1. TERMS AND DEFINITIONS
It means Mayber LLC, independently or jointly with Partners, Institutions and other persons, to whom the processing of Personal Data may be transferred in accordance with the Policy, organizing and (or) processing Personal Data, as well as determining the purposes of processing Personal Data, the composition of Personal Data, to be processed, actions (operations) performed with Personal Data.
It means any information relating directly or indirectly to a specific or identifiable person - individual (Personal Data Subject).
Guest (User) an individual (Personal Data Subject) using the functions and capabilities of the "Mayber" Services in any way in accordance with the User Agreement on the use of the "Mayber" System (https://mayber.com).
Service employee staff of the Institution (Employee Institutions) an individual (Personal Data Subject) who provides services to Guests in the Facility on the basis of an agreement concluded with the Facility in the status of a waiter or manager and uses the functions and capabilities of the "Mayber" Services.
Partner is a legal entity or individual entrepreneur providing the Operator with a set of services that directly or indirectly ensure the functioning of the System, as well as services to support the economic activities of the Operator.
Institution (Restaurant) is a legal entity or individual entrepreneur selling goods and / or providing services in the field of public catering and using the System.
Personal Data Processing
It means any action (operation) or a set of actions (operations) performed using automation tools or without using such tools with Personal Data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use , transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of Personal Data.
2. GENERAL PROVISIONS
2.1. This Policy defines the Operator's policy regarding the processing of Personal Data, and also contains information about the requirements for the protection of Personal Data implemented by the Operator.
2.2. This Policy applies only to the Mayber System. The Operator does not control and is not responsible for the information of third parties posted on the sites to which the Guest and the Employee of the Institution can follow the links available in the System. On such sites, the Guest and the Employee of the Institution may collect or request other Personal Data, as well as other actions may be performed.
3. PERSONAL DATA OF GUESTS THAT COLLECTED AND PROCESSED BY THE OPERATOR
3.1. The Operator may collect and Process Personal Data of Guests that correspond to the purposes of Processing Personal Data stipulated by this Policy (while for authorization in the System, the Guest only needs to provide e-mail, the rest of the Personal Data named in this clause is provided by the Guest voluntarily, namely:
(e) date of birth;
(f) telephone number;
(g) images of the Guests (photograph);
(h) the type of smartphone and its operating system;
(j) city of residence / location
3.2. As a general rule, the Operator does not verify the accuracy of the Personal Data provided by the Guests, and does not set a control over the legal capacity of the Guests. In this case, the Operator assumes that the information received by him from the Guests is reliable and keeps this information up to date.
4. PURPOSES OF COLLECTION AND PROCESSING OF PERSONAL DATA
4.1. The Operator collects and Processes Personal Data provided by Guests for the purpose of promoting the services of the Institution, including for the purposes of:
4.1.1. ensuring the functioning of the Mayber System, as well as providing the Guests with information and services;
4.1.2. communication with the Guest for the provision of technical support services to the Guests;
4.1.3. analysis and research in order to improve the functioning of the System, including its quality, convenience, as well as - the development of new services and services within the System;
4.1.4. sending the Guests news and marketing information about the Institutions and the System's capabilities, as well as service information;
4.1.5. detecting and preventing cases of fraud and abuse within the System;
4.1.6. identification of the party under contracts (agreements) concluded with the Guest within the System;
4.1.7. assessing the behavior of Guests in the Institutions to determine their preferences, including using assessment methods.
5. TERMS AND CONDITIONS OF PERSONAL DATA PROCESSING AND TRANSFER TO THIRD PARTIES
5.1. With regard to the Personal Data of the Guest and the Employee of the Institution, their confidentiality is maintained, except in cases of voluntary providing by the Guest and / or the Employee of such Personal Data for general access to an unlimited number of persons.
5.2. The processing of personal data is carried out within the period necessary to achieve the goals determined by this Policy, in any legal way, including in personal data information systems using automation tools or without using such tools.
5.3. The processing of personal data of Guests and Employees of the Establishment is carried out in accordance with the Law.
5.4. The Operator has the right to provide Personal Data, including entrusting the Processing of Personal Data, on the basis of contracts concluded with them, to the following third parties:
(a) parent and subsidiary organizations, as well as the legal successors of the Operator;
(c) Partners, as well as other contractors, service providers and other third parties who are involved by the Operator to provide a set of works, services and (or) other actions in order to operate, improve and take other actions in relation to the System, as well as ensure economic activities Operator;
(d) buyers and / or other successors in the event of a merger, division, takeover, bankruptcy, liquidation or other restructuring, or transfer of some or all of the Operator's assets, whether as a going concern or as part of it;
The person who processes the Personal Data provided by the Operator is obliged to process Personal Data in accordance with the provisions provided for by this Policy.
6. RIGHTS OF GUESTS REGARDING THEIR PERSONAL DATA
6.1. Guests of the Institution can at any time contact the Operator with a request for information regarding the processing of his Personal Data. The Guest's right to appropriate treatment may be limited in accordance with the requirements of the Law.
6.2. The Guest can at any time clarify (update, change) or delete the Personal Data provided to them by editing Personal Data in the System.
6.3. The Guest may also contact the Operator with a request to block or destroy Personal Data if the Personal Data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing.
6.4. The Guest of the Facility may revoke consent to the Processing of Personal Data at any time. In case of withdrawal of consent to the processing of Personal Data, the Operator has the right to continue the Processing of personal data without the consent of the Guest, if there are grounds provided for by the Law.
7. REQUIREMENTS FOR THE PROTECTION OF PERSONAL DATA
7.1. When processing Personal Data of Guests and Employees of the Facility's service personnel, the Operator takes the necessary legal, organizational and technical measures to protect Personal Data from unauthorized or accidental access to them by third parties, their processing by third parties, as well as from other illegal actions in relation to Personal Data.
7.2. Ensuring the security of Personal Data is achieved in particular:
(a) identifying threats to the security of Personal Data during their processing in Personal Data information systems;
(b) the application of organizational and technical measures to ensure the security of Personal Data during their processing in information systems
(c) assessing the effectiveness of measures taken to ensure the security of Personal Data prior to the commissioning of the Personal Data information system;
(d) taking into account the machine media of Personal Data;
(e) detection of facts of unauthorized access to Personal Data and taking measures to terminate it;
(f) recovery of Personal Data, modified or destroyed due to unauthorized access to them;
(g) establishing rules for accessing Personal Data processed in the Personal Data information system, as well as ensuring registration and recording of actions performed with Personal Data in the Personal Data information system;
(h) control of access to the premises where the processing of Personal Data is carried out;
(i) monitoring the effectiveness of measures and means used to ensure the security of Personal Data, as well as monitoring the level of security of information systems of Personal Data.
7.3. The Operator hereby notifies that no security measures applied to protect the Personal Data of Guests and Employees of the Facility's staff are resistant to all methods of gaining unauthorized access to protected information.
1. You can send an appropriate appeal as part of the exercise of rights in relation to your Personal Data or leave your comments and suggestions regarding the terms of this Policy by sending a message to the email address firstname.lastname@example.org.