Privacy Policy

Last updated: April 2026

1. Information We Collect

Restaurant Owners (Customers)

When you create an account, we collect your name, email address, and restaurant information. We also collect usage data to improve the Service.

Restaurant Guests

Guests browsing menus are not required to create an account. We may collect anonymous usage data (page views, orders). If a guest provides their name, email, or phone for orders or reservations, that data is stored for the restaurant owner.

2. How We Use Your Data

• To provide and maintain the Service
• To process orders and reservations
• To send transactional emails (order confirmations, reservation updates)
• To improve the Service through analytics
• To communicate about your account or plan

3. Data Storage & Security

Data is stored on Supabase (EU region, eu-central-1). We use encryption in transit (TLS) and at rest. Access is restricted via row-level security policies.

4. Third-Party Services

We use the following third-party services:

• Supabase — Database and authentication (EU)
• Stripe — Payment processing
• Resend — Transactional emails
• Sentry — Error tracking
• PostHog — Product analytics (EU)
• Cloudflare — File storage and CDN

5. Data Retention

We retain your data for as long as your account is active. Upon account deletion, we remove your data within 30 days, except where required by law.

6. Your Rights (GDPR)

If you are in the EU, you have the right to access, correct, delete, or export your personal data. Contact us at privacy@menubear.app.

7. Cookies

We use essential cookies for authentication and localStorage for preferences. Analytics cookies (PostHog) can be opted out of.

8. Changes

We may update this policy. We will notify you of material changes via email.

9. Contact

Data controller: Menubear. Email: privacy@menubear.app.