Privacy Policy

1. Introduction

Dineotech ("we", "our", "us") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our restaurant management platform and related services.

By using our services, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Restaurant Account Information

When you create a restaurant account, we collect:

• Restaurant name and business information
• Owner/manager contact details (name, email, phone)
• Business address and location data
• Payment and billing information
• Staff user accounts and permissions

2.2 Customer Data

Through our platform, restaurants may collect customer information including:

• Names and contact information for reservations
• Order history and preferences
• Table and dining preferences
• Feedback and reviews
• Payment information (processed by third-party providers)

2.3 Technical Information

We automatically collect certain technical information:

• Device information (type, operating system, browser)
• IP addresses and location data
• Usage patterns and feature utilization
• System performance and error logs
• Cookies and similar tracking technologies

3. How We Use Your Information

3.1 Service Provision

• Provide and maintain our restaurant management platform
• Process orders and manage restaurant operations
• Enable communication between staff and customers
• Generate analytics and reporting
• Provide customer support and technical assistance

3.2 Business Operations

• Account management and billing
• Service improvements and new feature development
• Security monitoring and fraud prevention
• Legal compliance and dispute resolution
• Marketing and promotional communications (with consent)

4. Information Sharing and Disclosure

4.1 No Sale of Personal Information

We do not sell, rent, or lease your personal information to third parties for marketing purposes.

4.2 Limited Sharing

We may share information in the following circumstances:

• Service Providers: Trusted third-party vendors who assist in providing our services (cloud hosting, payment processing, analytics)
• Legal Requirements: When required by law, court orders, or government requests
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• Safety and Security: To protect against fraud, security threats, or illegal activities
• Consent: When you explicitly authorize information sharing

5. Data Security

5.1 Security Measures

We implement industry-standard security measures including:

• SSL/TLS encryption for data transmission
• Encrypted data storage with secure access controls
• Regular security audits and vulnerability assessments
• Multi-factor authentication for administrative access
• Employee training on data protection best practices
• Regular backup and disaster recovery procedures

5.2 Data Breach Notification

In the event of a data breach affecting personal information, we will notify affected parties and relevant authorities as required by applicable law, typically within 72 hours of discovery.

6. Your Privacy Rights

6.1 Access and Control

You have the right to:

• Access: Request copies of your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Export your data in a machine-readable format
• Restriction: Limit how we process your information
• Objection: Object to certain processing activities

6.2 Marketing Communications

You can opt out of marketing communications at any time by:

• Clicking "unsubscribe" in email communications
• Updating your account preferences
• Contacting our support team

7. Data Retention

We retain personal information for as long as necessary to provide our services and comply with legal obligations. Specific retention periods include:

• Account Information: Retained while account is active plus 7 years for business records
• Transaction Data: Retained for 7 years for accounting and tax purposes
• Marketing Data: Retained until consent is withdrawn
• Technical Logs: Retained for 2 years for security and performance analysis
• Customer Data: Controlled by restaurant's data retention policies

8. International Data Transfers

Our services may involve transferring data across international borders. We ensure adequate protection through:

• Standard Contractual Clauses (SCCs) with international vendors
• Adequacy decisions for transfers to approved countries
• Additional safeguards for transfers to countries without adequacy decisions
• Regular monitoring of international data protection laws

9. Cookies and Tracking Technologies

9.1 Types of Cookies We Use

• Essential Cookies: Required for basic website functionality
• Performance Cookies: Help us analyze website usage and performance
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used for targeted advertising (with consent)

9.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

10. Children's Privacy

Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

11. Third-Party Services

Our platform integrates with third-party services (payment processors, analytics providers, cloud services). These third parties have their own privacy policies, and we are not responsible for their privacy practices. We encourage you to review their privacy policies.

Key third-party integrations include:

• Payment processors (Stripe, PayPal, etc.)
• Cloud hosting providers (AWS, Google Cloud, etc.)
• Analytics services (Google Analytics, etc.)
• Communication tools (email, SMS providers)

12. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected and how it's used
• Right to delete personal information
• Right to opt out of the sale of personal information
• Right to non-discrimination for exercising privacy rights

To exercise these rights, contact us at privacy@dineotech.com or call +1 (249) 876-6451.

13. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to access your personal data
• Right to rectify inaccurate personal data
• Right to erase your personal data
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

Our legal basis for processing includes contract performance, legitimate interests, legal compliance, and consent where required.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending email notifications to registered users
• Displaying prominent notices in our platform

Your continued use of our services after the effective date constitutes acceptance of the updated Privacy Policy.

15. Contact Information

For questions about this Privacy Policy or to exercise your privacy rights, contact us: