Top Three Key Takeaways on Customer Data, Privacy & Third-Party Delivery

Thank you to Odia Kagan, Partner and Chair of GDPR Compliance & International Privacy at Fox Rothschild LLP, for always bringing clarity to a complex set of ever-changing rules and legislation.

At MURTEC 2020, Kagan led sessions on data privacy and GDPR and what operators need to know. On November 11, the data privacy expert returned to address customer data and the new laws affecting how restaurants can do business.

Top 3 Key Takeaways:

1) If you are using biometrics for food ordering, payment or authentication, it is best to pause and consider whether you need a notice and consent for this. A new New York law requires prominent signage and the existing Illinois BIPA requires notice and consent and has been litigated heavily.

2) Food delivery applications delivering in NYC are now required to share order information with the restaurant, unless the customer opts out of this sharing. They also need to provide conspicuous notice of the sharing. The restaurants themselves are also limited in how they share the information without consent.

CCPA: What it Means for Your Privacy Notices

3) If your service utilizes drivers for delivery and pickup and you track them, make sure that you are giving them disclosure of this, do a risk assessment of real-time tracking and limit the access permissions to the drivers’ whereabouts to those who really need it. Be mindful of profiling.

ICYMI:  Watch the RTN Town Hall Here. 

RTN will continue delivering expert content for our members on the hottest topics. Stay tuned for our next Town Hall. And thank you to all those in attendance. See you next time!

About the Author:  

Angela Diffly is the co-founder of Restaurant Technology Network (RTN). Follow Angela Diffly on LinkedIn, Follow @RestTechNet on Twitter. For more information about joining the RTN community, please visit www.restauranttechnologynetwork.com. Restaurants join at no cost.  Follow @resturanttechnology on TikTok.