PRIVACY POLICY

GRAB.EAT.SIP

Privacy Policy

 

Last updated: 2025/10/21

 

Grab.Eat.Sip by Bidvest Catering Services (“we”, “our”, “us”) respects your privacy and is committed to protecting the personal information in compliance with the Protection of Personal Information Act, 2013 (POPIA). This Privacy Policy explains how we collect, use, store, disclose and protect your personal information when you visit or place an order on our platter ordering website in South Africa.

By using our website, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

 

 

  1. Responsible Party and Information Officer
    The responsible party for purposes of POPIA is:
    Bidvest Catering Services (Pty) Ltd
    (1994/005030/07)
    Unit 1 Aviation Park
    17 Pomona Road
    Kempton Park
    1619
    Our appointed Information Officer is:
    Name: Lele Sithole
    Email: Lele@bidvestcatering.co.za
    Telephone: 010 142 1230
  2. Information We Collect
    We may collect the following types of personal information when you interact with our website:
    Personal details: Your name, email address, phone number, and delivery address.
    Order details: Items ordered, delivery preferences, and special instructions.
    Payment information: Limited details required to process payments (note: card information is processed securely via our payment gateway and is not stored by us).
    Technical information: IP address, browser type, device information, and cookies to improve website performance.
    Children’s information: We do not knowingly collect information from persons under 18 years. If we become aware that we have inadvertently collected such information, we will take steps to delete it without undue delay.
  3. Lawful Basis for Processing
    We process your personal information on the following legal grounds:
    Contractual necessity: To process and deliver your orders.
    Consent: For direct marketing and promotional communications.
    Legal obligation: To comply with tax, accounting, and regulatory requirements.
    Legitimate interests: To improve our services and ensure website security.
  4. How We Use Your Information
    Your personal information may be used for the following purposes:
    To prepare, process and deliver your platter orders smoothly.
    To keep you updated about your order, let you know about promotions (if you’ve opted in), and share important service updates.
    To make our website, products, and services easier, safer, and more enjoyable for you to use.
    To follow the rules and regulations that apply to our business.
  5. Sharing of Information
    Your privacy is important to us. We will never sell your personal information. We only share it in the limited situations described below:
    Service providers: With trusted third parties such as delivery partners, payment processors, and IT service providers who help us run Grab.Eat.Sip by Bidvest Catering Services.
    Legal compliance: When required by law or to protect our rights, safety, or property.
    Cross-border transfers: If personal information is transferred outside South Africa (e.g., to servers or service providers abroad), we will ensure such transfers comply with POPIA and that appropriate protection is in place.
  6. Data Protection & Security
    We take reasonable technical and organisational measures to protect your personal information including by way of encryption, access restrictions, secure servers, and staff training. These measures are designed to prevent against loss, misuse, unauthorised access, disclosure, alteration, or destruction. That said, no security system is infallible, and we cannot guarantee absolute protection of your information.
  7. Your Rights Under POPIA
    As a South African user, you have the right to:
    Request access to the personal information we hold about you.
    Request correction of your personal information if it is inaccurate, outdated or incomplete.
    Request deletion of your personal information where legally permissible.
    Object to or restrict processing in certain circumstances, including direct marketing.
    Withdraw consent where processing is based on consent.
    To exercise your rights, please contact us using the details below.
  8. Direct Marketing
    We will only send you promotional communications where you have provided your express consent or where you are an existing customer in accordance with POPIA. You can withdraw consent or unsubscribe at any time by following the opt-out instructions in our communications or contacting us directly.
  9. Data Breach Notification
    In the event of a security compromise as defined under POPIA, we will notify the Information Regulator and affected data subjects as required by law. Such notification will be made as soon as reasonably possible after becoming aware of the breach.
  10. Cookies
    Our website uses cookies and similar technologies to improve user experience and analyse site traffic. You may choose to disable cookies in your browser, but this may affect and limit certain website features.
  11. Retention of Information
    We retain your personal information only for as long as necessary to fulfil the purposes set out in this Privacy Policy, unless a longer retention period is required by law.
  12. Complaints
    If you have a complaint about how we process your personal information, please contact our Information Officer first. If you are not satisfied, you may lodge a complaint with the Information Regulator:
    Information Regulator (South Africa)
    JD House, 27 Stiemens Street, Braamfontein, Johannesburg
    Email: complaints.IR@justice.gov.za
    Tel: 010 023 5200
  13. Changes to This Privacy Policy
    We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last Updated” date. We encourage you to review this policy periodically.