Privacy Policy

Redi (“we”, “our”, “us) is a trading name of Redi Pay & Pick Limited. We respect the privacy rights of our online visitors (“you”, “your”, “yours”) and recognise the importance of protecting the collected information about them. We have adopted a corporate wide Privacy Policy that guides how we collect, store, and use the information that you provide us with.
  1. Purpose of Our Policy
1.1 Redi Pay & Pick Limited (Company Number 10208488) of 1 Vicarage Lane, Stratford, London, England, E15 4HF (we, us or our) provides the products and services offered on the Redi mobile application and website www.getredi.co (Platform).

1.2 We are the data controller for the purposes of the Data Protection Act 1998 (Act) and under the EU General Data Protection Regulation (GDPR) that will be enforced from 25 May 2018.

1.3 We have adopted this Privacy Policy to ensure that we have standards in place to protect the data that we collect about you that is necessary and incidental to:


(a) providing the products and services that we offer; and

(b) the normal day-to-day operations of our business.


1.4 By publishing this Privacy Policy we aim to make it easy for you, our users, customers and the public to understand what data we collect and store, why we do so, how we receive and/or obtain that information, and the rights you have with respect to their data in our possession.

  1. Who and What This Policy Applies to
2.1 We handle data in our own right and also for and on behalf of our customers and users.

2.2 Our Privacy Policy does not apply to information we collect about businesses or companies, however it does apply to information about the people in those businesses or companies which we control or process.

2.3 The Privacy Policy applies to all forms of information, physical and digital, whether collected or stored electronically or in hardcopy.

2.4 If, at any time, you provide data or other information about someone other than yourself, you warrant that they have that person's consent to provide such information for the purpose specified.

2.5 The Platform is available to persons over the age of 18 (or over the age of 13 and under the supervision of a parent or legal guardian).

  1. The Information We Collect
3.1 In the course of business it is necessary for us to collect data. This information allows us to identify who you are for the purposes of our business, share data when asked of us, you in the ordinary course of business and transact with you. The type of information we may collect includes:
(a) Personal Information. We may collect personal details such as your name, date of birth, details and other information that allows us to identify who you are;

(b) Contact Information. We may collect information such as your email address, telephone number, third-party usernames, residential, business and postal address and other information that allows us to contact you;

(c) Financial Information. We may collect financial information related to you such as any bank or credit card details used to transact with us and other information that allows us to transact with you, process payments and/or provide you with our services;

(d) Statistical Information. We may collect information about your online and offline preferences, habits, movements, trends, decisions, associations, memberships, finances, purchases and other information for statistical purposes and better service; and

(e) Information you send us. We may collect any personal correspondence that you send us, or that is sent to us by others about your activities, including activities with our partners (such as Facebook or Twitter).


3.2 We may collect other data about you, which we will maintain in accordance with this Privacy Policy.

3.3 We may also collect non-data about you such as information regarding their computer, network and browser. This may include their IP address.

  1. How We Collect The Information
4.1 Most information will be collected in association with your use of our sites, products and services, an enquiry about us or generally dealing with us. However, we may also receive data from other sources such as advertising, your own promotions, public records, mailing lists, contractors, staff, recruitment agencies and our business partners (such as Facebook or Twitter). In particular, information is likely to be collected as follows:
(a) Registrations/Purchases. When you register, and / or purchase a Menu Item or other process whereby you enter data details or grant access to information in order to receive or access something, including a transaction or services;

(b) Accounts. When you submit details to open an account with us;

(c) Partners. When you grant us access to their accounts with our business partners (such as Facebook, Google+ or Twitter). (d) Supply/Contact. When you supply us with goods or services, or contact us in any way; (e) Pixel Tags. Pixel tags enable us to send email messages in a format customers can read and they tell us whether mail has been opened.
4.2 As there are many circumstances in which we may collect information both electronically and physically, we will endeavour to ensure that you are always aware of when their data is being collected.

4.3 We may also collect anonymous data such as traffic, IP addresses and transaction statistics.

4.4 If you publicly post about Redi, or communicate directly with us, on a social media website, we may collect the data contained in such posts or in your public profile for the purpose of addressing any customers services requests you may have and to monitor and influence public opinion.

  1. How The Data is Stored
5.1 The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA) and with third parties.

5.2 It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.

5.3 These Cross-Border Data Transfers may only take place if the transfer is made to an Adequate Jurisdiction or the data exporter has implemented a lawful data transfer mechanism (or an exemption or derogation applies).

5.4 By submitting your personal data, you agree to this transfer, storing or processing.

  1. How This Data is Used and Retained
6.1 In general, the primary principle is that we will not use any data other than for the purpose for which it was collected other than with your permission. The purpose of collection is determined by the circumstances in which the information was collected and/or submitted. We will have a lawful basis for processing your information: if we need to process your information in order to provide you with the service you have requested or to enter into a contract; we have your consent; we have a justifiable reason for processing your data; or we are under a legal obligation to do so.

6.2 We will not retain your information for any longer than we think is necessary.

6.3 We will retain data for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

6.4 Information is used to enable us to operate our business, especially as it relates to you. This may include:
(a) the provision of goods and services between you and us;

(b) verifying an your identity;

(c) communicating with you about:

i their relationship with us;

ii our goods and services;

iii   our own marketing and promotions to customers and prospects;

iv   competitions, surveys and questionnaires;

(d) investigating any complaints about or made by you, or if we have reason to suspect that you are in breach of any of our terms and conditions or that you are or have been otherwise engaged in any unlawful activity; and/or

(e) as required or permitted by any law (including the Act).
6.5 Otherwise, we securely erase your information where we no longer require your information for the purposes collected.

  1. When The Data is Disclosed
7.1 It may be necessary for us to disclose your data to third parties in a manner compliant with the Act in the course of our business, such as for processing activities like website hosting.

7.2 We will not sell your data to unrelated third parties under any circumstances.

7.3 We will not disclose your data to unrelated third parties under any circumstances, unless we employ other companies to perform tasks on our behalf and we need to share your information with them to provide products and services to you.

7.3 There are some circumstances in which we must disclose your information:
(a) Where we reasonably believe that you may be engaged in fraudulent, deceptive or unlawful activity that a governmental authority should be made aware of;

(b) As required by any law (including the Act) including court orders; and/or

(c) In order to sell our business (as we may transfer data to a new owner).
7.4 We will not disclose your data to any entity outside of the United Kingdom that is in a jurisdiction that does not have a similar regime to the Act or an implemented and enforceable privacy policy similar to this Privacy Policy. We will take reasonable steps to ensure that any disclosure to an entity outside of the United Kingdom will not be made until that entity has agreed in writing with us to safeguard data as we do (see 5.3).

7.5 We may partner with or utilise third-party service providers (such as Gmail from Google, Inc) to communicate with you and to store contact details about you. These service providers may be located outside the United Kingdom, including the United States of America.

  1. Sharing Your Information with Third Parties
8.1 We may share your information with third parties for the processing and storage of certain personal information. Any information will be shared with third parties on an aggregated and anonymous basis only. For example:
(a) providing to partners information so that they can supply the menu items to you and for customer service and administration purposes;

(b) all information may be processed and stored with cloud service providers (such as Amazon Web Services);

(c) all payment information shall be provided to and processed by a payment gateway (such as www.Stripe.com or www.paypal.com)


8.2 Any such information shall be processed on terms which are substantially the same as those set out in this Privacy Policy.

8.3 We may link your account with a third party (such as Facebook, LinkedIn, Twitter or Google+) to our services to enable certain functionality, which allows us to obtain information from those accounts (including your profile picture, friends or contacts, if you allow us to).

8.4 The information we may obtain from those services often depends on your settings or their privacy policies. We recommend that you read any third party privacy policies before entering any personal information.

  1. Our Cookie Policy
9.1 Our Platform may use cookies to distinguish you from other users of our platform. This helps us to provide you with a good experience when you browse our platform and also allows us to improve our Platform. By continuing to browse the site, you are agreeing to our use of cookies.

9.2 You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our Platform. Please refer to our Cookie Policy for further information. http://getredi.co/cookie-policy/

  1. Direct Marketing
10.1 You may opt out not have us collect their data and communicate with them. This may prevent us from offering them some or all of our services.


(a) Opt In. Where relevant (including registration), you will have the right to choose to have information collected and/or receive information from us; or

(b) Opt Out. Where relevant (including email communications), you will have the right to choose to exclude himself or herself from some or all collection of information and/or receiving information from us.


10.2 Where you have given your consent or where we have a justifiable reason for doing so (and are permitted to do so by law) we will use your information to let you know about our products and services that may be of interest to you and we may contact you to do so by email or phone. You can control your marketing preferences by:

(a) Unsubscribing to e-mails

(b) Managing marketing notification settings in the ‘profile’ section of our mobile applications(c) Contacting our customer service either via support@getredi.co or via the chat function in our mobile applications

  1. Redi Businesses Accounts
11.1 We also process your information to determine whether you may be interested in hearing about our Redi Business Accounts.

11.2 If you have signed up to Redi with a business e-mail address or if we think you may be interested in hearing about our Redi Business Accounts offer, we may contact you using the contact details you have provided to let you know about it. You have the right to opt out of receiving these types of communications and may do so by changing your marketing preferences (as set out in section 10 above).

11.3 If your employer signs up for a Redi Business Account, we will contact you to let you know that the Redi Business Account is available to you. If you would like to take up your employer’s offer to use the Redi Business Account, we will tag your Redi account as having a Redi Business Account allowance. For both these activities we are acting as a data processor on behalf of your employer (who is the controller of this information). For more information, please contact your employer.

11.4 When you use Redi for Business, then we will also share personal data relating to your order (such as the order date and time, the payment amount and the restaurant with which the order was placed) with your employer. Redi and your employer will both be joint controllers of this information.

  1. The safety & security of data
12.1 We adopt robust technologies and policies to ensure the personal information we hold about you is suitably protected. We will take all reasonable precautions to protect your data from unauthorised access. This includes appropriately securing our physical facilities and electronic networks.

12.2 Unfortunately, the transmission of information via the internet is not completely secure. Although we will take steps to protect your information, we cannot guarantee the security of the data transmitted to the Sites; any transmission is at your own risk. Once we have received information, we will use strict procedures and security features to try to prevent unauthorised access.

12.3 If you suspect any misuse or loss of, or unauthorised access to, their data, they should let us know immediately.

12.4 We are not liable for any loss, damage or claim arising out of another person’s use of the data where we were authorised to provide that person with the data.

  1. How to access and/or update information
13.1 Under data protection law, you may have a number of rights concerning the data we hold about you. If you wish to exercise any of these rights, please contact our support@getredi.co using the contact details set out below. For additional information on your rights please contact your data protection authority or see below:
(a) The right to be informed

(b) The right of access

(c) The right to rectification

(d) The right to erasure

(e) The right to restrict processing

(f) The right to data portability

(g) The right to object

(h) Rights in relation to automated decision making and profiling

13.2 If you cannot update your own information, we will correct any errors in the data we hold about you within 7 days of receiving written notice about those errors.

13.3 It is your responsibility to provide us with accurate and truthful data. We cannot be liable for any information that is provided to us that is incorrect.

13.4 You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

  1. Complaints and disputes
If you’re not satisfied with our response to any complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO) using the following details:

Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Telephone number: 0303 123 1113

Website: www.ico.org.uk

  1. Additions to this policy
15.1 Any changes to our privacy policy will be posted to the Sites and, where appropriate, we will notify you of the changes for example by email or push notification.

15.2 We may do things in addition to what is stated in this Privacy Policy to comply with the GDPR and nothing in this Privacy Policy shall deem us to have not complied with the GDPR.

This privacy policy was last updated: 23/05/2018

  1. Contacting us
16.1 If you have any queries or requests concerning this privacy policy or how we handle your data more generally, please get in touch with us using the following details.

The Data Controller
Redi Pay & Pick Limited
support@getredi.co

You may contact us by email in the first instance.