Privacy Policy

1. INTRODUCTION

Welcome to Plate's Privacy Policy. Qwerty App (“we,” “us,” “our”) is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Plate (“App”).

By using Plate, you consent to the data practices described in this policy. If you do not agree with our policies and practices, please do not use our App.

2. INFORMATION WE COLLECT

2.1 Information You Provide Directly

Account Registration

• Full name
• Email address
• Phone number
• Password (encrypted)
• Profile photo (optional)
• Date of birth (optional)

Profile Information

• Dietary restrictions and preferences
• Favorite cuisines
• Allergies
• Preferred party size
• Special occasion dates

Booking Information

• Reservation details (date, time, party size)
• Special requests
• Dietary notes
• Guest information (for group bookings)
• Table preferences

2.2 Information Collected Automatically

Device Information

• Device ID and type
• Operating system and version
• App version
• Language and timezone settings
• Screen resolution
• IP address

Location Data

• GPS coordinates (when permitted)
• City and district
• Proximity to restaurants
• Location history (for recommendations)

Usage Data

• App interactions and navigation
• Search queries
• Viewed restaurants
• Booking patterns
• Feature usage statistics
• Session duration
• Crash reports and performance data

2.3 Information from Third Parties

OAuth Providers

When you sign in using Google or Apple:

• Name
• Email address
• Profile picture
• Unique identifier

Restaurant Partners

• Booking confirmations
• Check-in status
• Dining completion
• Loyalty point transactions

Social Features

• Friend connections
• Shared posts and reviews
• Social interactions

3. HOW WE USE YOUR INFORMATION

3.1 Service Provision

• Process and confirm restaurant reservations
• Send booking reminders and updates
• Provide customer support
• Enable account management
• Facilitate loyalty program participation

3.2 Personalization

• Customize restaurant recommendations
• Suggest restaurants based on preferences
• Remember favorite restaurants
• Provide location-based suggestions
• Tailor special offers

3.3 Communication

• Send booking confirmations
• Provide reservation reminders
• Notify about special offers (with consent)
• Send important service updates
• Respond to inquiries and support requests

3.4 Improvement and Analytics

• Analyze app usage patterns
• Improve features and user experience
• Conduct research and development
• Monitor app performance
• Prevent fraud and ensure security

3.5 Legal and Safety

• Comply with legal obligations
• Enforce our Terms and Conditions
• Protect rights and safety
• Prevent fraudulent activity
• Respond to legal requests

4. INFORMATION SHARING AND DISCLOSURE

4.1 Restaurant Partners

We share limited information with restaurants for bookings:

• Name and contact details
• Party size and reservation time
• Special requests and dietary requirements
• Loyalty tier status

4.2 Service Providers

We work with third-party services for:

• Cloud hosting (Supabase)
• Authentication (Google, Apple)
• Maps and location (Google Maps)
• Push notifications (Expo)
• Analytics (anonymized data)
• Error tracking (Sentry)

4.3 Business Transfers

In case of merger, acquisition, or sale of assets, your information may be transferred to the successor entity.

4.4 Legal Requirements

We may disclose information when required by:

• Court orders or subpoenas
• Government authorities
• Law enforcement requests
• Legal proceedings
• Protection of our rights

4.5 Consent-Based Sharing

With your explicit consent, we may share:

• Reviews and ratings publicly
• Social posts with friends
• Profile information based on privacy settings

4.6 Aggregated Data

We may share anonymized, aggregated data that cannot identify you for:

• Industry research
• Restaurant insights
• Marketing analysis
• Public reports

5. DATA STORAGE AND SECURITY

5.1 Security Measures

We implement industry-standard security including:

• Encryption: TLS/SSL for data in transit
• Database encryption: AES-256 for data at rest
• Access controls: Role-based permissions
• Regular audits: Security assessments
• Secure authentication: bcrypt password hashing
• Session management: Secure token handling

5.2 Data Storage

• Primary servers: Secure cloud infrastructure
• Geographic location: [Data center locations]
• Backup systems: Regular encrypted backups
• Retention periods: As outlined in Section 6

5.3 Incident Response

In case of a data breach:

• Immediate investigation and containment
• Notification within 72 hours where required
• User notification if personal data affected
• Cooperation with authorities

6. DATA RETENTION

6.1 Active Accounts

We retain your data while your account is active and as needed to provide services.

6.2 Retention Periods

• Account data: Duration of account + 30 days
• Booking history: 3 years for loyalty tracking
• Reviews: Indefinitely (anonymized after account deletion)
• Marketing data: Until consent withdrawn
• Legal compliance data: As required by law

6.3 Deletion Requests

Upon account deletion request:

• Processing within 30 days
• Removal of personally identifiable information
• Retention of anonymized data for analytics
• Legal compliance data retained as required

7. YOUR PRIVACY RIGHTS

7.1 Access Rights

You have the right to:

• Access your personal data
• Correct inaccurate information
• Delete your account and data
• Download your data (data portability)
• Object to certain processing
• Restrict processing in certain circumstances

7.2 Privacy Controls

Through the App, you can:

• Manage notification preferences
• Control location sharing
• Set profile visibility
• Manage marketing communications
• Control social sharing settings
• Adjust data analytics participation

7.3 Marketing Preferences

You can opt-out of marketing by:

• Updating app notification settings
• Using unsubscribe links in emails
• Contacting support
• Adjusting privacy settings

7.4 Do Not Track

The App does not currently respond to Do Not Track signals.

8. COOKIES AND TRACKING

8.1 App Analytics

We use analytics to understand usage patterns:

• Session tracking
• Feature usage metrics
• Performance monitoring
• Crash reporting

8.2 Advertising IDs

We may use mobile advertising IDs for:

• Attributed app installations
• Retargeting campaigns (with consent)
• Analytics purposes

8.3 Third-Party SDKs

Integrated SDKs may collect:

• Device information
• Usage patterns
• Performance metrics

9. CHILDREN'S PRIVACY

9.1 Age Restrictions

• Plate is not intended for users under 18
• We do not knowingly collect data from minors
• Parents may contact us to remove minor's data

9.2 Parental Controls

If we discover data from users under 18:

• Immediate deletion of account
• Removal of all associated data
• Notification to provided email

10. INTERNATIONAL DATA TRANSFERS

10.1 Cross-Border Transfers

Your data may be transferred to countries with different privacy laws. We ensure appropriate safeguards through:

• Standard contractual clauses
• Privacy Shield frameworks (where applicable)
• Adequacy decisions
• Consent for specific transfers

10.2 User Location

Regardless of your location, we apply the protections described in this policy.

11. CALIFORNIA PRIVACY RIGHTS (CCPA)

11.1 California Residents

Additional rights under CCPA include:

• Right to know categories of data collected
• Right to know data sale/disclosure practices
• Right to opt-out of data sales
• Right to non-discrimination

11.2 “Do Not Sell”

We do not sell personal information as defined by CCPA.

11.3 “Shine the Light”

California residents may request information about disclosures to third parties for marketing.

12. EUROPEAN PRIVACY RIGHTS (GDPR)

12.1 Legal Basis

We process data based on:

• Consent: For marketing and optional features
• Contract: To provide reservation services
• Legitimate interests: For service improvement
• Legal obligations: For compliance

12.2 EU/EEA Rights

Additional rights include:

• Right to lodge complaints with supervisory authorities
• Right to withdraw consent
• Right to object to profiling
• Rights related to automated decision-making

12.3 Data Protection Officer

Contact our DPO at: dpo@plate.app

13. THIRD-PARTY LINKS

13.1 External Websites

The App may contain links to:

• Restaurant websites
• Payment processors
• Social media platforms
• Review sites

13.2 Third-Party Policies

We are not responsible for privacy practices of third-party sites. Please review their policies separately.

14. PRIVACY POLICY UPDATES

14.1 Modifications

We may update this policy to reflect:

• Legal requirement changes
• New features or services
• User feedback
• Industry best practices

14.2 Notification

Material changes will be notified via:

• In-app notifications
• Email to registered users
• Prominent notice in the App
• Update to “Last Updated” date

14.3 Acceptance

Continued use after changes constitutes acceptance of updated policy.

15. ACCESSIBILITY

We strive to make our privacy practices accessible to all users. If you need this policy in an alternative format, please contact us.

16. CONTACT INFORMATION

16.1 Privacy Inquiries

For privacy-related questions:

16.2 Data Protection Officer

DPO Contact: dpo@plate.app

16.3 Support

General support: support@plate.app

16.4 Complaints

If you're unsatisfied with our response, you may contact your local data protection authority.

17. CONSENT AND ACKNOWLEDGMENT

By using Plate, you acknowledge that:

• You have read and understood this Privacy Policy
• You consent to the collection and use of your information as described
• You are at least 18 years old
• You understand your privacy rights