Privacy Policy Last Updated: March 26th, 2018 Dine Brands Global, Inc. is committed to safeguarding your privacy. We take your privacy seriously. This Privacy Policy (“Policy”) describes how Dine Brands Global, Inc. and its affiliates, including International House of Pancakes, LLC (“IHOP”) and Applebee’s International, Inc. (“Applebee’s”) (collectively “Dine Brands,” “us,” “our,” and “we”) collect, use and disclose personal information of customers who use our services and websites, including, without limitation, dinebrands.com, ihop.com, applebees.com, our mobile websites, mobile applications, social networking or other interactive media sites, other online or mobile services, and any other platforms that link to this Policy (each, a “Site,” and collectively, the “Sites”), or provide us with information on site at one of our franchisee restaurants. This Policy does not apply to third party websites and services. By using the Site, you agree to the terms of this Policy. If you do not agree with the terms of this Policy, do not use the Site. Your access of the Site for the limited and exclusive purpose of reviewing this Policy does not constitute your acceptance of this Policy unless you make any further access or use of our Site. Dine Brands has operations in many international locations and partners with companies around the world. Dine Brands offers many country specific websites; this site is intended for U.S. audiences only. If you are visiting this Site from outside of the U.S., communications with our Sites will necessarily result in the transfer of information across international boundaries. If you are located in the European Economic Area (“EEA”), your data may be transferred from the EEA to countries, including the U.S., which do not have data protection laws comparable to those in the EEA. By visiting this Site and communicating electronically with us, you consent to your data being transferred to and processed by Dine Brands and its partners and service providers in the U.S. and other counties outside of the EEA as set out in this Privacy Policy and subject to the laws of the U.S. Please do not use our Sites if it is illegal to do so in your country. We may update this Policy from time to time, so please check this page periodically for updates. When we update the Policy, we will post the new Policy on this page and change the date at the top of the Policy. We will notify you of any material changes to the Policy. WHAT INFORMATION DOES DINE BRANDS COLLECT? Dine Brands or a third party service provider may collect the following types of personal information: If you use the Sites or otherwise do business with us or one of our franchisee restaurants, you may provide us with your first name, last name, postal address and/or zip code, email address, phone number, date of birth, gender, military or veteran status, and favored franchisee restaurant locations. If you choose to access our social network pages, or connect or otherwise link to our Sites with your own social network page, we may collect social network profile information that you have made publicly available through your social network account settings. We also take steps to listen to our customers and public feedback on social media, and may collect and analyze publicly available social media posts. When you pay your bill at one of our franchisee restaurants, or if you make purchases through the Sites, you may provide us with your financial account information, such as credit card number and other payment information. If you use our mobile application, information such as your user ID, your location and restaurants near you may be collected. If you take a survey, apply for a job, contact us, or interact with us in various other ways, demographic information, dining preferences, and other information you choose to provide, such as resume information, may be collected. We may automatically collect Site usage information when you visit the Sites, such as your domain name, Internet protocol (IP) address, mobile device model, Internet service provider, Site access times, websites that referred you to us, and web pages within our Sites that you visit. When you visit our Sites, we may also automatically infer general location information (e.g., city, state) based on your IP address, or when using our mobile app, through GPS information (if you elect to give our app permission to access your location). Our Sites use web beacons, cookies and other similar technologies to store and understand more information about you, such as, including without limitation, Site usage, and to monitor Site traffic and usage patterns to improve Site functionality. A cookie is a small amount of data that is sent to your browser from a Web server and stored on your computer's hard drive. A web beacon is an object that is embedded in a web page or email that allows us to understand whether the web page or email has been viewed. Dine Brands or third party service providers may also collect or create aggregated or anonymous data that does not directly identify you from usage activity on our Sites, or supplement its data with aggregate data compiled from third party sources. If you opt-in to one of our rewards programs or other marketing campaigns, we may also collect information about you to supplement your program profile. Dine Brands is not responsible for any personal information or other data that franchisees of Dine Brands or its affiliates choose to collect. However, Dine Brands Global may receive information from franchisees or other third parties, including information connected to rewards programs or your visits to our franchisee restaurants. HOW DOES DINE BRANDS USE PERSONAL INFORMATION? Dine Brands may use information collected to: Operate, maintain and improve the Sites and our business. Conduct analytics to help us better understand our customers and improve our services, offerings and personalized experiences at our Sites as well as franchisee locations. Process and manage purchases made at Dine Brands franchisee restaurants and on the Sites and use of Dine Brands Global products and services. Respond to your customer service inquiries, post your comments related to our products and services on our social network pages, and take other actions in response to your questions, comments or Site activity. Communicate with you about special offers, services, and promotions for our brands, affiliates or third party partners that may be of interest to you. Communicate with you about your orders, purchases, and program participation. Provide you with personalized services, including directing you to the nearest Applebee’s or IHOP restaurant based on your location, or providing you with specialized offers based on your Site activity or prior visits to our restaurants. DOES DINE BRANDS SHARE PERSONAL INFORMATION? Dine Brands Global will not disclose your personal information to third parties, except as provided below. We may share your personal information under the following circumstances: We will only share your personal information with unaffiliated third parties for their own marketing purposes with your prior consent, such as for a special joint marketing or promotional campaign. We may share your personal information with our affiliates and between all Dine Brands Global brands (including Applebee’s and IHOP). We may share your personal information with Applebee’s and IHOP franchisees. We may share your personal information with companies that provide services to us, such as credit card processors, gift card service providers, website hosts, email vendors, analytics providers, and other companies that help us provide services, support features on our site or in franchise restaurants, or otherwise market our brands; however, such companies may only use that information to provide services on our behalf. We may share aggregated or anonymous information that does not identify you with third parties, and ensure that those third parties commit to not to attempt to re-identify anonymous information. We may disclose your personal information in response to legal process, when required to comply with laws, to combat fraudulent or criminal activity, to enforce our agreements, corporate policies, and the terms of use of the Sites, and to protect the rights, property and safety of Dine Brands, our employees, agents, customers, or others. We may share your personal information in the event of a merger, acquisition, financing, sale of assets, liquidation or other similar transaction. MARKETING, TRACKING AND ANALYTICS Dine Brands, and Dine Brands’ third party service providers on its behalf, may use the information you provide to it from your restaurant and online visits to conduct analytics to help us better understand our customers and improve our services, as well as to make you personalized offers and feature personalized experiences at our Sites and franchisee restaurant locations. If you join our rewards programs and other special marketing campaigns, we may use your personal information, including demographic information, birthday, personal preferences, purchase history, franchise locations you visit, and information about you from third party sources, including your location information, online browsing across time and third party sites to send you real time, geographically relevant and personalized offers, services, and promotions for our brands, affiliates or third party partners. Your participation in these special rewards programs and other marketing campaigns is completely up to you, and if at any point you no longer wish to be a member or participate in these programs, you may opt-out by contacting us at privacydesk@dinebrands.com. HOW DOES DINE BRANDS SECURE PERSONAL INFORMATION? Dine Brands takes reasonable steps to maintain appropriate physical, technical and administrative security to help prevent loss, misuse, unauthorized access, disclosure or modification of personal information. Although no transmission of data over the Internet or other public network can be guaranteed to be 100% secure, Dine Brands makes reasonable efforts to protect any information you share with us. HOW DOES DINE BRANDS TREAT INFORMATION FROM CHILDREN? Dine Brands does not intend for any portion of the Site to be accessed or used by children under the age of thirteen, nor does Dine Brands intend to collect any personally identifiable information from children under the age of thirteen. By using the Site, you are representing that you are not under the age of thirteen. If we obtain knowledge that a child under the age of thirteen has provided us with personally identifiable information, we will promptly delete such information. WHAT CHOICES DOES DINE BRANDS OFFER ABOUT PERSONAL INFORMATION? You may contact us at the email address or phone number below if you wish to view, edit or delete your personal information from our database, and we will use commercially reasonable efforts to accommodate your request. If you no longer wish to receive promotional or informational emails from us, you may opt-out from receiving future emails from us by following the instructions for unsubscribing in the promotional or informational emails we send you or by contacting us at the email address or phone number below. If you have opted into a promotional text-based campaign, and no longer wish to receive SMS messages from Applebee’s, you may opt-out from receiving future SMS messages from Applebee’s by texting 22337 or by contacting us at the email address or phone number below. If you no longer wish to receive other SMS messages from Dine Brands, you may opt-out from receiving future SMS messages from Dine Brands by following the instructions for unsubscribing in the texts we send you or by contacting us at the email address or phone number below. Please note that even if you opt-out of receiving future marketing communications from us, we may still contact you about your account or any products or services you have purchased from you, and we will still respond to your inquiries or requests for information. You may be able to manage how your browser handles cookies by adjusting your browser’s privacy or security settings. If you set your browser to reject cookies, please note that you may not be able to access certain features on our Sites. Dine Brands does not honor web browser “Do Not Track” signals. When you download our mobile apps, you may be able to manage how your mobile device shares certain information with us by adjusting your mobile device’s privacy or security settings. In particular, you may elect whether to share location information with our mobile apps to access the mobile app’s location based services. Please note that any information you choose to provide in a public setting, such as on Dine Brands social network pages, is not only provided to Dine Brands but may also be shared publicly. Use caution when posting or sharing information on social networking sites. You may also be able to manage the sharing of certain personal information when you connect with us through social networks by adjusting the privacy or security settings of your social network accounts. YOUR CALIFORNIA PRIVACY RIGHTS California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits California residents to request annually, free of charge, information about what personal information Dine Brands disclosed to third parties, including affiliates, for direct marketing purposes. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which Dine Brands shared information in the immediately preceding calendar year. California residents may make such requests in writing to: Dine Brands: Dine Brands Global, Inc. Attention: Privacy Desk 450 N. Brand Blvd., 7th Floor Glendale, CA 91203 privacydesk@dinebrands.com IHOP: International House of Pancakes, LLC Attention: Privacy Desk 450 N. Brand Blvd., 7th Floor Glendale, CA 91203 privacydesk@ihop.com Applebee's: Applebee's International, Inc. Attention: Privacy Desk 450 N. Brand Blvd., 7th Floor Glendale, CA 91203 privacydesk@applebees.com CONTACT US Please contact us if you have any questions or comments about our privacy practices or this Privacy Policy. You can reach us via email or via postal mail at the following addresses: Dine Brands: Dine Brands Global, Inc. Attention: Privacy Desk 450 N. Brand Blvd., 7th Floor Glendale, CA 91203 privacydesk@dinebrands.com IHOP: International House of Pancakes, LLC Attention: Privacy Desk 450 N. Brand Blvd., 7th Floor Glendale, CA 91203 privacydesk@ihop.com Applebee's: Applebee's International, Inc. Attention: Privacy Desk 450 N. Brand Blvd., 7th Floor Glendale, CA 91203 privacydesk@applebees.com © 2018 Dine Brands Global, Inc. All rights reserved.