Privacy Policy

At Fog Antipasto Express ("we," "us," or "our"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you visit our restaurant, use our website, or engage with our services.

This policy complies with the Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong ("PDPO") and outlines your rights regarding your personal information.

By using our services, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our services or provide us with your personal information.

Personal Information:

We may collect the following types of personal information:

• Name, phone number, and email address

• Mailing address (for delivery services)

• Payment information (credit/debit card details, processed securely by our payment providers)

• Date of birth (for special occasions or promotions)

• Dietary preferences, restrictions, and allergen information

• Reservation and order history

• Feedback, reviews, and communications with us

Non-Personal Information:

We may also collect non-personal information, including:

• Browser type, device information, and IP address

• Website usage data and analytics

• Location data (if you enable location services)

• Social media interactions and engagement

We collect information through various methods:

Direct Interactions:

• When you make a reservation at our restaurant

• When you place an order for dine-in, takeaway, or delivery

• When you sign up for our newsletter or loyalty program

• When you contact us via phone, email, or social media

• When you participate in surveys, contests, or promotions

Automated Technologies:

• Cookies and similar tracking technologies on our website

• Analytics tools to understand website traffic and user behavior

• CCTV cameras within our restaurant premises (for security purposes)

Third-Party Sources:

• Delivery platforms (e.g., Foodpanda, Keeta)

• Reservation systems (e.g., OpenRice)

• Payment processors

• Social media platforms

We use your personal information for the following purposes:

Service Delivery:

• Processing reservations and orders

• Delivering food and providing customer service

• Communicating about your orders and reservations

• Handling dietary requirements and special requests

Business Operations:

• Managing our customer database

• Processing payments and preventing fraud

• Analyzing customer preferences and improving our menu

• Maintaining hygiene and food safety records

Marketing & Communications:

• Sending promotional offers, newsletters, and updates (with your consent)

• Notifying you about special events and seasonal menus

• Conducting customer satisfaction surveys

• Personalizing your dining experience

Legal Compliance:

• Complying with legal obligations and regulatory requirements

• Responding to legal requests and preventing illegal activities

• Protecting our rights, property, and safety

• Resolving disputes and enforcing our Terms & Conditions

We do not sell or rent your personal information to third parties. However, we may share your information with:

Service Providers:

• Delivery platforms (Foodpanda, Keeta) to fulfill your orders

• Payment processors to handle transactions securely

• Reservation systems (OpenRice) to manage bookings

• Email and SMS service providers for communications

• Cloud storage and IT service providers

Business Partners:

• Marketing and advertising partners (with your consent)

• Analytics providers to improve our services

• Event partners for joint promotions or catering services

Legal Requirements:

• Law enforcement agencies, regulators, or courts when required by law

• Professional advisors (lawyers, accountants, auditors)

• In connection with legal proceedings or investigations

Business Transfers:

• In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity

All third parties are contractually obligated to protect your information and use it only for the specified purposes.

We implement appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction.

Security Measures Include:

• Encrypted data transmission (SSL/TLS) for online transactions

• Secure storage systems with restricted access

• Regular security assessments and updates

• Staff training on data protection and privacy

• CCTV monitoring of physical premises

• Secure disposal of documents containing personal data

Limitations:

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security, and you provide information at your own risk.

If we become aware of a data breach that poses a risk to your rights, we will notify you and the relevant authorities as required by law.

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy or as required by law.

Retention Periods:

• Reservation and order records: 7 years (for accounting and tax purposes)

• Payment information: Immediately after transaction completion (stored only by payment processors)

• Marketing communications: Until you unsubscribe or request deletion

• CCTV footage: 30-60 days (unless required for legal purposes)

• Customer feedback: 3 years

After the retention period expires, we will securely delete or anonymize your personal information, unless longer retention is required for legal, regulatory, or legitimate business purposes.

Under the PDPO, you have the following rights regarding your personal information:

Right to Access:

• You can request a copy of the personal information we hold about you

• We will provide this information within 40 days of your request

Right to Correction:

• You can request correction of inaccurate or incomplete personal information

• We will update your information promptly upon verification

Right to Deletion:

• You can request deletion of your personal information (subject to legal obligations)

• We will honor your request unless we have a legitimate reason to retain the data

Right to Object:

• You can object to the processing of your information for direct marketing purposes

• You can opt-out of marketing communications at any time

Right to Data Portability:

• You can request your personal information in a structured, commonly used format

• We will provide this data in a machine-readable format where technically feasible

To exercise any of these rights, please contact us using the details provided at the end of this policy. We may require proof of identity before processing your request.

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyze website performance.

Types of Cookies We Use:

Essential Cookies:

• Required for website functionality and security

• Cannot be disabled without affecting website performance

Performance Cookies:

• Collect anonymous data on website usage and traffic

• Help us improve our website and services

Functional Cookies:

• Remember your preferences and settings

• Provide personalized content and recommendations

Marketing Cookies:

• Track your browsing behavior for targeted advertising (with your consent)

• Measure the effectiveness of our marketing campaigns

Managing Cookies:

You can control cookies through your browser settings. Note that disabling cookies may affect website functionality.

Most browsers allow you to:

• View and delete existing cookies

• Block third-party cookies

• Set preferences for specific websites

Our website and communications may contain links to third-party websites, social media platforms, and online services (e.g., Foodpanda, Keeta, OpenRice, Instagram, Facebook).

Important Notice:

• We are not responsible for the privacy practices of third-party websites

• Third-party sites have their own privacy policies, which you should review

• We do not control or endorse the content of external websites

• Clicking on third-party links is at your own discretion and risk

When you use third-party services (e.g., food delivery platforms), their privacy policies govern the collection and use of your information by those platforms.

Our services are not directed to children under the age of 18, and we do not knowingly collect personal information from minors without parental consent.

If we become aware that we have collected personal information from a child under 18 without parental consent, we will take steps to delete that information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us so we can take appropriate action.

Your personal information may be stored and processed in Hong Kong or other jurisdictions where our service providers operate.

We take appropriate measures to ensure that your information is treated securely and in accordance with this Privacy Policy and applicable data protection laws.

By using our services, you consent to the transfer of your information to countries outside of Hong Kong, which may have different data protection standards.

We work only with service providers that implement adequate safeguards to protect your personal information during international transfers.

With your consent, we may send you promotional emails, SMS messages, or other communications about:

• Special offers and discounts

• New menu items and seasonal specials

• Events and catering services

• Customer loyalty programs

• Surveys and feedback requests

Opting Out:

You can opt-out of marketing communications at any time by:

• Clicking the "unsubscribe" link in our emails

• Replying "STOP" to SMS messages

• Contacting us directly to update your preferences

• Adjusting your account settings (if applicable)

Please note that even if you opt-out of marketing communications, we may still send you transactional messages related to your orders, reservations, or account.

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations.

When we make significant changes, we will:

• Update the "Last Updated" date at the top of this policy

• Notify you via email or prominent notice on our website (for material changes)

• Seek your consent where required by law

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Your continued use of our services after changes to this policy constitutes your acceptance of the updated terms.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Fog Antipasto Express

Data Protection Officer

Shop G35, G/F, Peninsula Centre

67 Mody Road, Tsim Sha Tsui, Hong Kong

Tel: +852 2153 3686

Email: privacy@fogantipasstoexpress.com

We will respond to your inquiry within 10 business days and make every effort to resolve any concerns promptly and fairly.

If you are not satisfied with our response, you have the right to lodge a complaint with the Office of the Privacy Commissioner for Personal Data in Hong Kong.