Pronto Ltd. and it’s related bodies corporate (PRONTO) takes customer privacy seriously and is committed to protecting customer information whether you have visited our website at pronto.bm or utilised our mobile application (together, the “Website”).
By visiting or ordering services on this Website, you agree and where required you consent to the collection, use and disclosure of your personal information as set out in this policy.
- What information we collect and why we collect it.
- How we use that information.
- The choices we offer, including how to access and update information.
We’ve tried to keep it as simple as possible, but if you’re not familiar with terms like cookies, IP addresses and browsers, then read about these key terms first. Your privacy matters to us; whether you are new to PRONTO or a long-time customer, please do take the time to get to know our practices – and if you have any questions, contact us.
INFORMATION WE COLLECT
You do not have to provide personal information to us, however, if you do not, it may affect your use of this Website or the products and/or services offered on or through it.
Information is also generated whenever a page is accessed on our Website that records information such as the time, date and specific page. We collect such information for statistical and maintenance purposes that enables us to continually evaluate our Website performance.
You may also set your browser to block all cookies, including cookies associated with our services, or to indicate when a cookie is being set by us. However, it’s important to remember that many of our services may not function properly if your cookies are disabled. For example, you may not be able to login to PRONTO or utilise other services.
We collect information to enable us to make a delivery to you and to provide better services to all of our users – from figuring out basic stuff like which language you speak, to more complex things like what content of ours matters most to you.
We collect information in the following ways:
INFORMATION YOU GIVE US
We collect information about you and your company as you register for an account with us, create or modify your profile, use, access, or interact with our services or our Website. This can include your name, address(es), phone number(s), email, other contact details and payment information such as credit or debit card information. This type of information may also include information you provide to us when interacting such as support queries, emails or messages sent to us. We will also collect information from you when you contact our riders, including using the chat function on our Website.
INFORMATION WE GET FROM YOUR USE OF OUR SERVICES
About the services that you use and how you use them, like when you visit a website that uses our services or you view and interact with our content. This information includes:
We may collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). We may associate your device identifiers or phone number with your account.
When you use our services or view content provided by us, we may automatically collect and store certain information in server logs. This may include:
- details of how you used our service, such as your search queries;
- telephony log information like your phone number, calling-party number, forwarding numbers, time and date of calls, duration of calls, SMS routing information and types of calls;
- Internet Protocol address;
- device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL; and
- cookies that may uniquely identify your browser or your account.
When you use a location-enabled PRONTO service, we may collect and process information about your actual location, like GPS signals sent by a mobile device.
UNIQUE APPLICATION NUMBERS
Certain services include a unique application number. This number and information about your installation (for example, the operating system type and application version number) may be sent to us when you install or uninstall that service or when that service periodically contacts our servers, such as for automatic updates.
We may collect and store information (including personal information) locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches.
COOKIES AND ANONYMOUS IDENTIFIERS
INTERACTION WITH OTHER TECHNOLOGIES
We may collect information regarding mobile payment methods, NFC tags, QR codes or use of mobile discount codes and vouchers.
We also collect personal information through our related bodies corporate, our business partners, and third parties who supply services to us.
Unless you have elected to remain anonymous through your device and/or platform settings, this information may be collected and used by us automatically if you use the Website or Service through your mobile device(s) via any PRONTO mobile application, through your mobile’s browser or otherwise.
We will not collect sensitive information from you or any third party.
You do not have to provide us with any personal information, however if you do not do so we may not be able to provide you with the products, services or benefits you have requested.
HOW WE USE INFORMATION WE COLLECT
We may use the information we collect, including your personal information and transaction information, from all of our services in any one or more of the locations that PRONTO has operations or otherwise conducts business (these locations currently being Bermuda) for the following purposes:
For the provision of our services and associated billing;
- for internal and service-related purposes, such as to provide, maintain, protect, improve, and personalise our services, to develop new ones and to protect the rights, property, or safety of PRONTO and our users and employees,
- to communicate with you in order to provide you with information we think may be useful or relevant to you;
to promote our services and related services including services that may be the subject of direct marketing and we may contact you to do so by post, phone, mobile messaging (e.g. SMS, MMS etc.);
- to analyse information in order to offer aggregated anonymised data products to third parties;
- to facilitate the sharing of aggregated and anonymised information with third parties, including transaction data. An example of anonymised information would be the number of times an order has been made or location data , which may be used by those third parties to inform judgements about the customer using the software;
- to monitor and analyse trends, usage, and activities in connection with our services and for marketing or advertising purposes or to offer you tailored content;
- to investigate and prevent fraudulent transactions, unauthorised access to or use of our services, and other illegal or unusual activities;
- to use the name you provide for your PRONTO profile across all of the services we offer that require a PRONTO account. In addition, we may replace past names associated with your PRONTO account so that you are represented consistently across all our services;
- when you contact us, to keep a record of your communication to help solve any issues you might be facing. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements;
- from cookies and other technologies, to improve your user experience and the overall quality of our services;
- to combine information from one service, including personal information, into other PRONTO services – for example to make it easier to share things with people you know;
RETENTION OF PERSONAL DATA
We’re required to keep some of your information for certain periods of time under law. When we no longer require your information, we’ll ensure that your information is destroyed or de-identified.
We may need to retain certain personal information after we cease providing you with products or services to enforce our terms, for fraud prevention, to identify, issue or resolve legal claims and/or for proper record keeping.
DISCLOSURE OF PERSONAL INFORMATION OUTSIDE BERMUDA
PRONTO may store or process your personal information on a server located outside the country where you live and may be accessed by or given to our staff working outside Bermuda and third parties including companies within the PRONTO group of companies (which means our subsidiaries and affiliates, our ultimate holding company and its subsidiaries and affiliates) who act for us for the purposes set out in this policy or for other purposes notified to you from time to time in this policy. We may disclose your information to overseas recipients, including, without limitation, recipients located in the United States of America.
The third parties with whom we share your information may undertake various activities such as processing credit card payments and providing support services for us.
By providing us with personal information, you consent to the disclosure of your personal information to third parties who reside outside Bermuda. Where we disclose your personal information to third parties, we will take reasonable steps to ensure that any overseas recipient will deal with such information in a way that is consistent with the Bermuda Privacy Principles.
INFORMATION YOU SHARE
Remember that when you share information publicly, it may be indexable by search engines.
Please note that by submitting comments and feedback regarding the Website and the services, you consent to us to use such comments and feedback on the Website and in any marketing or advertising materials. We will only identify you for this purpose by your first name and the city in which you reside.
INFORMATION WE SHARE
We do not share personal information with companies, organizations and individuals outside of PRONTO unless one of the following circumstances apply:
WITH YOUR CONSENT
We will share personal information with companies, organizations or individuals outside of PRONTO when we have your consent to do so.
WITH ACCOUNT ADMINISTRATORS
If your account is managed for you by an organisation administrator then your organisation’s administrator and resellers who provide user support to your organization will have access to your information (including your email and other data).
Your account administrator may be able to:
- view statistics regarding your account;
- change your account password;
- suspend or terminate your account access;
- access or retain information stored as part of your account;
- receive your account information in order to satisfy applicable law, regulation, legal process or enforceable governmental request;
- restrict your ability to delete or edit information.
WITH THIRD PARTY SERVICE PROVIDERS
We may disclose personal information to:
- third party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, web-hosting and server providers, debt collectors, maintenance or problem-solving providers, marketing or advertising providers, and payment systems operators;
- our existing or potential agents or business partners;
- third parties, including agents or sub-contractors, who assist us in providing information, products, services or direct marketing to you.
TO ADDRESS FRAUD, SECURITY OR TECHNICAL ISSUES
We will share your personal information with trusted third parties where necessary to detect, prevent or otherwise address fraud, security or technical issues.
FOR LEGAL REASONS
We may disclose your information if required by applicable law, regulation or as part of any actual or prospective legal process (including if reasonably necessary to enforce applicable Terms of Service or in order to establish, exercise or defend our legal rights). If we receive a request from a regulatory body or law enforcement agency, and if permitted under law, we may disclose certain information to such bodies or agencies.
MERGER OR ACQUISITION
We may share aggregated, non-personally identifiable information publicly and with our partners – like publishers, advertisers or connected sites. For example, we may share information publicly to show trends about the general use of our services. This could also include government bodies, industry groups, insurers and educational/training facilities.
We have put in place robust measures regarding the security of the information we collect and store about you (including through the use of network and database security measures) and will use our reasonable endeavours to protect your personal data from unauthorised access to or unauthorised alteration, disclosure or destruction. In particular, where commercially viable:
- We encrypt many of our services using Secure Sockets Layer (SSL) or Transport Layer Security (TLS).
- We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorised access to systems.
- We restrict access to personal information to our employees, contractors and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
- We have multiple authentication and access control measures to ensure data is only accessed by authorised personnel
- We enforce strong encryption of all data at rest through the use of the Advanced Encryption Standard (AES-256)
The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our servers via third party networks; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
You may choose to restrict the collection or use of your personal information. If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below. However, we may not be able to provide the services to you in the event you choose to restrict such access.
You may request details of the personal information that we hold about you. An administrative fee may be payable for the provision of such information. In certain circumstances, as set out in the Bermuda Personal Information Protection Act 2016 (PIPA), we may refuse to provide you with personal information that we hold about you.
If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading or out of date.
If you believe that we have breached the Bermuda Privacy Principles and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint.
Please note that clicking on links and banner advertisements on our websites can result in your browser accessing a third party website, where data privacy practices are different to that of PRONTO.
We are not responsible for, and have no control over, information that is submitted to or collected by these third parties and you should consult their privacy policies.
If you have any enquiries or if you would like to contact us about our processing of your personal information, please contact us by any of the methods below. When you contact us, we will ask you to verify your identity.