Privacy Policy

Introduction

Welcome to eMenu. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our QR menu and POS platform for restaurants.

eMenu provides a complete restaurant management platform including QR menus, integrated POS systems, real-time ordering, payment processing, and AI-powered analytics. This policy applies to all users including restaurant owners, staff, and customers.

Information We Collect

For Restaurant Owners and Staff

• Account information: Name, email address, phone number, and business details
• Restaurant information: Business name, location, menu items, pricing, and images
• Payment information: Billing details and payment methods (processed securely through Stripe)
• Usage data: Analytics on menu views, orders, customer preferences, and sales data
• Device information: IP address, browser type, and device identifiers

For Customers

• Order information: Items ordered, preferences, and special requests
• Payment information: Transaction details (processed securely, we do not store credit card numbers)
• Device information: IP address, browser type for QR menu access
• Optional information: Name and contact details if provided for order notifications

How We Use Your Information

• To provide and maintain our QR menu and POS platform services
• To process orders and payments securely and efficiently
• To generate analytics and insights for restaurant optimization
• To provide AI-powered combo recommendations and menu suggestions
• To send important updates about your account and our services
• To improve our platform and develop new features
• To detect, prevent, and address technical issues and fraudulent activity
• To comply with legal obligations and protect our legal rights

Data Security

We implement industry-standard security measures to protect your personal information:

• All data transmission is encrypted using SSL/TLS protocols
• Payment processing is handled by Stripe, a PCI DSS compliant payment processor
• We use secure authentication with bcrypt password hashing
• Regular security audits and monitoring
• Access controls and data minimization practices
• Secure cloud infrastructure with regular backups and disaster recovery

Data Sharing

We do not sell your personal information. We may share your data with:

• Service providers: Payment processors (Stripe), cloud hosting providers, and analytics services that help us operate our platform
• Restaurant partners: Customer order information is shared with the restaurant to fulfill orders
• Legal requirements: When required by law, court order, or government regulations
• Business transfers: In the event of a merger, acquisition, or sale of assets

All third-party service providers are carefully selected and required to protect your data in accordance with this privacy policy.

Your Rights

You have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal data (subject to legal obligations)
• Export: Receive your data in a portable format
• Opt-out: Unsubscribe from marketing communications
• Restrict processing: Limit how we use your data in certain circumstances

To exercise these rights, please contact us at contact@emenuweb.com.

Cookies and Tracking

We use cookies and similar tracking technologies to:

• Maintain your login session and preferences
• Analyze platform usage and performance
• Remember your theme and language preferences
• Provide personalized menu recommendations

You can control cookies through your browser settings. Note that disabling cookies may limit platform functionality.

Data Retention

We retain your personal data only as long as necessary to provide our services and comply with legal obligations. Restaurant account data is retained while your account is active and for up to 3 years after account closure for legal and accounting purposes. Customer order data is retained for operational purposes and may be anonymized for analytics after 2 years.

Children's Privacy

Our platform is not intended for individuals under the age of 13. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in compliance with applicable data protection laws including GDPR.

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by email or through our platform. The "Last updated" date at the top of this page indicates when the policy was last revised.

Contact Us

If you have any questions or concerns about this privacy policy or our data practices, please contact us:

GDPR Compliance (EU Users)

For users in the European Union, we comply with the General Data Protection Regulation (GDPR). You have additional rights including:

• The right to lodge a complaint with a supervisory authority
• The right to object to processing based on legitimate interests
• The right to withdraw consent at any time
• The right to data portability

Our legal basis for processing your data includes: contract performance, legal obligations, legitimate interests, and your consent where applicable.