Service Loyalty

CMS Pages

© Copyright AppRisto 2022| All rights reserved.

Privacy and Confidentiality Policy

This privacy and confidentiality policy applies to the processing of personal data of who use thought this website, Arpatex’s application, platforms and products, including order website, app, and services, including services and Business Card(collectively, the “Services”). Unless otherwise stated, the data controller for processing these personal data is Arpatex (hereinafter referred to as ‘’Arpatex’’).

Arpatex protects and maintain the confidentiality of personal information and data of all costumers and visitors that use the Services.

What personal data we process and why

Whenever you interact with Arpatex via our Services we collect and process your personal data directly and through third parties. Arpatex may process your personal data for the following purposes.

1. Ordering process

Arpatex processes the personal data you provide when you place your order. This personal data is needed to execute your order, confirm your order, and to assess your order, payment, and a possible refund or refusal whether needed. Arpatex processes your data to perform the contract in comply regulations, laws, FADP and GDPR. We process the following personal data in the ordering process:

  • Name

  • Address data

  • Contact data

  • Order and transaction data

  • Payment data

2. Restaurant reviews (if applicable)

After the order process, you may provide a review with the relevant restaurant via email. Arpatex processes the personal data you provide when submitting a restaurant review. The legal basis for the processing of personal data when you submit your reviews is the consent that you have been provided. You can withdraw your consent by contacting us to the following email address ____. Arpatex processed the following personal data when you post a restaurant review:

  • Name (if submitted)

  • Contact data

  • Review

3. Customer Services

When you contact Arpatex customer services department, we will use the personal data you provide to answer your questions or handle your complaint. The legal basis for this processing of personal data is that it is needed for the performance of a contract and/or to comply with Arpatex’s obligations in comply with regulations, laws, FADP and GDPR. Arpatex’s processes the following personal data for customer service purposes:

  • Name

  • Address data (if applicable)

  • Contact data

  • Order and transaction data

  • Payment data (if applicable)

  • Comments (if applicable)

4. Customer Accounts

If you interact with our Services you are given the opportunity to create an account. The creation of an account is based on your consent. You can withdraw your consent and/or delete your account by contacting us. The following personal data is processed in connection with your account:

  • Name

  • Address data

  • Contact data

5. Fidelity program

Arpatex has several programs to provide you with offers and discounts. When you make use of one of our programs, we process your personal data to provide you with the discounts or offers as set out in the respective program. The legal basis for this processing of personal data is defined in the regulation, laws, GDPR and FADP, unless your consent is not necessary according to the applicable law.

Fidelity program requires your personal data for shipping purposes. The personal data processes for the fidelity and shipping of your order are:

  • Name

  • Address data

  • Contact data

6. Customer research

Arpatex may approach you to conduct customer research to improve the Services we provide, such as but not limited to, surveys. Arpatex only send you these types of communications with your prior consent, unless this is not necessary according to the applicable law. If you do not wish to receive these surveys you can unsubscribe from them anytime. Arpatex may processes the following personal data for research purposes:

  • Name

  • Contact data

  • Order and transaction data

  • Research input

7. Marketing

Arpatex may process your personal data for marketing purpose, such as: messages with news, discounts, and updates about new restaurants (by email or push notification). The legal basis for this processing of personal data, as defined in the GDPR, FADP and laws, is your consent provided during the ordering process unless your consent is not necessary according to the applicable law. Whenever you want to change your preferences with respect to receiving such messages and notifications, you can unsubscribe using the unsubscribe link in the messages via the following email address _____. Arpatex processes the following personal data for marketing purposes:

  • Name

  • Address data

  • Contact data

  • Order and transaction data

  • Review(s) (optional)

  • Campaign data (optional)

  • DeviceID

  • Cookie and Technology data

8. Cookies

Arpatex uses cookies or similar technologies for functional, analytical, and marketing purposes. Data processed for cookie purposes defer per purpose (functional, analytical or marketing) and depend on the preferences set by you.

Please refer to our Cookes policy for further information about the use of cookies.

9. Analysis

Arpatex uses your personal data for complying with report obligations towards advertisers and to be able to improve Services. The legal basis is based on pursuing an interest of analysis & reporting as defined by law. Arpatex always makes sure the reports do not contain any personal data.

11. Campaigns

Arpatex may launch specific campaigns or contents in connection to its Services. Arpatex will always ask for your permission to process your personal data. The legal basis for this processing activity is your consent. You can always withdraw your consent by contacting us via the following email address.

Arpatex processes the following personal data for campaigning purposes:

  • Name

  • Contact data

  • Order and transaction data (optional)

  • Campaign data (optional)


12. Business and Business Card (if applicable)

Arpatex process personal data if you use your Business allowance to pay for an order you placed via our Services, when using the Business Card, to issue and ship the Business Card, and to provide you with the digital allowance. The legal basis for this processing is that such processing is required for the performance of a contract as defined by law, in addition to any legal obligation or legitimate interest that we may have.

The following personal data may be processed in connection with Business and/or Business Card:

  • Name

  • Address data

  • Employment data (job role, department, contractual hours)

  • Contact data

  • Allowance data

  • Order and transaction data

  • Arpatex for Business Card information

  • Payment data


The Business Card is partnered with card issuing and card transaction services provider Walle, which also qualifies as an independent data controller. For the processing of this data have a look at the privacy policy of the service provider.

13. Processing payment

Payment processing Services allows Arpatex to process payments by credit cards, bank transfers or other means. The data used for payment is collected directly from the service provider and it is not processed in any way by Arpatex. Some of these Services may also enable the scheduled sending of messages to the User, such as emails containing invoices or payment notifications.



Our website is neither intended for persons aged under 16, and nor do we intend to collect personal data of website visitors who are aged under 16. However, Arpatex are unable to verify visitors’ age and therefore advise parents to monitor their children's online activities, to prevent their personal data being collected without parental consent. If you feel that we have collected personal data of a minor without consent, please contact us.

Automated decision-making and profiling

In order to improve our Services, Arpatex uses automated decision-making and profiling. For example, Arpatex uses your address data and/or location data to select available restaurants in your local area. We also use automated decision-making in complying with our legal obligations to prevent money laundering, terrorism financing, and other criminal offences.

If you do not agree with it, you can contact us via email at the following email address: we will proceed to reassess the situation.

How long we store personal data

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, tax, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymize your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.

If you have any questions on the way we retain your personal data you can contact us.

Sharing data with restaurants

If you order through our Services, Arpatex will share your personal information (order, name, address, phone number and contact data) with the restaurant you selected so that the restaurant can deliver your order and where necessary Services. You are a direct customer of the restaurant and the restaurant therefore bears its own responsibility and obligations for the processing of your personal data. For questions about how the restaurant handles your data, it is best to contact the restaurant directly.

Sharing data for Business and for Business Card

If you use your Arpatex application for Business allowance to pay for an order you placed via our Services or by using Arpatex for Business Card, we shares your personal data (such as email address and data about your order and allowance) with the person that grants you the allowance, (which might be your employer, business partner etc.) for performing our contract with this person. Please note that the person that grants you the allowance has its own responsibility and obligation with respect to the processing of your personal data. The person that grants you the allowance also shares personal data with us to allow us and Business card service providers to provide Services for you.

Sharing with third parties

Arpatex may work with other third parties in order to carry out the processing described above and/or to comply with legal obligations.

These third parties will process your personal data on behalf of us (as data processors) or as autonomous data controllers, and have access to your personal data for the purposes described in this privacy notice. We require third parties to protect your personal data in accordance with the standards set out in this privacy notice and we take appropriate measures pursuant to the applicable data protection law to guarantee the same level of protection and confidentiality.

We will also share your data with other third party data controllers where appropriate or required by applicable law or regulation (including a court order) or where we believe disclosure is necessary to comply with legal obligations, to exercise, establish or defend legal rights or to protect the vital interests of any person. Such third party controllers may include law enforcement agencies.

We may also disclose your data to any company or prospective buyer of all or substantially all of our assets in connection with any sale or transfer of those assets.

Your personal data may be shared with the following parties:

  • Software providers

  • Implementation partners

  • Payment and card service providers

  • Customer satisfaction survey firms

  • Loyalty shop partners (see section 5)

  • Professional advisors

  • Law enforcement, regulatory bodies and/or government agencies

  • Prospective buyers

  • Any other third party provided that you have given your consent to the disclosure

Third-party websites

Our website may include links to third-party websites. When accessing such third-party websites, bear in mind that each of these websites has its own privacy statement. Although Arpatex takes great care in selecting websites to link to, we cannot take responsibility for the way in which they handle your personal data.

Where your data gets sent

Arpatex may transfer your personal data outside of the European Economic Area (EEA). This may include transferring it to or accessing it from other jurisdictions, including jurisdictions that may not provide a level of protection equivalent to the EU data protection laws. Where we transfer personal data outside the EEA we will take into account any applicable statutory obligations relevant to personal data transfers and, where there is no European Commission (EC) adequacy decision in place, we will rely on appropriate safeguards, including EC approved standard contractual clauses. We have implemented similar appropriate safeguards with our third party service providers and further data can be provided upon request.

Personal data rights, questions or complaints

You can exercise the rights provided for by applicable data protection laws, which include: the right to request access to, rectification of, or erasure of personal data or restriction of processing, and to object to processing, the right to data portability, to withdraw your consent at any time (without prejudice to the lawfulness of the processing based on the consent given prior to the withdrawal) as well as to lodge a complaint with a supervisory authority. To exercise your rights please contact us.

Regarding requests related to processing or sharing of personal data with third parties, please contact the person that grants you the access or that process your data.


Arpatex takes personal data protection very seriously and we therefore take appropriate measures to protect your personal data against misuse, loss, unauthorised access, unwanted disclosure, and unauthorised alteration. If you feel that your personal data are not adequately protected or there are indications of misuse, please contact us.

Data Protection Authority

Besides the option of lodging a complaint with us, you have the right to lodge a complaint with the relevant supervisory authority for the protection of personal data. To do so, contact the supervisory authority directly.

How to contact us

If you have any questions or concerns about this Privacy Statement and/or our privacy practices, please contact us at the following email address

Arpatex Sàrl

Address: Route des Acacias , 6 - Fribourg

Numero IDE – CHE-409.634.271

Tel. 079 102 72 39

Updates to this privacy policy

Arpatex may update this privacy policy from time to time in response to changing legal, technical or business developments. When we update our privacy Statement, we will take appropriate measures to inform you, consistent with the significance of the changes we make. Where required by applicable data protection law, we will obtain your consent to any material changes to this privacy policy.

Arpatex encourage you to periodically review this Statement for the latest information on our privacy practices.