Home » Safe Harbor Privacy Policy

Safe Harbor Privacy Policy

Last updated: April 30, 2012

We, GrubHub Holdings Inc. (“GrubHub Holdings“) have created this Safe Harbor Privacy Policy to help you learn about how we handle Personally Identifiable Information that that is collected by our subsidiary in the United Kingdom, Seamless Europe, Limited and transferred to us in the United States. This Safe Harbor Privacy Policy supplements our Privacy Policy. Unless specifically defined in this policy, the terms in this Safe Harbor Privacy Policy have the same meaning as in our Privacy Policy.

We have subscribed to and will adhere to the US-EU Safe Harbor program (“Safe Harbor Program”) agreed to by the U.S. Department of Commerce and the European Union (EU) by adopting and implementing the Safe Harbor Privacy Principles, which include a set of frequently asked questions (collectively, the “Principles”). More information about the Safe Harbor Program can be found at http://www.export.gov/safeharbor/.

Information Collected Voluntarily Provided by You
We may receive Personally Identifiable Information from our UK subsidiary, including, but not limited to, name, postal address, telephone number, e-mail address, credit card number or other payment account number (including the three (3) or four (4) digit validation code for your credit card).

Use of Personally Identifiable Information
Any Personally Identifiable Information we receive from our UK subsidiary may be used by us and our affiliates and our and their agents, partners, or licensees for the purposes indicated in our Privacy Policy, on the Site or at the time the information was collected offline. If we intend to use the Personally Identifiable Information that we receive from our UK subsidiary for a purpose that is incompatible with these purposes, or if we intend to disclose it to a category of third party not previously identified, we will notify you and offer you the opportunity to opt out of such uses and/or disclosures.

Agents and Service Providers
We work with third parties who provide services such as website hosting, data analysis, payment processing, order fulfillment, infrastructure provision, IT services, customer service, e-mail delivery services, credit card processing and other similar services. We may share Personally Identifiable Information that we receive from our UK subsidiary with these third parties to enable them to provide services. These service providers are given access to Personally Identifiable Information that we receive from our UK subsidiary to the extent needed to perform their functions, but are restricted from using the Personally Identifiable Information for purposes other than providing services for us. We require that our agents and service providers that have access to Personally Identifiable Information received from our UK subsidiary (a) subscribe to the Principles, (b) are subject to the EU Privacy Directive or another adequacy finding, or (c) enter into a written agreement with us that requires them to provide at least the same level of privacy protection as is required by the relevant Principles.

Security
We use reasonable organizational, technical and administrative measures to protect Personally Identifiable Information that we receive from our UK subsidiary. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. We ask that you do your part by, at a minimum, keeping any computer passwords you use to access the Internet or the Site strictly confidential.

Data Integrity
We take reasonable steps to ensure that Personally Identifiable Information we process is reliable for its intended use, accurate, complete, and current to the extent necessary for the purposes for which we use the Personally Identifiable Information.

Access
You can review and correct the Personally Identifiable Information that we maintain about you by adjusting your preferences in the “My Account” section of our website, by logging onto your account from http://www.seamless.com/. We may need to retain certain information for record keeping purposes, and there may also be residual information that will remain within our databases and other records, which will not be removed therefrom. Finally, we are not responsible for removing or suppressing information from the databases of third parties with whom we have already shared Personally Identifiable Information about you, or limiting their use of Personally Identifiable Information about you.

Safe Harbor Enforcement and Dispute Resolution
If you have any questions or concerns, please write to us at the address listed below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the Safe Harbor Principles.

Contact Information
In compliance with the US-EU Safe Harbor Principles, GrubHub Holdings commits to resolve complaints about your privacy and our collection or use of your personal information. European Union citizens with inquiries or complaints regarding this privacy policy should first contact GrubHub Holdings at:

GrubHub Holdings Inc.
Attention: Privacy Team
1065 Avenue of the Americas, 15th Floor
New York, NY 10018
E-mail: privacy@grubhub.com
GrubHub Holdings has further committed to refer unresolved privacy complaints under the US-EU Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU SAFE HARBOR, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by GrubHub Holdings, please visit the BBB EU SAFE HARBOR web site at http://www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.

Privacy Policy Changes
This Safe Harbor Privacy Policy may be changed from time to time, consistent with the requirements of the Safe Harbor. We will post any revised policy on the Site. You can determine when this Safe Harbor Privacy Policy was last revised by referring to the “LAST UPDATED” legend at the top of this page. Any changes to our Safe Harbor Privacy Policy will become effective upon our posting of the revised Safe Harbor Privacy Policy on the Site. Use of the Site following such changes constitutes your acceptance of the revised Safe Harbor Privacy Policy then in effect.