How MenuSmart handles personal data

This notice applies to hospitality teams using MenuSmart, guests booking through MenuSmart-powered pages, paying users, and visitors to the website.

If you make a reservation with a restaurant that uses MenuSmart, that restaurant also receives your booking details and may process them under its own privacy responsibilities.

For the data processed in its own services, MenuSmart acts as controller, including for user accounts, menu administration, payments, support, and the general technical operation of the platform.

You can contact us at support@menusmart.dev for privacy questions, rights requests, or any query about this policy.

We collect data directly from you, from your use of the service, and from certain technical providers needed to operate the platform.

• Account data: name, email address, authentication credentials handled by Firebase Authentication, and profile photo if you sign in with Google.
• Restaurant or business data: business name, menu content, uploaded images, reservation settings, and operational contact details such as phone number or address when you add them.
• Reservation data: guest name, email, phone number, party size, date, time, area, and confirmation or reconfirmation status.
• Payment data: checkout session information, subscription status, and Stripe-generated customer or subscription references. We do not store full payment card numbers on our website.
• Technical data: browser and device data, technical logs, cookie choices, and limited measurement or advertising data when you consent.
• Communications: emails sent to support and transactional messages we send for verification, reservations, confirmations, cancellations, or account access.

We only process personal data where there is a defined purpose and an applicable legal basis under the GDPR.

• Contract performance or pre-contractual steps: creating accounts, publishing menus, managing reservations, sending operational emails, and providing payment or subscription features.
• Consent: using non-essential cookies, advertising measurement tools, and certain Google technologies that require consent.
• Legitimate interests: security, fraud or abuse prevention, service stability, technical support, and operational improvement of the platform.
• Legal obligation: responding to lawful requests, meeting accounting or billing obligations, and keeping information needed to defend legal claims.

We only share personal data where it is necessary to provide the service, where you ask us to do so, or where there is a legal requirement.

• Restaurants or hospitality businesses using MenuSmart when a guest submits a reservation through their page.
• Google and Firebase for authentication, database, storage, cloud functions, Google One Tap, Google Tag Manager, Google Ads, and reCAPTCHA/App Check.
• Stripe for checkout, subscriptions, customer portal access, and payment operations.
• SendGrid for transactional email delivery such as welcome emails, verification emails, password reset emails, and reservation messages.
• Public authorities, advisers, or comparable third parties where required by law or necessary to protect our rights.

Some of our providers may process data outside the European Economic Area. Where that happens, we seek to ensure that processing is covered by standard contractual clauses, adequacy decisions, or other lawful transfer mechanisms made available by those providers.

We keep data only for as long as it is needed for the relevant purpose or while a legal or contractual obligation requires it to be kept.

• Account data is kept while the account remains active or while it is needed to provide the service.
• Unconfirmed reservations are automatically deleted if they remain unconfirmed for more than 24 hours.
• Confirmed reservations and related authentication records are subject to scheduled cleanup tasks around five days after the reservation date.
• Payment and subscription-related records may be kept for longer where required for billing, fraud prevention, tax, or legal defence purposes.
• Inactive accounts with no Stripe history may be removed after long periods of inactivity. The current backend cleanup logic targets accounts inactive for more than 12 months.

Account holders can delete their account from the Account section of the dashboard.

You may request access, rectification, erasure, restriction, objection, or portability of your personal data, and you may withdraw consent at any time where consent is the basis for processing.

We will handle your request in line with applicable law and may ask for additional information to verify your identity where necessary.

If you believe we have not handled your request properly, you may also lodge a complaint with the Spanish supervisory authority: AEPD.

We use essential cookies and similar browser storage to keep the site secure, remember your preferences, and enable core functions.

With your consent, we also use Google Tag Manager and Google Ads technologies to measure visits, conversions, and advertising performance.

The platform also uses Google reCAPTCHA/App Check to help protect forms and services from automated abuse. You can review or change your cookie choice from the cookie settings control shown on the site.

We apply reasonable technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or improper disclosure. No internet-connected system can guarantee absolute security.

We may update this policy when our practices, providers, or legal requirements change. The current version will be published on this page together with the latest effective date.