1Overview & Controller
This Privacy Policy applies to RestOrder ("we," "us," "our") and covers the personal data we process when you visit our website at restorder.online, create an account, or use our Services.
RestOrder acts as the data controller for the personal data of registered restaurant operators and website visitors. For personal data relating to your restaurant's end customers (e.g., order data), RestOrder acts as a data processor on your instructions as the data controller.
This policy should be read alongside our Terms of Service.
2Data We Collect
We collect data in the following categories. The table below summarises what we collect and why.
| Category | Examples | Collected when |
|---|---|---|
| Account Data | Name, email address, phone number, business name | You register or update profile |
| Authentication Data | Hashed password; Google OAuth token; OTP codes (not stored) | You sign up or log in |
| Business / Menu Data | Restaurant name, address, menu items, prices, images, categories | You use the platform |
| Subscription & Payment Data | Plan type, billing dates, payment status; payment methods processed by gateways (not stored by us) | You subscribe or pay |
| Order Data | Customer name, table/room number, items ordered, order status, timestamps | Your customers place orders |
| Usage & Analytics Data | Pages visited, features used, device/browser type, IP address, session duration | You use the platform |
| Communications Data | Support emails, contact form messages, survey responses | You contact us |
| Uploaded Content | CSV files, logo images, menu photos | You upload files |
Data We Do NOT Store
- Full card numbers, CVV codes, or banking credentials — these are handled exclusively by our payment processors (Flutterwave, PayPal, ClickPesa)
- Plain-text passwords — all passwords are hashed with bcrypt before storage
- Government-issued ID or national identification numbers
Data from Third-Party Sign-In (Google)
If you choose to sign in with Google via Firebase Authentication, we receive your Google account name, email address, and profile photo URL. We use this information only to create and identify your RestOrder account. We do not receive your Google password or access to other Google services.
3How We Use Your Data
We use personal data only for legitimate purposes under one of the following lawful bases:
| Purpose | Lawful Basis |
|---|---|
| Providing and operating the Services | Contract performance |
| Account creation and authentication | Contract performance |
| Processing subscription payments | Contract performance |
| Customer support and responding to queries | Legitimate interest / Contract |
| Sending transactional emails (order confirmations, invoices) | Contract performance |
| Sending product updates and security alerts | Legitimate interest |
| Sending marketing emails (new features, promotions) | Consent (opt-out any time) |
| Platform analytics and performance monitoring | Legitimate interest |
| Fraud detection and security | Legal obligation / Legitimate interest |
| Complying with legal obligations | Legal obligation |
Marketing Communications
We may send you product news, tips, and promotional offers by email. You can opt out at any time by clicking "Unsubscribe" in any email, or by updating your preferences in Settings → Notifications. We will not send you marketing communications if you opt out, but we will continue to send service-critical communications.
4Data Sharing & Disclosure
We do not sell, rent, or trade your personal data to any third parties. We share data only in the circumstances below.
Payment Processors
When you or your customers complete a payment, transaction data is shared with the relevant payment processor (Flutterwave, PayPal, or ClickPesa). These processors have their own privacy policies and are independently responsible for data they collect. We receive only confirmation of transaction success/failure and a transaction reference.
Service Providers (Subprocessors)
We use selected third-party service providers to operate the platform. These providers are bound by data processing agreements and may only process data on our behalf and for specified purposes. Current categories include:
- Cloud infrastructure & hosting (server and database hosting)
- Transactional email delivery (for account notifications and receipts)
- Firebase / Google (authentication services)
- Analytics (aggregate, anonymised platform usage data)
Legal Requirements
We may disclose your data when required to do so by law, court order, or government authority, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
Business Transfers
If RestOrder is involved in a merger, acquisition, or asset sale, your data may be transferred as part of that transaction. We will notify you by email and/or prominent site notice before your data is subject to a different privacy policy.
Aggregated / Anonymised Data
We may share aggregated, anonymised data (e.g., industry benchmarks, platform usage statistics) publicly or with partners. This data cannot be used to identify you.
5Cookies & Tracking
We use cookies and similar technologies to make the platform work and to understand how it is used.
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Authentication session, CSRF protection, preference storage | Session / 30 days |
| Functional | Remembering your language, dashboard layout, selected plan | 1 year |
| Analytics | Aggregate usage metrics (pages viewed, features used); no personal profiles | Up to 2 years |
| Marketing | Understanding which marketing channels bring users to us | 90 days |
You can control cookies through your browser settings. Disabling essential cookies will prevent you from using the authenticated features of the platform.
We use local storage (not cookies) for storing your JWT authentication token client-side. This is strictly necessary for the Services to function.
6Data Retention
We retain personal data for as long as your account is active or as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements.
| Data Type | Retention Period |
|---|---|
| Active account data | Duration of subscription + 30 days after deletion request |
| Menu data & uploads | Duration of subscription + 30 days after account deletion |
| Order records | 7 years (financial record-keeping requirements) |
| Payment transaction references | 7 years (legal/tax compliance) |
| Support communications | 3 years after ticket closure |
| Server access logs | 90 days (security monitoring) |
| Analytics data (anonymised) | 3 years |
When an account is deleted, personal data is anonymised or purged within 30 days, except where retention is required by applicable law. Anonymised aggregate data may be retained indefinitely.
7Security
We implement technical and organisational measures designed to protect your data against unauthorised access, loss, destruction, or alteration, including:
- Encryption in transit: All data transmitted between your browser and our servers is encrypted via TLS 1.2+
- Password security: Passwords are hashed using bcrypt with a strong work factor — we never store plain-text passwords
- Access controls: Role-based access limits what each staff account can see and do; super-admin functions require elevated privileges
- No card data storage: We do not store, transmit, or process raw payment card data — all payment flows go directly through our PCI-compliant payment processors
- Infrastructure security: Our hosting environments use firewall rules, automated vulnerability scanning, and regular backups
- Dependency management: We monitor for and patch security vulnerabilities in third-party dependencies
Responsible Disclosure
If you discover a security vulnerability in our platform, please report it responsibly to [email protected]. We will acknowledge your report within 48 hours and work to remediate confirmed issues promptly.
8Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal data under laws such as the GDPR, UK GDPR, CCPA/CPRA, and similar regulations:
| Right | What it means |
|---|---|
| Access | Request a copy of the personal data we hold about you |
| Rectification | Correct inaccurate or incomplete data |
| Erasure ("Right to be forgotten") | Request deletion of your personal data (subject to legal retention requirements) |
| Portability | Receive your data in a structured, machine-readable format |
| Objection | Object to processing based on legitimate interests, including profiling |
| Restriction | Request we restrict processing while a dispute is resolved |
| Withdraw Consent | Withdraw consent for marketing or other consent-based processing at any time |
| Lodge a Complaint | Complain to your local data protection authority if you believe we've mishandled your data |
How to Exercise Your Rights
Submit a request by emailing [email protected] with the subject line "Privacy Request – [Your Right]". We will respond within 30 days (or as required by applicable law). We may ask you to verify your identity before processing the request.
California Residents (CCPA/CPRA)
California residents have additional rights including the right to know what personal information is sold or disclosed and to whom, and the right to opt out of sale. RestOrder does not sell personal information. To exercise CCPA rights, contact us as above.
9Third-Party Links & Services
Our platform may contain links to third-party websites (e.g., payment processors, social media). These sites are governed by their own privacy policies and we are not responsible for their privacy practices.
Payment processing is handled by independent third parties. Their privacy policies apply to information collected during payment:
- Flutterwave: flutterwave.com/us/privacy-policy
- PayPal: paypal.com privacy full
- Google / Firebase: policies.google.com/privacy
10Children's Privacy
The RestOrder platform is intended for use by businesses and adults (18 years and older). We do not knowingly collect personal data from children under the age of 16. If you believe we have inadvertently collected data from a child, please contact us immediately and we will delete it promptly.
11International Data Transfers
RestOrder operates globally and your data may be stored and processed in countries outside your home country. Where we transfer personal data outside of regions with strict data protection laws (e.g., the EEA, UK), we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the relevant authority
- Working with service providers certified to recognised frameworks (e.g., EU-US Data Privacy Framework where applicable)
- Conducting transfer impact assessments where required
For questions about data transfers, contact us at [email protected].
12Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes by:
- Emailing your registered account address
- Displaying a banner in the admin dashboard
- Updating the "Last updated" date at the top of this page
We encourage you to review this policy periodically. Your continued use of the Services after changes are posted constitutes acceptance of the updated policy.
13Contact Us
For any privacy-related questions, requests, or concerns, please contact us:
- Email: [email protected]
- Website: restorder.online/contact
We aim to respond to all enquiries within 5 business days (30 days for formal rights requests).