Privacy Policy

Privaatsuspoliitika

Last updated: February 5, 2026

Viimati uuendatud: 5. veebruar 2026

Nomi Pass ("we", "us", or "our") operates the Nomi Pass mobile application and website (nomipass.com). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Nomi Pass ("meie") haldab Nomi Passi mobiilirakendust ja veebilehte (nomipass.com). Kaesolevas privaatsuspoliitikas selgitame, kuidas me kogume, kasutame, avaldame ja kaitseme teie andmeid meie teenuse kasutamisel.

1. Information We Collect

1. Andmed, mida me kogume

Information You Provide

Teie esitatud andmed

• Account information: Name, email address, and password when you create an account
• Profile information: Profile photo, preferences, and dietary interests (optional)
• Payment information: Payment details for membership subscriptions, processed securely by our third-party payment provider
• Communications: Messages or feedback you send to us

• Konto andmed: nimi, e-posti aadress ja parool konto loomisel
• Profiili andmed: profiilipilt, eelistused ja toitumiseelistused (vabatahtlik)
• Makseandmed: liikmemaksu makseandmed, mida tootleb turvaliselt meie kolmandast osapoolest makseteenuse pakkuja
• Suhtlus: meile saadetud soovid voi tagasiside

Information Collected Automatically

Automaatselt kogutavad andmed

• Device information: Device type, operating system, unique device identifiers, and mobile network information
• Usage data: Features used, deals viewed, redemptions made, and time spent in the app
• Location data: With your permission, approximate location to show nearby restaurants and deals. You can disable this in your device settings at any time
• Log data: IP address, browser type, access times, and referring URLs

• Seadme andmed: seadme tuup, operatsioonisusteem, seadme identifikaatorid ja mobiilivorgu teave
• Kasutusandmed: kasutatud funktsioonid, vaadatud pakkumised, kasutatud pakkumised ja rakenduses veedetud aeg
• Asukohaandmed: teie loal ligikaudne asukoht, et naidata laheduses olevaid restorane ja pakkumisi. Saate selle igal ajal seadme seadetes valja lulitada
• Logiandmed: IP-aadress, brauseri tuup, sisselogimise ajad ja suunavad URL-id

2. How We Use Your Information

2. Kuidas me teie andmeid kasutame

We use the information we collect to:

Kasutame kogutud andmeid jargmistel eesmarkidel:

• Provide, maintain, and improve the Nomi Pass service
• Process transactions and manage your membership
• Show relevant deals and restaurants near you
• Send you service-related communications (e.g., confirmations, updates)
• Send promotional communications, where you have opted in (you can unsubscribe at any time)
• Detect, prevent, and address fraud or technical issues
• Analyze usage patterns to improve the user experience

• Nomi Passi teenuse pakkumine, haldamine ja taiustamine
• Tehingute tootlemine ja liikmesuse haldamine
• Teile laheduses olevate pakkumiste ja restoranide naitamine
• Teenusega seotud teadete saatmine (nt kinnitused, uuendused)
• Turunduslike teadete saatmine, kui olete selleks nosoleku andnud (saate igal ajal loobuda)
• Pettuste voi tehniliste probleemide avastamine, ennetamine ja lahendamine
• Kasutusharjumuste analuusimine kasutajakogemuse parandamiseks

3. Legal Basis for Processing (GDPR)

3. Andmetootluse oiguslik alus (GDPR)

If you are in the European Economic Area (EEA), our legal basis for collecting and using your personal data depends on the information concerned:

Kui asute Euroopa Majanduspiirkonnas (EMP), soltub meie isikuandmete kogumise ja kasutamise oiguslik alus konkreetsetest andmetest:

• Contract: Processing necessary to provide you the service you signed up for
• Consent: Where you have given us permission (e.g., location data, marketing emails)
• Legitimate interests: To improve our service, prevent fraud, and ensure security
• Legal obligation: Where we are required to process data by law

• Leping: tootlemine, mis on vajalik tellitud teenuse osutamiseks
• Nousolek: kui olete andnud meile loa (nt asukohaandmed, turunduskirjad)
• Oigustatud huvi: teenuse taiustamiseks, pettuste ennetamiseks ja turvalisuse tagamiseks
• Oiguslik kohustus: kui seadus kohustab meid andmeid tootlema

4. How We Share Your Information

4. Kuidas me teie andmeid jagame

We do not sell your personal data. We may share your information with:

Me ei muu teie isikuandmeid. Voime jagada teie andmeid jargmistega:

• Partner restaurants and venues: Limited redemption data (e.g., that a valid Nomi Pass member redeemed a deal) to verify transactions. We do not share your name or contact details with partners
• Service providers: Third parties that help us operate the service (e.g., hosting, payment processing, analytics). These providers are contractually obligated to protect your data
• Legal requirements: When required by law, regulation, or legal process
• Business transfers: In connection with a merger, acquisition, or sale of assets, with notice to you

• Partnerrestoranid ja -asutused: piiratud andmed pakkumiste kasutamise kohta (nt et kehtiv Nomi Passi liige kasutas pakkumist) tehingute kinnitamiseks. Me ei jaga partneritega teie nime ega kontaktandmeid
• Teenusepakkujad: kolmandad osapooled, kes aitavad meil teenust hallata (nt serverid, maksete tootlemine, analuutika). Need pakkujad on lepinguga kohustatud teie andmeid kaitsma
• Oiguslikud kohustused: kui seadus, maarus voi oiguslik menetlus seda nouab
• Ariulekanded: seoses uhinemise, omandamise voi varade muugiga, teavitades teid sellest

5. Data Retention

5. Andmete sailitamine

We retain your personal data only for as long as necessary to provide the service and fulfill the purposes described in this policy. When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are legally required to retain it.

Sailitame teie isikuandmeid ainult nii kaua, kui see on vajalik teenuse osutamiseks ja kaesolevas poliitikas kirjeldatud eesmarkide taitmiseks. Konto kustutamisel kustutame voi anonuumistame teie isikuandmed 30 paeva jooksul, valja arvatud juhul, kui seadus nouab nende sailitamist.

6. Your Rights

6. Teie oigused

Under the GDPR and applicable Estonian and EU law, you have the right to:

GDPR-i ning kohaldatava Eesti ja EL-i oiguse alusel on teil oigus:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data ("right to be forgotten")
• Restriction: Request restriction of processing of your data
• Portability: Receive your data in a structured, machine-readable format
• Object: Object to processing based on legitimate interests or for direct marketing
• Withdraw consent: Where processing is based on consent, withdraw it at any time

• Juurdepaasuoigus: kusida koopiat oma isikuandmetest, mis on meie valduses
• Parandamine: lasta parandada ebatapseid voi puudulikke andmeid
• Kustutamine: nouda oma isikuandmete kustutamist ("oigus olla unustatud")
• Piiramine: nouda oma andmete tootlemise piiramist
• Ulekantavus: saada oma andmed struktureeritud, masinloetavas vormingus
• Vastuvaade: esitada vastuvaide oigustatud huvi voi otseturunduse alusel toimuvale tootlemisele
• Nousoleku tagasivoetamine: kui tootlemine pohineb nouseolekul, voite selle igal ajal tagasi voetta

To exercise any of these rights, contact us at rob@windgrowth.com. We will respond within 30 days.

Nende oiguste teostamiseks votke meiega uhendust aadressil rob@windgrowth.com. Vastame 30 paeva jooksul.

7. Data Security

7. Andmeturvalisus

We implement appropriate technical and organizational measures to protect your personal data, including encryption of data in transit and at rest, secure authentication, and regular security assessments. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

Rakendame asjakohaseid tehnilisi ja korralduslikke meetmeid teie isikuandmete kaitsmiseks, sealhulgas andmete kruptimine edastamisel ja salvestamisel, turvaline autentimine ja regulaarsed turvahindamised. Siiski ei ole ukski edastus- ega salvestusviis 100% turvaline ja me ei saa tagada taiuslikku turvalisust.

8. International Data Transfers

8. Rahvusvahelised andmeedastused

Your data may be processed on servers located outside your country of residence. Where we transfer data outside the EEA, we ensure appropriate safeguards are in place (such as Standard Contractual Clauses) to protect your data in accordance with GDPR requirements.

Teie andmeid voib toodelda serverites valjaspool teie elukohariiki. Andmete edastamisel valjapoole EMP-d tagame asjakohaste kaitsemeetmete olemasolu (nagu standardsed lepingutingimused), et kaitsta teie andmeid vastavalt GDPR-i nouetele.

9. Children's Privacy

9. Laste privaatsus

Nomi Pass is not intended for children under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly. If you believe a child has provided us with personal data, please contact us at rob@windgrowth.com.

Nomi Pass ei ole moeldud alla 16-aastastele lastele. Me ei kogu teadlikult alla 16-aastaste laste isikuandmeid. Kui saame teada, et oleme kogunud alla 16-aastase lapse isikuandmeid, kustutame need viivitamatult. Kui arvate, et laps on meile isikuandmeid esitanud, votke meiega uhendust aadressil rob@windgrowth.com.

10. Third-Party Services

10. Kolmandate osapoolte teenused

Our app may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any personal data.

Meie rakendus voib sisaldada linke kolmandate osapoolte veebilehtedele voi teenustele. Me ei vastuta nende privaatsustavade eest. Soovitame enne isikuandmete esitamist tutvuda nende privaatsuspoliitikaga.

11. Analytics and Tracking

11. Analuutika ja jalgimine

We may use analytics tools to understand how users interact with our service. These tools may collect information such as how often you use the app, events that occur within the app, aggregated usage data, and performance data. This data is used solely to improve the service and is not linked to any personally identifiable information.

Voime kasutada analuutikatooristu, et moista, kuidas kasutajad meie teenust kasutavad. Need tooriistad voivad koguda teavet selle kohta, kui tihti te rakendust kasutate, millised sundmused rakenduses toimuvad, koondatud kasutusandmeid ja joudlusandmeid. Neid andmeid kasutatakse ainult teenuse parandamiseks ega seostata isikut tuvastava teabega.

12. Push Notifications

12. Teavitused

With your consent, we may send push notifications about new deals, nearby offers, and account updates. You can manage your notification preferences in the app settings or through your device settings at any time.

Teie nouseolekul voime saata teavitusi uute pakkumiste, laheduses olevate sooduspakkumiste ja konto uuenduste kohta. Teavituste eelistusi saate hallata rakenduse seadetes voi seadme seadete kaudu igal ajal.

13. Changes to This Policy

13. Muudatused kaesolevas poliitikas

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy in the app and on our website, and updating the "Last updated" date. Your continued use of the service after any changes constitutes acceptance of the updated policy.

Voime seda privaatsuspoliitikat aeg-ajalt uuendada. Olulistest muudatustest teavitame, avaldades uuendatud poliitika rakenduses ja veebilehel ning uuendades kuupaeva "Viimati uuendatud". Teenuse jatkuv kasutamine parast muudatusi tahendab uuendatud poliitika aktsepteerimist.

14. Contact Us

14. Kontakt

If you have any questions about this Privacy Policy or our data practices, please contact us:

Kui teil on kusimusi selle privaatsuspoliitika voi meie andmekasituse kohta, votke meiega uhendust:

• Email: rob@windgrowth.com
• Website: nomipass.com

• E-post: rob@windgrowth.com
• Veebileht: nomipass.com

If you are in the EU and are not satisfied with our response, you have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) or your local supervisory authority.

Kui asute EL-is ja ei ole meie vastusega rahul, on teil oigus esitada kaebus Andmekaitse Inspektsioonile voi oma kohalikule jarelevalveasutusele.