top of page

Privacy Policy - Rider

Who is the data controller?

The data controller, i.e. the body that defines the purposes and means of the processing

specified in this privacy policy is Delivery Hero Food Hong Kong Limited (Foodpanda), 23/F,

Tower Two, Times Square, 1 Matheson Street, Causeway Bay, Hong Kong, and email address hereinafter referred to as “foodpanda” “we”, “our”, “controller”). We also

use the terms "rider" or "employee" for your salutation.

Why and which personal data do we process?

Below you can see which of your data we need for which purposes and under which

circumstances we share your data with others.

Personal data is information from which we can directly or indirectly relate to your person,

such as first and last name, address, phone number, date of birth, location data or email


Which personal data do we process?

In order to provide our delivery service to our customers, we use various tools and systems

that are absolutely necessary for the delivery of orders. We also use external and internal tools

and systems to process your personal data for personnel management and business


We collect, process and store the following categories of personal data within the scope of

using the tools and systems:


For what purposes do we process personal data? 

We only collect your personal data if this is necessary and the purpose is legal and the  processing is proportionate. Below we would like to give you more information for the  purposes and legal basis:


How long do we store personal data? 

We generally delete your data after the purpose has been fulfilled. The exact deletion rules are  defined in our regional deletion concepts. Different deletion rules apply depending on the  purpose of the processing. Within our deletion concepts we have defined various data classes  and assigned rule deletion periods to them. When the retention period is met, the stored data  will be deleted accordingly. 

Under certain circumstances, any requests for deletion may be opposed by legal retention  periods, which prevent us from deleting the stored data for a fixed minimum period of time. In  order to comply with these legal requirements, we block the relevant data after the purpose  has been fulfilled and thereby guarantee data completeness and data integrity.

With which data processors and why do we share personal data? 

We never give your data to unauthorized third parties. However, as part of our work we obtain  the services of selected service providers and give them limited and strictly monitored access  to some of our data. However, before we forward personal data to these data processors for  processing on our behalf, each individual company undergoes an audit. All data recipients  must meet the legal data protection requirements and prove their data protection level with  appropriate proofs.  

In the following we would like to inform you in a transparent and understandable way about  all our data recipients with the respective reasons:


To which third countries do we transfer personal data?

We process your data mainly within  the Asia-Pacific (APAC). However, some of our service providers mentioned above are based  outside of APAC. 

All our data receives have to measure up to certain requirements for the transfer of personal  data to third countries. Before we transfer your data to a service provider in third countries,  every service provider is first assessed with regard to its data protection level. Only if they can  demonstrate an adequate level of data protection will they be shortlisted for service providers. 

Regardless of whether our service providers are located within the APAC or in third countries,  each service provider must sign a contract with us, which shall contain the provisions as  required by the Personal Data (Privacy) Ordinance (Cap. 486).


In order to make the visit of our website attractive and to enable the use of certain functions,  we use so-called cookies on various pages. These are small text files that are stored on your  device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your device and  allow us or our affiliate to recognize your browser on your next visit (persistent cookies). You  can set your browser so that you are informed about the setting of cookies and individually  decide on their acceptance or exclude the acceptance of cookies for specific cases or in  general. Failure to accept cookies may limit the functionality of our website/app. 

You can install additional add-ons in your browser that block unnecessary cookies. By doing  so, you will not see any interest-based advertisements. 

Categories of personal data: 

Limited device information such as IP address, device ID, MAC address, operating system,  device type, Apple Advertiser ID (IDFA) or Android Ad ID (AAID)  

Legal basis: 

• Consent 

• Legitimate interest is the purpose described above. 

You can find our cookie policy with all the cookies we use in our Cookies and Web-Tracking  Policy.

What are your rights as data subjects and how can they be asserted?

You have the right to receive explicit information from us about the personal data we have  stored about you, free of charge.  

In addition, you have the following rights:


The supervisory authority responsible for us is: 

Privacy Commissioner for Personal Data 

Room 1303, 13/F, Sunlight Tower, 

248 Queen’s Road East, Wanchai, Hong Kong 


To exercise your rights, you can contact at any time. 

If you believe that we have done something wrong with your personal data or your rights, you  can complain to the appropriate supervisory authority at any time. The supervisory authority  responsible for us is: 

Privacy Commissioner for Personal Data 

Room 1303, 13/F, Sunlight Tower, 

248 Queen’s Road East, Wanchai, Hong Kong.

bottom of page