Updated 18 November 2020

FoodCloud Privacy Policy
Introduction

FoodCloud (FoodCloud, us, we or our) understands the importance of protecting your information that it collects and processes. This Privacy Policy (together with our Cookies Policy (https://food.cloud/cookies/) applies to any information provided or collected through the FoodCloud application (the App), or Copia, the FoodCloud user platform (the Platform) and outlines how FoodCloud collects, processes, uses and discloses the information you provide. FoodCloud is data controller of any data processed and you can contact us here or using the information provided under 'Contact Us' below. 

We will use your personal data only for the purposes and in the manner set forth below which describes the steps we take to ensure our processing of your personal data is in compliance with the General Data Protection Regulation ((EU) 2016/679) (GDPR) and any implementing legislation (Data Protection Legislation).

Please note: You have the right to object to the processing of your personal data where that processing is carried out for our legitimate interests.

Scope

By providing us with your personal information, you signify your acceptance of the Privacy Policy. If you do not agree with or you are not comfortable with any aspect of this Privacy Policy, please do not continue using the Website, the App or the user platform. This Privacy Policy applies to all personal data processed by us regardless of the media on which it is stored. We may update this Privacy Policy at any time. 

Types of Personal Data Processed 

Personal data is any data relating to a living person who can be identified directly from that data, or indirectly in conjunction with other information. When you visit or use the Platform or the App, we may collect and process different types of personal data, including the following:

Name

Business Name

Addresses

Business Phone Number

Contact Person Name

SMS Number

Email Address

Banking information, where provided for direct debit payments

Images via CCTV footage

Visitor Image and Temperature

We may also obtain information through our App, Platform or website (insert website) (the Website) about your general internet usage by using tracking technologies such as cookies. For further information on our use of cookies, please consult our Cookies Policy.

To ensure the safety of our staff, visitors, premises, and FoodCloud owned vehicles, and the accuracy of our inventory, we use CCTV in our Dublin warehouse and on FoodCloud owned vehicles.  Any visitors to our warehouse are subject to image capture by CCTV.  We also use dashboard cameras in FoodCloud owned vehicles.  This footage is only accessed in the course of an investigation or of a specific and serious complaint or incident.  Footage will be stored for a maximum of 30 days.

Telephone calls to and from FoodCloud may be monitored for quality assurance and training purposes.  These recordings will be stored for a maximum of 30 days.

To mitigate risks associated with Covid-19, FoodCloud requires employees to be temperature screened any time they enter the building at any of our premises.  This information is only used in the event that an employee has a temperature at or above 37.5 degrees celsius and may be denied access to the building in this case.  The data associated with this will be used in the event of medical emergency or to facilitate contact tracing.  

For more information on data retention, please see FoodCloud’s Document Retention Policy

Purpose and Legal Basis for Processing

We process personal data for the following purposes in furtherance of our legitimate business interests:

to administer our business and ensure that any businesses, retailers and charities are effectively matched to each other;

to perform a contract-we process your personal data where it is necessary to enter into and perform our contract with you;

to facilitate the donation of surplus food in accordance with our operational model;

to ensure that the content on our Website, App or Platform is presented in the most effective manner for you and your device;

to provide you with information regarding services which you request from us or which we feel may interest you, where you have consented to be contacted for such purposes (see ‘Direct Marketing’ below);

to analyse visitor and user traffic regarding our Website, App and Platform, and to recognise unique or repeat users and visitors;

to allow you to participate in interactive features through our Website, Platform or App, when you choose to do so; and

to notify you about any changes to our service.

to ensure the safety of visitors on our premises and protect goods. 

Personal data will only be processed to the extent necessary for the purposes set out above for our legitimate business interests, which include ensuring that we can offer our digital services through the App/Website/Platform as effectively as possible, ensuring the functionality of the App, Website and Platform, improving communication and engagement, and facilitate payment with all parties that FoodCloud interacts with and assisting FoodCloud in providing a more effective and streamlined service. 

Please note: You have the right to object to the processing of your personal data where that processing is carried out for our legitimate business interests. 

We do not consider such interests would prejudice your rights or fundamental freedoms as a data subject. For more information on our legitimate interests and the balancing exercise, please contact us using the details below.

We may also process your personal data to comply with any legal obligations. We will inform you in advance if we intend to process your personal data for a purpose other than as set out above. We may also seek your specific consent to the processing of data for other specific purposes.  You will have the right to withdraw such consent at any time. Please contact us if you wish to do so (see the ‘Contact Us’ section below).

Direct Marketing

When you give us your personal data, we will ask you if you would like to receive information from us about our services from us via post, email or SMS communications. If you have consented to the use of your information for marketing purposes, you have the right to withdraw that consent at any time. You can opt-out of receiving marketing communications from us at any time by contacting us (using the details below) and requesting to be removed from our mailing list or by clicking on the “unsubscribe” link in any email or SMS communication sent to you. If you choose to opt out, we will keep your details on our marketing suppression list, to ensure that you are not contacted with direct marketing messages again. 

Where we process your personal data for direct marketing purposes, you have the right to object at any time to such processing. If you want to object, please contact us directly (see ‘Contact Us’).

Recipients of Personal Data

We may disclose or transfer your personal data to:

partner charities;

FareShare, acting as our business partner in charity recruitment, 

third parties including legal advisors (A&L Goodbody, HR Suite), financial advisors, regulatory bodies, auditors (O’Connor Pyne), and other service or technology providers

Where charities are in receipt of FEAD products, data will be shared with Irish and European government agencies that administer the FEAD program. 

To the extent that any of the abovementioned disclosures are located outside of Ireland, in countries (including the U.S.) which may not have the same data protection laws as Ireland, we will take all steps reasonably necessary to ensure that your personal data is treated securely, in accordance with this Privacy Policy and the Privacy Shield adequacy decision regarding the United States (Article 45 of the GDPR). Please contact us if you wish to obtain information concerning such safeguards (see 'contact us' below).

We may also provide non-personal data to third parties, where such information is combined with similar information of other users of the App. The aggregate information that we share may include anonymous information that is captured through the use of cookies and other similar tracking technology. The third parties to whom we may provide this information may include our App design, data analysts, development and hosting contractors.

No Information from Children Under Age 18 on the App/Platform

If you are under the age of 18, please do not attempt to register with us through the App or the Platform or provide any personal information about yourself to us via the App/Platform. If we learn that we have collected personal information from a child under the age of 18, we will promptly delete that information. If you believe we have collected personal information from a child under the age of 18, please contact us at GDPR@foodcloud.ie

Where you do not provide your Personal Data 

You can choose not to provide this information; however, you might not be able to gain access to our information or services. We will tell you when we ask for information which is a contractual requirement or needed to comply with our legal obligations. If you choose not to provide your personal data to us, you may not be able to fully access or use the services offered through the Website, App or the Platform.  

Safety, Retention and Security

We take all reasonable steps as required by law to ensure the safety, privacy and integrity of your personal data. As no data transmission over the internet can be guaranteed as 100% secure, we cannot guarantee, ensure, or warrant the security of any information you transmit to us and you transfer the personal data at your own risk. 

We endeavour to use and keep under review appropriate technical and organisational measures (including staff training, access limitation and awareness) in order to protect against unauthorised or unlawful processing of your personal data, including unauthorised destruction, alteration or disclosure or access. It is your responsibility to protect the security of your login information.

If you provide personal data through the App, Platform, Website, or for payment purposes, we will retain your personal data for a period of one year from the end of your business relationship with us (in accordance with our Data Retention Policy), unless we are required to retain such information for a longer period pursuant to a legal obligation. 

Where you have consented to direct marketing and wish to opt out, we will no longer retain your personal data, save for the purpose of maintaining a marketing suppression list, to ensure that you are not contacted again.  

Your Rights and Responsibilities 

You have the right to obtain a copy of your personal data held by us and the right to rectify any inaccuracies in personal data held by us by making a request to us in writing or via email (see ‘Contact Us’ below). 

In addition, you also have the right to request erasure, restriction, portability or to object to the processing of your data or not to be subject to a decision based on automated processing, including profiling.  You should inform us of any changes to your personal data.  Any requests made under this section can be made using the details set out at 'Contact Us' below.  We will respond to your request in writing, or orally if requested, as soon as practicable and in any event not more than one month after receipt of your request. 

You have the right to lodge a complaint with the Office of the Data Protection Commissioner if unhappy with how his or her personal data is being handled.

It is your responsibility to ensure that any information you have provided to us is accurate and up-to-date. If any of the information that you have provided to us changes, please inform us using details set out at 'Contact Us' below.  

Links to Other Websites

We may, from time to time, provide links to third party websites. In addition, third parties' websites may also provide links to the App. Should you choose to visit these third party websites, you should review their privacy policies to ensure you understand and are comfortable with their practices concerning your personal data. We do not accept, and we disclaim, any responsibility for the privacy policies and data protection practices of any third party website (whether or not such website is linked on or to our Website or the App). These links are provided to you for convenience purposes only, and you access them at your own risk. It is your responsibility to check the third party website's privacy policies before you submit any personal data to their websites.

Contact Us 

If you have any questions, comments, requests and complaints regarding this Privacy Policy and the information we hold, please contact us at GDPR@foodcloud.ie