Thank you to Odia Kagan, Partner and Chair of GDPR Compliance & International Privacy at Fox Rothschild LLP, for always bringing clarity to a complex set of ever-changing rules and legislation.
At MURTEC 2020, Kagan led sessions on data privacy and GDPR and what operators need to know. On November 11, the data privacy expert returned to address customer data and the new laws affecting how restaurants can do business.
Top 3 Key Takeaways:
1) If you are using biometrics for food ordering, payment or authentication, it is best to pause and consider whether you need a notice and consent for this. A new New York law requires prominent signage and the existing Illinois BIPA requires notice and consent and has been litigated heavily.
2) Food delivery applications delivering in NYC are now required to share order information with the restaurant, unless the customer opts out of this sharing. They also need to provide conspicuous notice of the sharing. The restaurants themselves are also limited in how they share the information without consent.
3) If your service utilizes drivers for delivery and pickup and you track them, make sure that you are giving them disclosure of this, do a risk assessment of real-time tracking and limit the access permissions to the drivers’ whereabouts to those who really need it. Be mindful of profiling.
RTN will continue delivering expert content for our members on the hottest topics. Stay tuned for our next Town Hall. And thank you to all those in attendance. See you next time!