This privacy policy (the "Privacy Policy") discloses the information gathering and dissemination practices for this website, located at OHBAKERYREWARDS.COM (the "Website"). We will notify you of changes to our Privacy Policy by posting the new policy on the Website. Review our Privacy Policy regularly so that you can stay informed of our practices, as they may change in the future.
By visiting our Rewards website, using our service, and/or buying our products, you are accepting the practices described in this Privacy Policy. Your assent to our Privacy Policy is essential for us to provide our services. You can opt-out and decide not to provide the requested personal information. However, by doing so, you will not receive the information and/or service you are requesting.
You are requested to submit a registration form (or otherwise provide personal information about you in an equivalent form or manner) in order to become a registered (or logged in) member of our loyalty program, customer engagement program or other service of the Solution (“Registered Member” and the “Registration Form” respectively). The Registration Form includes personal details such as: name, phone number, email and home address. It is customized by us and may include fields which are explicitly indicated as mandatory (i.e.: fields determined by us, which must be completed in order to submit the registration form and to join the customer loyalty program or customer engagement program in connection with the Solution; “Mandatory Fields”).
You may choose not to share your personal information with us. There are many activities, functionalities, features or services of the Solution (as will be determined by us; such as, opening hours, locations list, menus, catalogues or promotions), which will be available to you if you choose not to fill in all Mandatory Fields and not become a Registered Member thereof (“Basic Functionalities”).
If you specifically opt-in to permit access and collection of information from your social network account(s), then your basic personal information in your social network account will be collected (such as your name, photo and email address) as well as your social network user ID (but not your password). Please refer to the social network’s privacy policy for more details on how you can set the privacy preferences of your account to control the information that may be accessed and retrieved. We collect this information for the purpose of enabling your registration to the Solution.
In order to enjoy the benefits of the Solution, you will be requested to identify yourself at our premises or upon usage of Third Parties Services. We will use the information you provide through the Registration Form to verify your identification (including enabling the Third Parties Services) and to attribute your purchases or actions (made online or offline) to you (including those made through the Third Parties Services) and for redemption purposes.
Depending on the context, we may ask you to provide additional information or your information may be provided in several occasions or phases and/or in separate submissions. Please note that refusal to provide any additional information or to accept further terms or offers shall not derogate from our right to store former information provided or submitted to the Solution or to us.
The following section applies to our data collection practices which apply to all End Users, including End Users which do not voluntarily share their personal information with us and use the Basic Functionalities of the Solution.
We collect from all Solution End Users information about the mobile device, such as mobile device identifier and/or account identifier (Android UDID, iOS UUID; Advertising ID: IDFA for iOS devices and AAID for Android devices, or their equivalent), the Internet protocol (IP) address of the device used to access the Internet, geo-location (if enabled), device type and its operating system version.
We also collect information regarding the features, content, services or websites accessed, clicked or interacted with through the Solution as well as information regarding the interactions made with the Solution’s interface and features such as logging info, the Solution’s tabs, banners, or pages that are clicked on or accessed, ads and/or promotions viewed through the Solution and receipt of notifications sent through the Solution.
In addition to the above, if you are a Registered member, we collect information regarding (i) receipt of SMS text messages or emails sent to you through the Solution; (ii) your participation in, or use of, the Solution features available to Registered Members only (such as: scratch card, point accumulation plans, punch card, coupons, gift card, cash back, “Pay with Budget” or their equivalent; collectively: “Members Features”); and (iii) details of purchases made online or offline by using the Solution (e.g., time and date of your purchase, place where purchase was made, the amount paid and information about the items purchased).
We process your geo-location information in order to provide you with offers and/or promotions which are based on your location (“Location Based Services”). These Location Based Services apply whenever your location is made available to us.
Your location will be available to us (i) via your mobile phone, if you provide permission to share it with us; and/or (ii) other sources integrated to the Solution such as: (a) upon purchase at our premises – since we have the knowledge about these premises location; (b) external services integrated with the Solution; and/or (c) through Beacons if used by us at our premises or nearby.
By disabling your geo-location (e.g. through the mobile device operating system), certain features which require your geo-location information may not function or may be interrupted. Please note that by such disabling, your location may still be assumed and/or collected by us from other available sources as described above.
A beacon is a device designed to attract attention to a specific location by using Bluetooth low energy signals (“Beacon”). We may place these Beacons in or nearby our premises in order to collect your approximate location. Once your mobile phone device identifies a signal from a specific Beacon, the Solution will send that identification to our servers. By receiving such identification, we will assume that you are physically located in proximity of the location of that respective Beacon as registered in our database.
We will collect information regarding the purchases made online or at our premises. If you identify yourself at our premises, we will attribute the information in regard of your purchases to you. Purchase details may include: time and date of your purchase, place where purchase was made, the amount paid and information about the items purchased.
We may have collected or processed non-personal or personal information about you prior to joining the Solution. Such information will be added to, or combined with, other information processed under this Policy, and shall be processed in accordance with this Policy.
Third parties which provide other services or solutions to us, which are embedded in or integrated with the Solution, such as ordering, payment, e-commerce or scheduling services or solutions (“Third Parties Services”), will share with us information regarding your interactions with their systems such as: (i) your name, email address and/or phone number (if provided by you); and (ii) purchase details (time and date of the purchase, place where purchase was made, the amount paid and information about the items purchased). Please note that we are not responsible for the data collection and processing practices of such Third Parties Services, which you are encouraged to review before interacting with them.
We do not require End Users to provide sensitive information and do not intentionally collect or process otherwise sensitive information.
If by using the Solution (including any third-party services integrated to or embedded in the Solution) you are asked to provide sensitive information, or you have a reason to suspect that sensitive information is collected, you are kindly requested to immediately report it to us. Please note that the definition of “sensitive information” may not have the same meaning in different jurisdictions.
Personal information about children who are under 13 years, or other minimum age which applies in your country (16 in most EU countries) is not knowingly or intentionally collected. If you are under that age, you are not permitted to use the Solution, register to any Members Features, or use any aspect of the Solution. If you have reason to suspect that children data is collected, you are kindly requested to immediately report it to us.
The information we collect will be used for the following purposes (please note the GDPR legal basis next to each purpose):
To provide you with the Solution’s functionalities, features and services (including, without limitation, personalized content and Location Based Services, if any), send you, from time to time, push notifications, SMS text messages, commercial emails and/or other communications from us. GDPR legal basis: depending on the context, consent, performance of a contract ((i.e. End User Terms of Use), legitimate interest (e.g. send you administrative communications);
To manage the administrative and operational aspects of the Solution. GDPR legal basis: legitimate interest, performance of a contract (i.e. End User Terms of Use);
To enforce this Policy and the End User Terms of Use and prevent unlawful activities and misuse of the Solution. GDPR legal basis: legitimate interest, compliance with laws, performance of a contract (i.e. End User Terms of Use, this Policy);
To comply with any applicable law and assist law enforcement agencies when we have a good faith belief that our cooperation with them meets the applicable legal standards. GDPR legal basis: compliance with laws, legitimate interest; and
To take any action in any case of dispute involving you with respect to the Solution. GDPR legal basis: Legitimate interest, compliance with laws.
If you have questions about these uses, please contact us. Please note that the legal basis is provided for GDPR purposes only.
The information outlined in the preceding sections, may be shared with, or transferred to our processors or vendors for the purposes of helping us provide the Solution. This includes our processors, vendors and third parties which provide you with services, features or content in connection with the Solution such as online ordering, ecommerce services, games, payments, communications, agencies, feedback, plugins or APIs, or companies that host the Solution. If you wish to receive further information, please contact us.
In addition to the above, we may share the information as follows:
If you have breached the End User Terms of Use or this Policy, abused your rights to use the Solution, or violated any applicable law, or in any other case of dispute, or legal proceeding of any kind involving you with respect to the Solution, your information may be shared with competent authorities and with any third party, as may be required;
We may share information that we collect or obtain through the Solution with the relevant authorities, entities or persons if we reasonably believe that we are required by law to share or disclose your information;
Personal data or identifiable information may be shared with, or transferred to, our affiliated corporate group entities (entities controlled by, under common control with, or controlling us, directly or indirectly);
Upon bankruptcy, dissolution or other liquidation or insolvency events or in the event of merger, sale or transfer of all or a portion of our assets or shares or other reorganization or reconstruction in our ongoing business, the information that we receive, collect or obtain, as outlined in the preceding sections, may be shared with or transferred to, that respective entity, provided that it will undertake to be bound by the provisions of this Policy, with reasonably necessary changes taken into consideration. Upon such transfer or sharing of information, that entity will assume full and exclusive responsibility for all subsequent use and processing it makes of the information and we will be released from any liability to you, regarding the succeeding entity’s use and processing of the information by it.
In any case other than the above mentioned in this Policy, your personally identifiable information will be shared with others only if you provide your consent.
The Solution collects anonymized as well as aggregated information, which does not identify you personally. In addition, we may anonymize your information and/or aggregate it with other End Users’ information. Such anonymized or aggregated information will be used by us in any way without restrictions or limitations.
The Solution uses automated decision-making. This is based on the information you provide and your usage of the Solution, the number of transactions, frequency and volume. The consequence of this is that you will receive customized content and different offerings that we pre-customize to your profile.
You may provide information through certain areas, features, frames or sections of the Solution, that are operated by or for third parties. Those third parties may include, e-commerce platforms, scheduling partners, payment services providers and payment processors (“Third Parties” and “Third Parties Services”).
It is those Third Parties, and not us, that are responsible for their data collection practices associated with such Third Parties Services. We encourage you to read the privacy policy of each Third Party.
Third Parties Services will share with us information they collect from you or you voluntarily provide to them which is related to or within the scope of the Solution.
We host your personal information in connection with the Solution either in the European Economic Area, in the US, in the country where we are located, or in countries deemed as providing an adequate level of data protection.
Your data will be accessible in the country where we or our service providers are located, the UK, the US, and countries deemed as providing an adequate level of data protection.
Please contact us if you need further information about this.
Please be informed that under applicable privacy laws, you may have certain rights such as the right to access, rectification, erasure, restriction of processing, objection, withdraw consent (without affecting lawfulness of the processing based on consent before its withdrawal) or data portability. These rights may not be available in certain jurisdictions and/or may be subject to certain derogations or limitations.
If you choose to exercise any End User Right, we will handle these requests in accordance with applicable law but please note that exercise of some of those rights may have commercial consequences. For example, depending on the right exercised, you may be disconnected from the Solution and cease to be a Registered Member; you may have to promptly redeem your benefits/assets accumulated until such exercise (if any) at our premises only; and you may not be able to accumulate any additional benefits/assets as from exercise of some of these rights. We encourage you to make a screenshot of your benefits/assets before you submit your request in order to be able to present them to us upon redemption.
You have the right to lodge a complaint with a supervisory authority but, before filing a claim, we encourage you to resolve the issue in question directly with us in good faith.
We keep your data for as long as we have a valid legal basis, reason or need to keep your data.
Please note that removal of the Solution from your device does not cause a deletion or anonymization of the information you voluntarily provided or information that we collected in accordance with this Policy. You should contact us if you would like your data to be deleted.
This Policy may be changed from time to time. Substantial changes will take effect 30 days after an initial notification is posted through the Solution. Other changes will take effect 7 days after their initial posting within the Solution or other electronic means. However, if the Policy is amended to comply with legal requirements or for urgency reasons, the amendments will become effective immediately upon their initial posting, or as required. The most up-to-date Policy is accessible through the Solution’s settings or information menu or other electronic means.
Your continued use of the Solution after the changed take effect will indicate your acceptance of the amended Policy. If you do not agree with the amended Policy, you must uninstall the Solution and avoid any further use of it.
Contact us at the address below if you want us to change or delete any information that we have about you. We will respond to your request to access, update, or delete your information within ten (10) business days. Before we are able to provide you with any information, correct any inaccuracies, or delete any information, however, we may ask you to verify your identity.
O&H Danish Bakery
5910 Washington Avenue
Racine, WI 53406 U.S.A.
Local: (262) 631-5398
toll free: (877) 369-3565
This privacy policy is effective as of Oct 1, 2019.
