Privacy Policy

DashDine, Inc. ("DashDine", "we", "us", or "our") operates the DashDine restaurant management platform, accessible at dashdinemenu.com and via our APIs (the "Service").

This Privacy Policy explains what information we collect, how we use it, who we share it with, and the choices you have. By using the Service you agree to this policy.

2.1 Information you provide

• Account info: name, email address, password (hashed), restaurant name, billing address.
• Menu data: item names, descriptions, photos, prices, modifiers you upload.
• Payment info: processed by Stripe. We never store raw card numbers.
• Support messages: any content you send to our support team.

2.2 Information collected automatically

• Usage data: pages visited, features used, timestamps.
• Device data: browser type, operating system, screen resolution.
• IP address: used for fraud prevention and approximate geolocation.
• Cookies: see our Cookie Policy.

2.3 Customer order data

When your customers place orders via your QR menu, we collect order details (items, quantities, table/location). We do not collect customer email addresses or personal profiles unless customers optionally provide them. Order data belongs to you.

• Provide, operate, and improve the Service.
• Process payments and send billing receipts.
• Send service-related notifications (order alerts, downtime notices, product updates).
• Respond to support requests and prevent fraud.
• Comply with legal obligations.

We do not sell your data. We do not use your menu or order data to train AI models or advertise to your customers.

Your data is stored in PostgreSQL databases with Row-Level Security (RLS) ensuring each restaurant's data is fully isolated. All connections are encrypted in transit (TLS 1.2+) and at rest (AES-256). We perform automated daily backups.

We share data only with essential sub-processors:

• Supabase — database and authentication
• Stripe — payment processing
• Vercel — application hosting
• Resend / Postmark — transactional email

We may disclose information when required by law and will notify you where legally permitted.

Account data is retained while your account is active. On deletion, personal data is removed within 30 days. Billing records are retained for 7 years for legal/tax compliance. Order data is anonymised after 2 years.

DashDine is a global service. Your data may be processed in the United States or European Union. We rely on Standard Contractual Clauses (SCCs) and other approved mechanisms for cross-border transfers.

Depending on your jurisdiction you may have the right to access, correct, delete, or export your personal data, restrict or object to processing. To exercise any right, email privacy@dashdinemenu.com. We respond within 30 days.

The Service is not directed to children under 16. If you believe a child has provided us data, contact us and we will delete it promptly.

We will notify you of material changes via email or in-app banner at least 14 days before the change takes effect.

Email: privacy@dashdinemenu.com