← Back to Home

Privacy Policy

Last updated: April 1, 2026

1. Introduction

AllaMenu ("we", "our", or "us") operates the AllaMenu platform, including our web application, mobile dashboard, and related services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

2. Information We Collect

For Restaurant Owners & Staff

  • Account information (name, email, phone number)
  • Restaurant details (name, address, menu items, pricing)
  • Order and transaction data
  • Device information for push notifications (FCM tokens)

For Customers (Menu Users)

  • Order details (items selected, table number, order type)
  • Optional: name and phone number (if provided for delivery)
  • Device type and browser information (for analytics)

We do not require customers to create accounts or sign in to view menus or place orders.

3. How We Use Your Information

  • To provide and maintain the AllaMenu platform
  • To process orders and facilitate restaurant operations
  • To send push notifications (order updates, waiter calls)
  • To manage subscriptions and billing
  • To improve our services and user experience
  • To communicate with restaurant owners about their accounts

4. Data Storage & Security

Your data is stored securely on Google Firebase infrastructure, which provides encryption at rest and in transit. We implement role-based access controls to ensure that restaurant data is only accessible to authorized staff members.

  • All data transmitted via HTTPS/TLS encryption
  • Firestore security rules enforce per-restaurant data isolation
  • Staff access is controlled by role-based permissions
  • Payment credentials are stored securely per restaurant

5. Third-Party Services

We use the following third-party services:

  • Google Firebase — Authentication, database, storage, analytics, cloud functions
  • Stripe — Payment processing (for online payments)
  • Vercel — Web application hosting

Each third-party service has its own privacy policy governing the use of your information.

6. Data Retention

We retain restaurant account data for as long as the account is active. Order data is retained for business reporting purposes. If a restaurant owner requests account deletion, we will remove all associated data within 30 days.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Withdraw consent for data processing
  • Export your data in a portable format

8. Cookies & Local Storage

Our web menu uses browser local storage to persist cart items and language preferences. We do not use tracking cookies. Firebase may use cookies for authentication sessions.

9. Children's Privacy

Our platform is not intended for use by children under the age of 13. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered restaurant owners of significant changes via email or in-app notification. Continued use of the platform constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us at: