DINESURF is a restaurant reservation platform “the platform” that provides real-time  information of the best restaurants in their city. It is a single dynamic platform that helps  restaurant petroniser discover and research restaurants faster as well as instantly make  reservations. 

Dinesurf is committed to protecting and respecting the privacy of our customers. Consequently, we are pleased to inform our customers of the privacy policy that govern  our relationship with customers. 

IMPORTANT NOTICE ON CONSENT: 

Kindly note that by accessing and/or installing our platform on your mobile phones,  handheld devices, or any similar and or computerized gadget, you confirm that you  have read, understood, and you accept the terms of this Policy set out hereunder. You  also consent to the collection, use, storage, processing, and disclosure of your personal  information in the manner now set out in this policy. 

Policy Scope: 

This privacy policy (Policy) together with our User Terms of Service as set out at (link for user terms) and any additional terms of use applies to your use of: 

1. Dinesurf’s platform (platform) once you have accessed and/or installed a copy of  the platform onto your mobile telephone, handheld device or any other  computerized device (Device). 

2. Any of the services accessible through the platform (Services) or other sites and  media outlets of ours. 

This policy sets out the basis on which any personal data we collect from you, or that you  provide to us, will be processed by us. Kindly disregard as false any external messages,  emails, or calls requesting your personal details in the name of Dinesurf, where such  information has already been provided to Dinesurf upon signing up on our platform.  

A. Information you now allow us to collect from you: 

We may collect and process the following data about you: 

a) Information you give us about you (Submitted information): 

This may include information: 

● Provided by filling in forms, logging on the platform or the platform Site or  Service Sites (together Our Sites);

● provided by corresponding with our official customer help lines published  in our website and other items of identification with the Dinesurf brand  (for example, by phone call, e-mail or chat); 

● provided by registering to use the platform Site, accessing or registering  the platform, subscribing to any of our Services, searching for a hosted  Services, sharing data via the platform functions, entering a competition,  rating services, promotion, or survey, and reporting a problem with the  platform, our Services, or any of Our Sites. 

● This information may include your name, address, e-mail address, age,  and phone number, age, username, password and other registration  information, financial and credit information (including your credit/debit  card), personal description. 

b) Information you now allow us collect about you and your device:  

When you send an email or other communications to us, we may retain  those communications to process your inquiries, respond to your requests  and improve our services.  

Each time you visit our Site or use our platform, we may automatically have  access to the following information (save for instances where any of the  following information may be required to be processed by Dinesurf and in  which case your express authorisation shall be required): 

● technical information, including the type of mobile device you use,  unique device identifiers (for example, your Device’s International  Modern Equipment Identity (“IMEI”) or serial number), information  about the SIM card used by the Device, mobile network information,  your Device’s operating system, the type of browser you use, or your  Device’s location and time zone setting (Device Information); 

● information stored on your device, including contact lists, call logs,  SMS logs, Facebook friends, contact lists from other social media  accounts, photos, videos or other digital content (Content  Information); 

● data from your use of any other third-party application on the Device  or the Service Sites; and 

● details of your use of any of our platforms or your visits to Our Service  Sites; including, but not limited to, traffic data, location data, weblogs, and other communication data (Log Information). 

c) Location information you now allow us collect: 

Due to the nature of our services and some of our offerings(for example, identifying and suggesting resturants close to you and within your locality)  we will also use GPS technology OR other location services to determine  your current location. You can withdraw your consent to our collection, 

processing or use of this information at any time by logging out and  uninstalling the platform from your Device. 

d) Information we receive from other sources (Third Party Information): 

Due to the nature of the Services which we provide, we are required to  work with some third parties (such as our partner restaurants, payment  service providers and possibly mobile network providers) and we may  receive information about you from them. By using our platform, you  consent to us saving the information obtained from them. 

B. Tracking and cookies: 

We may use mobile tracking technologies and/or website cookies to distinguish  you from other users of the platform, Platform Site, or Service Sites. This helps us to  provide you with a good experience when you use the platform or browse any of  the Service Sites and also allows us to improve the platform and Our Service Sites. 

C. How we use the information collected: 

Information collected by us shall be generally used for the purpose of providing and improving the services available on the platform. We may disclose personal  information that you submit to us to third-party such as (Payment service providers,  our partner restaurants etc.) only where necessary for the purpose of providing our  services and improving the same for your benefit. Provided that, and subject to  compliance with an order of the Court, Arbitral Panel, Tribunal, Regulatory  Directive or Order or any other legal or regulatory obligation, the anonymous  cumulative/aggregate data obtained from our customers’ usage of our platform (not being personal and identifiable/traceable data) may be used by us for the  purpose of industry and market analysis whether solely or in conjunction with third  parties. You agree that third parties may request, and we can provide such  information to them for this purpose whether or not for sufficient consideration. (For  example, we may give out information in this manner: 25% of reservations made  on high-end restaurants in Lagos are by persons under the age of 27). 

D. Consent and Access Rights: 

You hereby consent to the processing of your data by us. We shall obtain your  consent for and to individual matters, where any document deals with different  matters.  

We can process your personal data in the absence of consent where: 

a. processing is necessary for the performance of a contract to which you are a  party or in order to take steps at your request prior to entering into a contract or for the provision of any of our products and services; 

b. processing is necessary for compliance with a legal obligation to which you  are subject;  

c. processing is necessary in order to protect your vital interests or that of another  natural person; and  

d. processing is necessary for the performance of a task carried out in the public  interest or in the exercise of the official public mandate vested in us.  

If we intend to use your data for a purpose that is different from the purpose for  which your data was obtained, we shall undertake to procure your consent prior  to the use of your data for that other purpose. Provided that this requirement will  not extend to matters covered by clause H below. 

In the event of any arrangement whereby Dinesurf Limited is merged or combined  with another entity (ies), sells or transfers all, or a portion of, its business or assets  (including in the event of an internal or external restructuring, reorganization,  dissolution or liquidation) to third parties, you hereby consent that your personal  data held with Dinesurf Limited can be transferred or assigned to third parties who  may become the controllers and/or processors of your personal data that was  held by Dinesurf Limited prior to such arrangement. Dinesurf Limited shall at all  times ensure that you are notified when your personal data is intended to be  transferred to third parties in the circumstances outlined in this clause. 

No Consent shall be sought, given, or accepted in any circumstance that may  engender direct or indirect unlawful propagation of atrocities, hate, child rights  violation, criminal acts, and anti-social conducts. Also, kindly note that you reserve  the right to request the modification or amendment of your personal data in our  possession. Provided that in all cases of access or modification/amendment of  personal information, we shall request sufficient identification, and utilize our  identification policies to enable us to confirm that you are the owner of the data  sought to be accessed or modified/amended. 

E. Personal Data Protection Principles 

When we process your personal data, we are guided by the following principles,  which require personal data to be: 

1. processed lawfully, fairly, in a transparent manner and with respect for the  dignity of the human person. 

2. collected only for specified, explicit and legitimate purposes and not further  processed in a manner incompatible with those purposes. 

3. adequate, relevant, and limited to what is necessary in relation to the purposes  for which it is processed.

4. accurate and where necessary kept up to date. 

5. removed or not kept in a form that permits identification of data subject for  longer than is necessary for the purposes for which the personal data is  processed. 

6. processed in a manner that ensures its security, using appropriate technical  and organizational measures to protect against unauthorized or unlawful  processing and against accidental loss, destruction, or damage.  

F. Third Party Access  

We will only share personal information with other companies or individuals in the  following limited circumstances: 

a. We have obtained your consent, albeit subject to other parts of the policy on  consent. 

b. We provide such information to other trusted businesses or persons for the  purpose of processing personal information on our behalf. We require that  these parties agree to process such information based on our instructions and  in compliance with this Privacy Policy and any other appropriate  confidentiality and security measures. 

c. We have a good faith belief that access, use, preservation or disclosure of  such information is reasonably necessary to (a) satisfy any applicable law,  regulation, legal process, or enforceable governmental request, (b) enforce  applicable terms of service, including investigation of potential violations  thereof, (c) detect, prevent, or otherwise address fraud, security or technical  issues, or (d) protect against imminent harm to the rights, property or safety of  its users or the public as required or permitted by law. 

G. User Responsibility 

You are required to familiarize yourself with this policy and to ensure that the  information you provide to us is complete, accurate and up to date. 

H. Disclosure of your information 

We may disclose your personal information to third parties: 

i. in the event that we sell or buy any business or assets, in which case  we may disclose your personal data (such as Name, Phone number, 

address, nationality, date of birth) to the prospective seller or buyer  of such business or assets; 

ii. if Dinesurf Limited or substantially all of its assets are acquired by a  third party, in which case personal data held by it about its  customers will be one of the transferred assets; 

iii. if we are under a duty to disclose or share your personal data in order  to comply with any legal or regulatory obligation or request (including but not limited to investigative request by legally  authorized authorities); and/or 

iv. in order to: enforce our User Terms of Service and other agreements  or to investigate potential breaches; or for the purpose of publishing  statistics relating to the use of the platform, in which case all  information will be aggregated and made anonymous. 

I. Where we store/transfer your personal data 

The data that we collect from you may be transferred to, and/or stored at, a  destination outside your country of origin or residence (as applicable).  

By providing your consent to this policy, you also authorize us to transfer your  Personal Data provided to us, to such other entities outside Nigeria connected  with the Dinesurf Limited or related third parties, with the understanding that the  data shall be used for the purpose stated in our contracts or terms of engagement  with you and in line with the procedure for offshore transfer of personal data  processed in Nigeria as set out under the Nigeria Data Protection Regulation 2019.  Your Personal Data may be transferred outside Nigeria to any country outside  Nigeria where a Dinesurf Limited entity is incorporated. The NDPR requires that the  destinations must be explicitly mentioned (“Foreign Recipients”). We are required  to inform you that the Foreign Recipients are on the White List of countries in the  NDPR Implementation Framework 2019. What this means is that the NDPR  considers that the Foreign Recipients have adequate data protection measures  of a standard acceptable in Nigeria. By continuing to use our Services or Service  Sites, you explicitly consent to the transfer of your Data to any of the Foreign  Recipients mentioned above. 

Where we have given you (or where you have chosen) a password that enables  you to access certain parts of Our Service Sites, you are responsible for keeping  this password confidential. We ask you not to share a password with anyone.  Unfortunately, the transmission of information via the internet is not completely  secure. Although we will do our best to protect your personal data, we cannot  guarantee the security of your data transmitted to Our Service Sites; any  transmission is at your own risk. Once we have received your information, we will  use strict procedures and security features to try to prevent unauthorized access.

J. Data Security  

We implement and maintain appropriate safeguards to protect personal data,  considering, in particular, the risks to you, presented by unauthorized or unlawful  processing or accidental loss, destruction of, or damage to their personal data.  

Safeguarding will include the use of encryption and pseudonymization where  appropriate. It also includes protecting confidentiality (i.e. that only those who  need to know and are authorized to use personal data have access to it), integrity  and availability of the personal data. We regularly evaluate and test the  effectiveness of those safeguards to ensure the security of our processing of  personal data. 

You should be aware, however, that no method of transmission over the internet  or method of electronic storage is completely secure. While we guarantee that  we shall strive to protect the security of your information and are constantly  reviewing and enhancing our information security measures on a best endeavor  basis, we reasonably expect that there may be eventualities entirely out of our  reasonable control and judgment. Dinesurf Limited therefore, accepts no liability  for any direct or consequential damage or loss, however caused, in connection  with transmission over the internet or electronic storage by or through 

unauthorized, unlawful, and or unidentifiable persons/channels. 

K. Links to third party sites 

Our Service Sites may contain links to other websites owned and operated by third  parties. These links are provided for your information and convenience only and  are not an endorsement by Dinesurf Limited of the content of such linked websites  or third parties. The information that we collect from you will become available to  these websites if you click the link to the websites. These linked websites are neither  under our control nor our responsibility. Dinesurf Limited, therefore, makes no  warranties or representations, express or implied about the safety of such linked  websites, the proprietors or operators of those websites, and the suitability or  quality of information contained on them. This Privacy Policy does not apply to  these websites, thus, we advise and consequently maintain that any access to  these linked third-party websites and/or usage of the information contained  therein, is entirely at your own risk. Dinesurf Limited accepts no liability for any  damage or loss, however caused, in connection with accessing, the use of or  reliance on any information, material, products or services contained on or  accessed through any such linked website. We advise that you contact those  websites directly for information on their privacy policy, security, data collection  and distribution policies. 

L. Your Rights 

We will use your data for the purposes of compiling statistics relating to our user  base and activity summary and any other product or service we provide and may 

disclose such information to any third party for such purposes, provided that such  information will always be anonymous.  

M. Violation of Privacy Policy 

We have put in place procedures to deal with any suspected personal data  breach and will notify you of any personal data breach and let you know the steps  we have taken to remedy the breach and the security measures we have applied  to render your personal data unintelligible.  

All suspected breaches of personal data will be remedied promptly or within a  reasonable period of time from the date of the report of the breach to our official  customer care contact channels (see below), and in any event not exceeding a  period of one (1) month depending on the nature of the breach and the  mechanisms required to be adopted for remediation. 

If you know or suspect that a personal data breach has occurred, you should  immediately contact the Dinesurf Limited team at (email). 

Dinesurf Limited will not be responsible for any personal data breach which occurs  as a result of: 

(i.) any event which is beyond the control of Dinesurf Limited; 

(ii.) any act or threats of terrorism; 

(iii.) any act of God (including but not limited to fires, explosions, earthquakes,  drought, tidal waves and floods) which compromises Dinesurf Limited’s data  protection measures; 

(iv.) war, hostilities (whether war be declared or not), invasion, an act of foreign  enemies, mobilization, requisition, or embargo;  

(v.) rebellion, revolution, insurrection, or military or usurped power, or civil war  which compromises Dinesurf Limited’s data protection measures;  

(vi.) the transfer of your personal data to a third party on your instructions; and (vii.) the use of your personal data by a third party designated by you. 

N. Data Retention 

Dinesurf Limited shall retain and use your Data only as long as is necessary to  provide our services to you, or as required to comply with legal or regulatory  obligations, including under tax and security laws. We may retain your Data for a  minimum of 5 years (or such longer period as may be necessary) even after we  have received a request for deletion from you in order to comply with our  regulatory obligations. We will retain your Data if there is an outstanding obligation  or duty from you.  

Notwithstanding, a request for erasure will automatically be denied in whole or in  part, where it would adversely affect a constitutionally guaranteed right,  contradict a legal obligation, act against the public interest in the area of public 

health, act against the public interest in the area of scientific or historical research,  or prohibit the establishment of a legal defense or exercise of other legal claims  Dinesurf Limited or any legitimate third party. Where a request for erasure is denied,  Dinesurf will provide to you the specific reason for denying the request as soon as  possible but no later than one month after receiving the request for erasure. 

O. Changes to Privacy Policy 

Any changes we may make to this Policy in the future will be posted on this page  and, where appropriate, necessary or required by law, you will be notified on this  platform, when next you log in to this platform or one of our Service Sites., The new  terms may be displayed on-screen and you may be required to read and accept  them to continue your use of the platform or the Services. In any event, by  continuing to use the platform or any Services after the posting of any changes,  you confirm your continuing acceptance of this Policy together with such  changes, and your consent to the terms set out therein.

obliged to keep for administrative, legal, or security purposes.