Dished Logo

DISHED

Home Customers Restaurants Contact

Privacy Policy

Last updated: June 9, 2025

Dished – Restaurant Partner Privacy Notice (UK)

Effective Date: June 9, 2025

1. Introduction

This Privacy Notice ("Notice") explains how Dished Pvt Limited ("Dished", "we", "us", or "our") collects, uses, discloses, and protects personal data relating to our restaurant partners ("you", "your") when you use the Dished restaurant platform and related services (the "Service"). We process your data in accordance with the UK General Data Protection Regulation ("UK GDPR") and the Data Protection Act 2018.

If you have any questions about this Notice or your data protection rights, please contact us at legal@dished.uk.

2. Data Controller

Dished Pvt Limited
Registered Office: 128 City Road, London, EC1V 2NX, United Kingdom
Email: legal@dished.uk

3. Categories of Personal Data We Collect

We may collect and process the following personal data in connection with your restaurant account:

  • Business & Registration Data: Business name, address, cuisine type, menu and profile content, images.
  • Contact & Account Data: Names, job titles, business email addresses and phone numbers of owners, managers, and authorised staff; account credentials.
  • Payment Data: Bank account details and billing information for settlements.
  • Operational & Transaction Data: Order history, transaction records, fees and commissions.
  • Communications: Correspondence, support tickets, emails, and in-app messages.

4. Application Data

If you use our mobile application and grant the requisite permissions, we may collect:

  • Geolocation Information: To enable location-based features (e.g. mapping your venue, assigning delivery zones). You can revoke this permission at any time in your device settings.
  • Mobile Device Access: To access your device's camera or photo library for uploading images. You may revoke this access in your device settings.
  • Push Notifications: To send you order alerts, service messages, or announcements. You may disable these in your device settings.

5. How We Process Your Information

In Short: We process your data to provide, improve, and administer the Service, communicate with you, comply with legal requirements, and with your consent send promotions.

We process your personal data for a variety of purposes, including:

  • Onboarding & Account Management: To register, verify, and administer your restaurant account.
  • Order & Payment Fulfilment: To process Orders placed by Customers, calculate commissions, and remit payouts.
  • Communication: To send operational messages (order updates, support responses, administrative notices).
  • Analytics & Service Improvement: To analyse usage patterns, generate reports, and enhance features, security, and performance.
  • Marketing & Promotions (with Consent): To send you promotional emails about new features, programmes, and offers. You may opt out at any time.
  • Legal & Compliance: To comply with tax, anti-fraud, food-safety, and other regulatory obligations.

6. Lawful Bases for Processing

  • Contract: To perform our obligations under our agreement with you.
  • Legitimate Interests: To operate, secure, and improve the Platform; to communicate essential information.
  • Consent: Where you have opted in (e.g. marketing, optional application data).
  • Legal Obligation: To comply with UK law and regulatory requirements.

7. Sharing Your Personal Data

We may share your data with:

  • Payment Processors (e.g. Stripe).
  • IT, Hosting & Analytics Providers.
  • Customer Support Partners.
  • Legal & Regulatory Authorities when required by law.
  • Prospective Buyers or Investors in the event of a sale, merger, or transfer of assets (under confidentiality safeguards).

We do not sell your personal data to third parties for marketing.

8. International Data Transfers

Some of our service providers may process data outside the UK/EEA. We implement appropriate safeguards—such as Standard Contractual Clauses—to protect your data in accordance with UK GDPR.

9. Data Retention

In Short: We keep your information for as long as necessary to fulfil the purposes outlined in this Notice, unless otherwise required or permitted by law.

9.1 We retain your personal data for as long as your restaurant account is active, and thereafter only as required to provide the Service, comply with legal obligations, resolve disputes, or enforce our agreements.

9.2 After your account is closed or your data is no longer required, we will securely delete or anonymise your data, unless retention is necessary for legal, tax, or fraud-prevention purposes.

9.3 If deletion or anonymisation is not possible (e.g. data stored in backup archives), we will isolate your data and prevent further processing until deletion is possible.

10. Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate or incomplete data.
  • Erase your data ("right to be forgotten") where lawful.
  • Restrict or object to certain processing, including profiling.
  • Receive your data in a structured, commonly used format (data portability).
  • Withdraw consent at any time for consent-based processing.
  • Lodge a complaint with the Information Commissioner's Office (ICO).

To exercise your rights, please contact legal@dished.uk.

11. Security & Breach Notification

We implement appropriate technical and organisational measures such as encryption, access controls, and regular security reviews to safeguard your personal data. In the event of a personal data breach affecting you, we will notify you without undue delay in accordance with UK GDPR.

12. Changes to This Notice

We may update this Notice from time to time. Significant changes will be communicated by email or in-app notification. Continued use of the Service after such updates constitutes acceptance.

13. Your Privacy Rights

In Short: If you are located in the UK or the EEA, you have rights that allow you greater access to and control over your personal information.

You may:

  1. Request access to and obtain a copy of your personal data.
  2. Request rectification of inaccurate or incomplete data.
  3. Request erasure of your data ("right to be forgotten") where no lawful basis exists.
  4. Restrict or object to the processing of your personal data.
  5. Receive your personal data in a structured, commonly used, machine-readable format.
  6. Withdraw consent at any time for consent-based processing.
  7. Lodge a complaint with the Information Commissioner's Office (ICO).

To exercise these rights, contact legal@dished.uk. We will respond in accordance with applicable laws.

14. Contact Us

For privacy-related queries or to exercise your rights, please contact:

Dished Pvt Limited
Registered Office: 128 City Road, London, EC1V 2NX, United Kingdom
Email: legal@dished.uk

By using the Dished restaurant platform, you acknowledge that you have read and understood this Privacy Notice and consent to our processing of your personal data as described.