Wi-Q Platform Privacy Notice

Updated: February 2025

1. Introduction

wi-Q is a cloud-based mobile ordering platform (Platform) that allows you to: (i) access a trader’s menu; (ii) order food and drinks; and (iii) pay for your order using a selection of payment methods, all using your mobile device, without the need to download an app.

We are committed to protecting your personal data and maintaining transparency in how we collect, process, and store your information when you use our Platform. This Privacy Policy outlines how we handle your data in compliance with the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR).

2. Data Controller

wi-Q Limited (Company Number: 09209151), registered at One Silk St, Ancoats, Manchester M4 6LZ, is the Data Controller responsible for processing your personal data when you access and use our Platform.

3. What Personal Data We Collect

When you use the Platform to access a trader’s menu, place an order, and make a payment, we may collect and process the following personal data:

• Identity Data: Name, contact details (e.g., email address, phone number, delivery address), and any other identifying information provided.
• Order Information: Details of the items ordered, order preferences, and transaction history.
• Payment Data: Payment method used, last four digits of card details (if applicable), and transaction details processed by third-party payment providers.
• Device and Usage Data: IP address, device type, operating system, browser type, session duration, tracking cookies, and interaction with the Platform.
• Location Data: Approximate geolocation (latitude and longitude) to support order fulfilment.
• Customer Preferences: Allergen information and order notes.
• Financial Information: Client card payment details (redacted PAN and token).
• Customer Room Information: Room number (if applicable).
• Date of Birth: If provided by the customer.

4. How We Use Your Personal Data

We process your personal data for the following purposes:

• To provide access to the Platform and enable you to browse a trader’s menu, place orders, inform the venue of any allergy requirements and make payments.
• To facilitate secure payment processing via third-party payment providers.
• To personalise user experience and improve Platform functionality.
• To manage customer support inquiries and handle disputes or refund requests.
• To comply with legal obligations, including fraud prevention and security monitoring.
• To analyse user interactions with the Platform to enhance service performance and reliability.

5. Legal Basis for Processing Personal Data

We process your personal data based on the following legal grounds:

• Performance of a Contract: To fulfil your order and process payments.
• Legitimate Interests: To improve our Platform, prevent fraud, and ensure the security of our services.
• Consent: When you provide explicit consent for optional data processing activities (e.g., marketing communications).
• Legal Obligation: To comply with applicable legal and regulatory requirements.
• Vital Interests: To protect your health by processing allergen information, helping to prevent adverse reactions and ensuring your dietary needs are accommodated.

6. Data Sharing and Third-Party Processors

We do not sell or rent your personal data. However, we may share your data with the following third parties:

• Traders: To facilitate order processing and fulfilment.
• Payment Providers: To process transactions securely (e.g., Go Cardless, Stripe).
• Cloud Hosting and IT Service Providers: To support Platform operations (e.g., Microsoft 365, Google Cloud, SaaS platforms).
• Regulatory Authorities: When required by law or to enforce our legal rights.

All third-party service providers are contractually bound to ensure the confidentiality and security of your personal data in compliance with GDPR.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy:

• Order and transaction data: Retained for up to 7 (6+1) years for tax and accounting purposes.
• Device and usage data: Retained for up to 14 months for analytics and security monitoring.

Once the retention period expires, personal data is securely deleted or anonymised.

8. Your Rights Under GDPR

Under GDPR, you have the following rights regarding your personal data:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your data when no longer necessary.
• Right to Restrict Processing: Request temporary suspension of data processing.
• Right to Object: Object to data processing based on legitimate interests.
• Right to Withdraw Consent: Withdraw consent for marketing communications at any time.

To exercise your rights, contact us at info@wi-q.com. We will respond within one month in accordance with GDPR regulations.

9. Data Security

We implement appropriate technical and organisational measures to safeguard personal data against unauthorised access, alteration, or loss. These measures include encryption, access controls, and regular security assessments.

10. International Data Transfers

If personal data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or equivalent measures to protect your data.

11. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance user experience and analyse Platform usage. For more details, please refer to our Cookie Policy.

12. Updates to This Privacy Policy

We may update this Privacy Policy periodically. The latest version will be posted on our Platform with the update date.

13. Contact Information

For privacy-related inquiries, please contact us at:

If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) or your local data protection authority.