudulent, harmful, unauthorized, unethical, or illegal activity.
With Your Consent. In some cases, we may specifically ask for your consent to collect, use, or share your personal information, such as when required by law.
To Create Anonymous, Aggregated, or De-identified Data. We may create anonymous, aggregated, or de-identified data from your personal information and other individuals whose personal information we collect. We make personal information into anonymous, aggregated, or de-identified data by removing information that makes the data personally identifiable to you. We may use this anonymous, aggregated, or de-identified data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business.
How We Share Your Personal Information
We do not share your personal information with third parties without your consent, except in the following circumstances or as described in this Privacy Policy:
Affiliates. Although we currently do not have a corporate parent, subsidiaries, affiliates, or other companies under a common control (collectively, “Affiliates”), we may in the future. We may share your personal information with these Affiliates for purposes consistent with this Privacy Policy.
Service Providers. We may share your personal information with third-party companies and individuals that provide services on our behalf or help us operate the Service(such as customer support, hosting, analytics, restaurant services, payment processing, order delivery, status monitoring and tracking, email delivery, marketing, and database management services). These third parties currently include Swipe Tec, Paybotx, TSYS, USAePay, Facebook, Google Ads, Instagram, Sendinblue, Google Maps, Census Bureau, New Relic, Postmates, DoorDash, Mailchimp, Yelp, Engine Yard, Amazon Web Services (AWS), Google Analytics, and Facebook Analytics. These third parties may use your personal information only as directed or authorized by us and in a manner consistent with this Privacy Policy and are prohibited from using or disclosing your information for any other purpose.
Restaurants. We will sometimes share your personal information with restaurants from whom you place orders via the Service. For example, your name, name, phone number, delivery address, menu items and quantities, restaurants ordered from, order amount, and your notes with special instruction for delivery and menu items you order. The restaurant’s privacy policy describes the restaurant’s practices with respect to the use and sharing of your information. We encourage you to read the privacy policies of the restaurants you order from.
Third-Party Delivery Services. We may use third-party delivery providers (we currently use Postmates and DoorDash; however, we may add or change our third-party delivery providers at any time) to deliver your orders. Please review such third-party delivery providers’ privacy policies. Postmates’s current Privacy Policy is located at: https://www.uber.com/legal/en/document/?_ga=2.244701765.1914233079.1626276828-266766371.1618440541&country=united-states&lang=en&name=privacy-notice. DoorDash’s current Privacy Policy is located at: https://help.doordash.com/consumers/s/privacy-policy-us?language=en_US.
Payment Processing. We currently use Fiserv, Inc., Global Electronic Technology, Inc., Global Payments Inc., Swipe Tec LLC, Paybotx LLC, and Total System Services LLC for payment processing services related to the Service. We do not process, record, or maintain your payment card information or other payment method, except in a tokenized format. For more information on how payments are handled, or to understand the data security and privacy afforded to such information, please see https://www.fiserv.com/en/about-fiserv/privacy-notice.html, https://www.gettrx.com/privacy.html, https://www.globalpaymentsinc.com/en-us/privacy-statement, https://www.swipetec.net/privacy.html, https://www.paybotx.com/privacy-policyb6ee8a82, and https://www.tsys.com/central-station-privacy-policy.html.
Professional Advisors. We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors, and insurers, where necessary in the course of the professional services that they render to us.
For Compliance, Fraud Prevention, and Safety. We may share your personal information with law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) protect our, your, or others’ rights, privacy, safety, or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern the Service; and (c) protect, investigate, and deter against fraudulent, harmful, unauthorized, unethical, or illegal activity.
Business Transfers. We may sell, transfer, or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization, or sale of assets, or in the event of bankruptcy or dissolution.
Your Choices
In this section, we describe the rights and choices available to all users.
Access or Update Your Information. If you have registered for an account with us, you may review and update certain personal information in your account profile by logging into the account.
Opt Out of Marketing Communications. As of the Effective Date, we do not send marketing-related emails. In the event we do so at a later date, you may opt out of such marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us at contact@dylish.com. You may continue to receive service-related and other non-marketing emails.
Cookies and Browser Web Storage. We may allow service providers and other third parties to use cookies and similar technologies to track your browsing activity over time and across the Service and third-party websites. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, the Service may not work properly. Similarly, your browser settings may allow you to clear your browser web storage.
Notifications. When using our Restaurant Apps, you may turn off notifications through your device settings.
Targeted Online Advertising. Some of the business partners that collect information about users’ activities on or through the Service may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behaviour or web application usage for purposes of targeted advertising.
Users may opt out of receiving targeted advertising on websites through members of the Network Advertising Initiative by clicking here or the Digital Advertising Alliance by clicking here. Please note that our partners may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms that we linked above.
If you choose to opt out of targeted advertisements, you will still see advertisements online, but they may not be relevant to you. Even if you do choose to opt out, not all companies that serve online behavioural advertising are included in this list, so you may still receive some cookies and tailored advertisements from companies that are not listed.
Do Not Track. Some internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Choosing Not to Share Your Personal Information, Where we are required by law to collect your personal information, or where we need your personal information in order to provide the Service to you, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with our services. We will tell you what information you must provide to receive the Service by designating it as required at the time of collection or through other appropriate means.
Other Sites, Applications, and Services
The Service may contain links to other websites, applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in applications or online services that are not associated with us. We do not control third-party websites, applications, or online services, and we are not responsible for their actions. Other websites, applications, and services follow different rules regarding the collection, use, and sharing of your personal information. We encourage you to read the privacy policies of the other websites, applications, and online services you use.
Security Practices
The security of your personal information is important to us. We employ a number of organizational, technical, and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.
International Data Transfers
We are headquartered in the United States and have service providers in other countries, and your personal information may be transferred to the United States or other locations outside of your state, province, or country where privacy laws may not be as protective as those in your state, province, or country.
Children
The Service is not directed to, and we do not knowingly collect personal information from, anyone under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, then he, she, or they, should contact us. We will delete such information from our files as soon as reasonably practicable. We encourage parents with concerns to contact us.
Changes to This Privacy Policy
We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating effective date above and posting it on the Service. We may, and if required by law will, also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via email (if you have an account where we have your contact information) or another manner through the Service.
Any modifications to this Privacy Policy will be effective upon our posting the new terms and/or upon implementation of the new changes on the Service (or as otherwise indicated at the time of posting). In all cases, your continued use of the Service after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.
How to Contact Us
Please direct any questions or comments about this Privacy Policy or privacy practices to contact@dylish.com. You may also follow the instructions at our FAQ page by visiting https://about.dylish.com/. Additionally, you may write to us via postal mail at:
Dylish LLC
Attn: Legal – Privacy
11271 Ventura Boulevard, #757
Studio City, CA 91604
Information for California Residents – Your California Privacy Rights
If you are a California resident, you have the following rights:
-
Information. To request that we disclose the following information about our collection and use of your personal information during the past 12 months:
- The categories of personal information that we have collected about you;
- The categories of sources from which personal information is collected;
- The business or commercial purpose for collecting or selling personal information;
- The categories of third parties with whom we share your personal information;
- Whether we have disclosed your personal information for a business purpose, and if so, the categories of personal information received by each category of recipient; and
- Whether we have sold your personal information, and, if so, the categories of personal information received by each category of recipient.
- Access. To request a copy of the personal information that we have collected about you during the past 12 months.
- Deletion. To request that we delete personal information about you that we have collected from you.
- Opt Out of Sales. To direct us not to sell your personal information if we do, and if you are under 16 years of age, we are required to ask for affirmative authorization from you to sell your personal information before we do so.
- Non-discrimination. To exercise your rights described above free from discrimination, such as denial of goods or services; price/rate increases for goods or services (including through grants of discounts/benefits or imposing penalties); decreases in service quality; or suggesting that such discriminatory acts may occur if you exercise your rights. However, a difference in price or service quality is not discriminatory if reasonably related to the value to our business of the personal information we are unable to use due to the exercise of your rights, and we may offer you certain financial incentives that can result in different prices, rates, or service quality.
- Financial Incentive Program Disclosures. To receive a clear description of the material terms of any program involving financial incentives for the collection, sale, or deletion of your personal information, and decide if you want to consent to be entered in it (you can revoke this consent at any time).
How to Exercise Your Rights.
You may exercise the rights described above as follows:
-
Right to Opt Out of Sales.
Currently, Dylish does not sell your personal information. However, if we in the future do, we will provide you with a mechanism to exercise your right to opt out of sales of your personal information.
-
Right to Information, Access, and Deletion.
You may exercise the information, access, and deletion rights described above by submitting a verifiable request to us by:
- Visiting: https://about.dylish.com/; or
- Emailing: contact@dylish.com
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child under 13.
The verifiable request must:
- Provide sufficient information that allows us to reasonably verify you are a California resident about whom we collected personal information or their authorized representative; and
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
These rights are not absolute, are subject to exceptions, and we may be required or permitted by law to decline your request.
Personal Information That We Collect, Use, and Share.
The chart below provides information that we are required to give you under California law about the categories of personal information that we have collected, used and shared in the 12 months preceding the last update of this Privacy Policy. See above for a description of the sources of the personal information we collect, as well as the business and commercial purposes for which we collect, use, and share this information.
| Category* | Do we collect this info? | Do we share this info with third parties for business purposes?** | Do we “sell” this info?*** |
|---|---|---|---|
| Identifiers | Yes | Yes | No |
| Online Identifiers | Yes | Yes | No |
| CA Customer Records Categories | Yes | Yes | No |
| Protected Classification Characteristics | Yes (gender & age) | Yes | No |
| Commercial Information | Yes | Yes | No |
| Biometric Information | No | No | No |
| Internet or Network Information | Yes | Yes | No |
| Geolocation Data | Yes | Yes | No |
| Sensory Information | No | Yes | No |
| Professional or Employment Information | No | No | No |
| Education Information | No | No | No |
| Inferences | Yes | No | No |
| Other Personal Information | No | No | No |
|
* For a description of these categories, see the definition of Personal Information in section 1798.140(o)(1) of the California Consumer Privacy Act. ** See the section of our Privacy Policy titled How We Share Your Personal Information for a description of the business purposes for which we disclose your personal information and the categories of third parties to which we disclose it. *** Our use of your personal data in a manner that may constitute a “sale” under California law is for analytics, marketing, and advertising purposes. In addition to these rights, as provided by California Civil Code section 1798.83, California residents are entitled to ask us for a notice identifying the categories of personal customer information which we share with our Affiliates and/or third parties, such as restaurants, for marketing purposes, and providing contact information for such Affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to us via email at: contact@dylish.com. You must put the statement "Your California Privacy Rights" in your request and include your name, street address, city, state, and ZIP code. We are not responsible for notices that are not labelled or sent properly, or do not have complete information. |
|||