AT THE BISTRO GROUP, WE TAKE YOUR PRIVACY SERIOUSLY.


We are committed to ensuring that your personal data are protected from collection to disposal. Our privacy practices are aligned with the Republic Act No. 10173 or the Data Privacy Act of 2012 (DPA) and its Implementing Rules and Regulations (IRR).


National Privacy Commission (NPC) Seals and Certificates


The Bistro Group has received NPC Seals and Certificates of Registration for our five affiliates in recognition of the successful registration of our DPO and DPS:

cropped-seal cropped-cor



The Bistro Group (TBG) Privacy Policy


We, at The Bistro Group (“TBG”), value and respect your privacy. This Privacy Policy contains the measures TBG puts in place with respect to the (1) collection of personal data from persons who transact with any of TBG restaurants and those who access or use this website, including any pages therein or our official social media pages; (2) usage and processing of such personal data which may include data sharing; and (3) protection of the rights of the data subject. We recognize the need to keep our services transparent to cultivate a business-customer relationship that is built on trust.



Definitions and Interpretations

Personal information and sensitive personal information shall be collectively referred to as “Personal Data.”


Privacy Policy

Our Privacy Policy explains the types of personal data gathered through our website and other data collection points i.e. in-store transactions, delivery service, online feedback mechanism, and online job applications, and how we process the said data.


Information We Collect

We may collect the following types of information that you may opt to provide through registrations, availment of services, transactions, and employee applications, which may include:

  1. 1.1 In-Store Transactions

    1.1.1 We may need to collect the following information in order to get your feedback on our services and/or to process your government-mandated benefits such as Senior Citizens or Persons with Disability (“SC/PWD”) discounts:

    1. Name;
    2. Address;
    3. Contact number;
    4. A copy of your feedback;
    5. Signature;
    6. SC/PWD Identification Card (“ID”) and the information contained therein (in compliance with legal obligations); and
    7. Payment method details.

  2. 1.2 Ordering Online

    1.2.1 For orders placed through http:///www.bistrodelivers.com.ph , we collect, process, and store the following information in order to register your account, process your order, deliver the products, and communicate with you in relation to your order/s:

    1. First and Last Names;
    2. Email Address;
    3. Mobile/Telephone Number;
    4. Postal/billing/delivery address;
    5. Details of your desired payment method; and
    6. SC/PWD/Student IDs or any government-issued ID and the information found therein (for availment of government-mandated discounts).

  3. 1.3 Getting In Touch With our Customer Service Team

    1.3.1 For inquiries/feedback coursed through https://www.bistro.com.ph , we collect, process, and store the following to address your inquiries or other feedback to help us improve our services:

    1. Name;
    2. Email address; and
    3. Any information that you may voluntarily enter in the input field found on our website.

  4. 1.4 For potential employment at TBG

    1.4.1 You may provide us with the following information in connection with a potential employment opportunity at TBG, whether advertised on our website or otherwise. This information is collected and processed for the purpose of evaluating your application for employment. We may also share and use the disclosed personal data with third parties for a background check, all geared towards helping us evaluate your credentials and qualifications for any available vacancies:

    1. Name;
    2. Email address; and
    3. A copy of your cover letter, resumé or curriculum vitae, and/or portfolio which may likewise contain your:

      1. Name;
      2. Birthdate/age;
      3. Contact number;
      4. Home address;
      5. Email address;
      6. Educational attainment; and
      7. Work background.

  5. 1.5 User content (e.g., photos, comments, and other materials) that you post on our website, applications, and social media pages.

  6. 1.6 Communications between you and the concerned TBG’s Representative in relation to our services such as, but not limited to service-related emails, SMS, or mobile application notifications (e.g., account verification, changes/updates to features of our services, technical and security notices).

  7. 1.7 We have CCTV systems installed in our restaurants and in our office premises to monitor specific areas for security and safety purposes. These CCTV systems have the capability to record videos and/or capture photos of you when you are within the area captured by said CCTVs.

  8. 1.8 We may also process personal data without your consent, such as when processing is according to and is allowed under Sections 12 and 13 of the Data Privacy Act of 2012, its Implementing Rules and Regulations, and the pertinent issuances of the National Privacy Commission.

  9. Analytics information:

  10. 1.9 We use analytics tools that collect information sent by your device to our servers, including the web pages you visit, add-ons, and other information to help us measure traffic and usage trends and to assist us in improving our website . We collect and use this analytics information with analytics information of other users so that it cannot reasonably be used to identify any particular individual user.

  11. 1.10 Cookies and similar technologies:

    1. 1.10.1 When you visit our website, we may use cookies and similar technologies like pixels, web beacons, and local storage to collect information about how you use our services.

    2. 1.10.2 You agree that we may ask advertisers or other partners to serve ads for services to your devices, which may use cookies or similar technologies placed by us.

  12. 1.11 Log file information:

    1. 1.11.1 Log file information is automatically reported by your browser each time you make a request to access (i.e. visit) our website. It can also be provided when the content of the website is downloaded to your browser or device.

    2. 1.11.2 Our servers automatically record certain log file information, including your web request, Internet Protocol ("IP") address, browser type, referring/exit pages and URLs, number of clicks and how you interact with links on our website, domain names, landing pages, pages viewed, and other such information. We may also collect similar information from emails sent by us to our users which then help us track which emails are opened and which links are clicked by recipients.

  13. 1.12 Device identifiers:

    1. 1.12.1 When you use a mobile device like a tablet or phone to access our website, we may access, collect, monitor, store on your device, and/or remotely store one or more "device identifiers." Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device's operating system or other software, or data sent to the device by our website.

    2. 1.12.2 A device identifier may deliver information to us about how you browse and use the service and may help us provide reports or personalized content and ads. Some features of the service may not function properly if use or availability of device identifiers is impaired or disabled.

  14. How Do We Use Your Information

  15. 1.13 In addition to some of the specific uses of information described in the preceding provisions, we may use information that we receive or collect to:

    1. 1.13.1 help you efficiently access your information after you sign in;

    2. 1.13.2 remember information so you will not have to re-enter it during your next use or visit our website and applications;

    3. 1.13.3 provide personalized content and information, including online ads or other forms of marketing from TBG, its subsidiaries and affiliates, its partner merchants, to you;

    4. 1.13.4 provide, improve, test, and monitor the effectiveness of our services;

    5. 1.13.5 develop and test new products, services and features;

    6. 1.13.6 monitor metrics such as total number of visitors, traffic, purchase frequency, and demographic patterns;

    7. 1.13.7 improve dining experience;

    8. 1.13.8 diagnose or fix technology problems;

    9. 1.13.9 establish and verify your identity;

    10. 1.13.10 secure our website, computer systems, and facilities;

    11. 1.13.11 investigate and prevent fraudulent or illegal activities;

    12. 1.13.12 comply with legal obligations;

    13. 1.13.13 engage in other procedures and processes such as data sharing as may be necessary to perform our contractual obligations and commitments to you and such other purposes inherent and vital to the orderly conduct of our business, and as mandated by law;

    14. 1.13.14 for employment purposes;

    15. 1.13.15 monitoring and enforcing compliance with TBG’s policies and procedures;

    16. 1.13.16 transaction verification, internal audits, client, audits, and third party audits; and

    17. 1.13.17 protecting the security of personal data, client information as well as TBG’s data, systems, property, and premises.

  16. How We Share Your Personal Data

  17. 1.14 We may share your personal data in the following instances:

    1. 1.14.1 Within TBG

      TBG, its affiliates and subsidiaries, may process your personal data for the purposes set forth in this Privacy Policy. Data sharing refers to the disclosure or transfer of personal data to third parties, other than those classified as personal information processors.


    2. 1.14.2 Outsourcing and Subcontracting of Personal Data

      We may outsource the processing of your personal data collected by engaging other entities to perform the processing on our behalf such as our partners and partner merchants. We may team up with other entities in the execution, implementation, and improvement of our products or services. These third parties may be provided with access to any of the personal data you provided as long as such access is necessary to perform their functions and in adherence to the purpose/s for which such access was granted. These third parties may not use such data other than on our behalf or subject to contracts that protect the confidentiality of the data.

      Some providers may collect personal data on our behalf. Personal information processors are reminded and required to strictly observe the requirements of this Privacy Policy, the Data Privacy Act of 2012, its Implementing Rules and Regulations, and pertinent issuances of the National Privacy Commission, which provisions are similarly contained in our agreement with said entities.

      Examples of providers include, but are not limited to the following:

      1. Credit card companies and banks;
      2. Customer and support service providers;
      3. Courier service providers;
      4. Email and SMS vendors;
      5. Data analytics firms;
      6. Advertising/Marketing agencies;
      7. Third party providers conducting background checks for purposes of potential employment;
      8. Third party vendors providing data storage services;
      9. Third party vendors conducting audit services;
      10. TBG may also disclose personal data in the event of business mergers or acquisitions.


    3. 1.14.3 To Comply with Law

      We reserve the right to disclose your personal data as may be required by law, when disclosure is necessary to comply with a regulatory requirement, any judicial proceeding, government request, or to protect the safety, rights, or property of our customers, the public, and TBG, its affiliates and subsidiaries, partners, and partner merchants, subject to limitations under present laws on confidentiality of information.


  18. How We Protect Your Personal Data

    We safeguard the confidentiality, integrity, and availability of your personal data to prevent loss, improper use, unauthorized access, alteration, disclosure, destruction, and any other unlawful processing. We implement reasonable technical, organizational, and physical security measures. However, we cannot absolutely guarantee against risks involving personal data processing, whether in storage or in transit, as there is no computer system that is 100% secure.


    How Long Do We Keep Your Information

    Your personal data shall be retained for as long as it is necessary to fulfill the purposes for which it was collected and following our retention policies until it is no longer required nor necessary to keep your information for any other legal, regulatory, or business purposes.


    What are Your Rights as a Data Subject

    Subject to limitations under the law, you are entitled to the following rights as a data subject in relation to your personal data:

    1. Right to Object;
    2. Right to Access;
    3. Right to Rectification;
    4. Right to Erasure or Blocking;
    5. Right to Damages;
    6. Right to Lodge a Complaint with the National Privacy Commission; and
    7. Right to Data Portability.

    How Do You Contact Us

    If you have any data privacy concerns, please contact us through:

    Data Protection Officer
    Email: [email protected]
    Telephone No.: 02 88367141
    Postal Address: The Bistro Group Building 9727 Kamagong St. San Antonio Makati City.

    Any and all requests, queries, complaints, and other communication concerning this Privacy Policy and the processing of your personal data may only be addressed to our Data Protection Officer.


    Changes to the Privacy Policy

    We reserve the right to update this Privacy Policy at any time. We shall inform you of any changes that we make by posting the amended version on our website. We encourage you to review our Privacy Policy from time to time to stay up to date on any changes.


    Date last updated: August 19, 2024