At various points in the InstaApp experience, you may provide us with information about yourself. For example, when you create an account through the Services, you provide us with personal information like your name, email address, and mobile number. And if you place an order through the Services, we collect information including your address and the details of your order. Your account information may be updated or corrected by accessing your account settings. Credit card information is not stored in the InstaApp system and our authorized third party vendors (such as Stripe) are responsible for payment.
When you use the Services, or browse our sites, either through a browser or mobile app, we automatically receive some technical information about the hardware and software that is being used.
We, our partners, our advertisers, and third-party advertising networks use various technologies to collect information, including but not limited to cookies, pixels, scripts, and device identifiers. Cookies are small text files that are sent by your computer when you access our services through a browser. We, our partners, our advertisers, and third-party advertising networks may use session cookies (which expire when you close your browser), persistent cookies (which only expire when you choose to clear them from your browser), pixels, scripts, and other identifiers to collect information from your browser or device that helps us do things such as understand how you use our services and other services; personalize your experience; measure, manage, and display advertising on the Services or on other services; understand your usage of the Services and other services in order to serve customized ads; and remember that you are logged into the Services. Our partners, advertisers, and third-party advertising networks may use these technologies to collect information about your online activity over time and across different websites or online services. By using your browser settings, you may block cookies or adjust settings for notifications when a cookie is set. Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, unless and until the law is interpreted to require us to do so, we do not monitor or take action with respect to “Do Not Track” signals. For more information on “Do Not Track,” visit http://www.allaboutdnt.com
We employ some third-party services to help us understand the usage of the Services and the performance of advertising, and these third parties may also deploy cookies, pixels, or other identifiers on the Services or collect information through our mobile applications. For example, we use Google Analytics to understand, in a non-personally identifying way, how users interact with various portions of the Services — you can learn more about information that Google may collect here.
When you use the Services, or browse our sites, our servers will record information about your usage of the Services and information that is sent by your browser or device. Log information can include things like the IP address of your device, information about the browser, operating system and/or app you are using, unique device identifiers, pages that you navigate to and links that you click, searches that you run on the Services, and other ways you interact with the Services. If you are logged into the Services, this information is stored with your account information.
InstaApp may use third-party advertising companies to serve interest-based advertisements to you. These companies compile information from various online sources (including mobile-enabled browsers and applications) to match you with ads that will be the most relevant, interesting, and timely for you.
Our Services are not intended for children under 13 years of age, and we do not knowingly collect personal information (as defined by the U.S. Children’s Online Privacy Protection Act, or “COPPA”) in a manner not permitted by COPPA. If we obtain actual knowledge that any information we collect has been provided by a child under the age of 13, we will delete that information to the extent required by applicable laws.
We do not knowingly “sell,” as that term is defined under the California Consumer Protect Act (“CCPA”), the personal information of minors under 16 years old who are California residents.
We may use the information we collect for various purposes, including to:
The Services comprise a platform that presents you with a set of one or more virtual web & mobile applications from which you can select food items for picking, packing, and delivery by individual Personal Shopper(s) to your location or, if available, for you to pick up in-store. In order to make this work, we need to share information about you and your order with the other parties who help enable the service. This includes, for example, the Personal Shopper(s) who pick and deliver your order, the payment processing partner(s) that we use to validate and charge your credit card, and the retail partner(s) from which you are purchasing food items. To be clear, only our payment processing partner(s) receive credit card information.
We employ and maintain reasonable administrative, physical, and technical measures designed to safeguard and protect information under our control from unauthorized access, use, and disclosure. Nevertheless, transmission via the internet is not completely secure and we cannot guarantee the security of information about you.
We will make any legally required notifications of any breach of the security, confidentiality, or integrity of your PII, including, without limitation, breaches of your stored PII (as breaches are defined under applicable state or federal statutes on security breach notification). To the extent permitted by applicable laws, we will make such notifications to you without unreasonable delay, as consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.