Privacy Policy

This Privacy Policy explains how Eato ("Eato", "we", "us", or "our") collects, uses, shares, and protects information when you use the Eato mobile application (the "App") and related services, including the Customer ordering experience, the Restaurant Owner dashboard, and the Kitchen/Chef interface (together, the "Service").

By using Eato, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the App.

1. Who We Are

Eato is a restaurant ordering and management platform. Customers scan a QR code at a restaurant table to view a menu and place orders. Restaurant Owners use Eato to manage their menu, categories, tables, staff (kitchen/chef accounts), and incoming orders. Kitchen Staff ("Chefs") use Eato to view and update order status.

2. Information We Collect

2.1 Information You Provide Directly

User type	Data collected
Restaurant Owner	Full name, email address, phone number, password (stored as a hashed value, never in plain text), restaurant name, restaurant address/location, the restaurant's GPS coordinates (captured once during setup, see Section 2.2), and optional WiFi network name & password for the restaurant (used only to display to dine-in customers via QR code).
Kitchen Staff (Chef)	Full name, a kitchen/staff ID (username), and a password (hashed), created on their behalf by the Restaurant Owner.
Customer (dine-in)	We do not require account registration to place an order. We collect a session/table identifier from the QR code you scan, the items you add to your cart, order notes you choose to enter, and — at the moment you place an order — your device's GPS location, used solely to confirm you are physically at the restaurant (see Section 2.2).
Menu / category images	Photos that Restaurant Owners voluntarily upload to illustrate menu items or categories. These images are stored with our image-hosting provider (Cloudinary) and are publicly viewable as part of the restaurant's menu.

2.2 Information Collected Automatically

Camera access: used solely to scan the QR code on a restaurant table so the App can open the correct menu. We do not capture, store, or transmit camera images — only the text encoded in the QR code is read.
Precise device location (GPS) — Customers: when a customer places an order, the App requests the device's current GPS coordinates to verify the customer is physically present at the restaurant before the order is submitted. This location is sent to our servers at the moment of ordering only — we do not continuously track your location, store a location history, or use it for any purpose other than this one-time proximity check per order.
Precise device location (GPS) — Restaurant Owners: during restaurant setup, Owners are asked to capture their restaurant's GPS coordinates once. This stored location is what customer orders are checked against, as described above.
Device WiFi / network state & location permission (Android): Android also requires location permission to read nearby WiFi network details. We request this permission so the App can offer to automatically connect your device to the restaurant's WiFi network after you scan a table QR code. This is separate from, and in addition to, the GPS-based order verification described above.
Authentication tokens: Restaurant Owners and Chefs receive access/refresh tokens after logging in. These are stored securely on-device (using encrypted local storage) to keep you signed in, and are never shared with third parties.
Order & usage data: items ordered, order status, table number, timestamps, and basic interaction data needed to operate the ordering and kitchen-management workflow.
Diagnostic data: basic technical information such as app version and error logs, used only to maintain and improve the Service.

2.3 Information We Do Not Collect

We do not collect payment card numbers or process payments within the App (payment, where applicable, is handled at the restaurant in person, e.g. cash or card terminal).
We do not access your contacts, photos gallery (beyond an image you explicitly choose to upload as an Owner), call logs, or SMS messages.
We do not build a location history or track customer movement outside of the single, point-in-time check described in Section 2.2.
We do not knowingly collect data from children. See Section 9.

3. How We Use Your Information

To create and manage Owner and Chef accounts and authenticate logins.
To display restaurant menus, categories, and items to customers.
To process, route, and track dine-in orders between customers, the kitchen, and restaurant owners in real time.
To verify, using one-time GPS coordinates, that a customer placing an order is physically present at the restaurant.
To generate and manage per-table QR codes and, where provided, embed the restaurant's WiFi details so customers can connect to WiFi at that table.
To provide dashboards and analytics (e.g. sales totals, order counts, top-selling items) to Restaurant Owners about their own restaurant only.
To send One-Time Passwords (OTP) for verifying an Owner's email address during signup.
To maintain the security, integrity, and reliability of the Service, including detecting and preventing fraud or abuse.
To communicate with you about your account or respond to support requests.

4. How We Share Your Information

We do not sell your personal information. We share data only as follows:

Within the platform: a customer's order, table number, and the one-time location check result are shared with the relevant restaurant's Owner and Kitchen Staff so the order can be prepared and served. Restaurant Owners and Chefs only see data related to their own restaurant.
Service providers: we use third-party infrastructure providers to operate the App, including:
- Hosting/backend infrastructure (e.g. Render) to run our servers and database.
- Cloudinary, for storing and serving menu/category images.
- Resend, for delivering transactional emails such as OTP verification codes.
These providers process data only on our behalf and under appropriate confidentiality and security obligations.
Legal requirements: we may disclose information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Eato, our users, or others.
Business transfers: if Eato is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to this Privacy Policy.

5. Data Storage & Security

Passwords are stored using one-way cryptographic hashing — we cannot view your plain-text password.
Authentication tokens are stored locally on your device and transmitted over encrypted HTTPS connections.
We use industry-standard administrative, technical, and physical safeguards designed to protect your information from unauthorized access, alteration, or disclosure.
No method of electronic storage or transmission is 100% secure; while we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

We retain account and order data for as long as your account is active or as needed to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. Restaurant Owners may request deletion of their restaurant account and associated data (see Section 7). Order history tied to a table session may be retained for operational and record-keeping purposes even after a dine-in session ends. The one-time GPS coordinates captured at order placement are retained only as part of the order record and are not used or stored separately as a location history.

7. Your Rights & Choices

Access & correction: Owners and Chefs can update their profile information (e.g. change password) within the App.
Account deletion: You may request deletion of your Owner, Chef, or restaurant account and associated personal data by contacting us at the email below. We will respond within a reasonable timeframe, subject to any legal retention requirements.
Permissions: You can grant or revoke camera and location permissions at any time through your device's Settings app. Revoking camera access will prevent QR scanning. Revoking location access will prevent customers from placing orders (since proximity verification is required) and may prevent automatic WiFi connection, but will not prevent menu browsing.
Marketing communications: Eato does not currently send marketing emails. Transactional emails (e.g. OTP verification) are required to use the Service.

8. Third-Party Links & Services

The App may rely on third-party SDKs and services (such as Cloudinary for images, Resend for transactional email, and our hosting provider) that have their own privacy practices. We encourage you to review the privacy policies of these providers. Eato is not responsible for the privacy practices of third parties not under our control.

9. Children's Privacy

Eato is not directed to children under 13 (or the minimum age required in your jurisdiction), and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can take appropriate action, including deletion of such data.

10. International Data Transfers

Your information may be processed and stored on servers located outside of your country of residence. By using the Service, you consent to the transfer of your information to countries that may have different data protection laws than your own country.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date above and, where appropriate, through an in-app notice. Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

📧 Email: [email protected]
🌐 Website: https://eatorestaurant.com/