Privacy Policy

Last Updated: May 2026

Welcome to FlavorTech.co. We deeply value the privacy of our clients (restaurants and food service establishments) and their guests. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you utilize our digital menus, analytics platform, and our additional AI Dish Photo service.

1. General Provisions

FlavorTech (hereinafter referred to as the "Company", "we", "us", or "our") acts as a data processor for restaurants utilizing our services, and as a data controller regarding the personal information collected directly through our main website FlavorTech.co.

This policy complies with the General Data Protection Regulation (GDPR) of the European Union and governs the processing of personal data for users globally.

2. What Information We Collect

We collect two types of information depending on your role and interaction with our platform:

A. For Restaurant Owners and Employees (B2B):

  • Account Credentials: Name, email address, restaurant name, contact phone number, and encrypted passwords.
  • Menu Content: Texts of dish descriptions, pricing matrices, uploaded PDF menu files, and food images uploaded directly by you.
  • Payment Information: Financial transactions are processed strictly via secure, compliant third-party payment gateways. We do not store or process full credit/debit card details on our servers.

B. For Restaurant Guests scanning QR Codes (B2C):

  • Technical Specifications: IP address, device type, operating system, and browser language settings (used solely to automatically display the digital menu in the guest’s native language).
  • Behavioral Analytics: Interactions with menu items, viewing duration on specific dishes, clicks on menu categories, and ordering patterns.
  • Optional Contact Information: Phone number or email address, voluntarily provided by the guest to participate in programs of loyalty, authorize via restaurant Wi-Fi networks, or submit feedback.
  • Feedback & Reviews: Ratings and textual messages left voluntarily by the guest via our digital feedback interface.

3. AI Dish Photo Add-on Specifics

When you use our optional AI-driven food photography generation and styling tools, the following principles apply:

  • Source Image Processing: Dish images uploaded for editing are processed securely through our integration with Gemini model endpoints via encrypted API channels.
  • Personal Data Restrictions: We strictly advise against uploading images containing recognizable human faces, identity documents, or any sensitive personal data. Our AI models are optimized exclusively for food styling and dish rendering.
  • Image Storage & Retention: AI-generated dish photos are stored on our secure cloud storage servers to display within your active digital menu. Raw source images are briefly cached to guarantee stable generation and are permanently purged from our processing caches within 24 hours.

4. How We Use Your Data

All information collected is used strictly for the following purposes:

  • Delivering and maintaining reliable digital menu services, including QR routing and dynamic multi-language translating features.
  • Compiling and displaying business intelligence reports for restaurant owners (e.g., highlighting popular dishes, conversion rates, and profit mapping opportunities).
  • Facilitating the private feedback loop between guests and restaurant managers to address negative dining experiences before they go public.
  • Training and improving our localized AI generation capabilities and user interfaces.
  • Processing monthly subscriptions, standalone credit packs, and preventing fraudulent billing.

5. Third-Party Data Sharing

FlavorTech does not sell, trade, rent, or lease your restaurant guest databases to third-party marketing networks. Information is only shared under these strict circumstances:

  • POS System Partners: Shared only at the explicit request and integration authorization of the restaurant owner to sync orders and payments.
  • Essential Subprocessors: Secure sharing with trusted cloud hosting partners, payment processors, and analytics platforms required to keep the main infrastructure live.
  • Legal Obligations: When strictly required to do so under European Union regulations, active court orders, or governmental statutes.

6. Your Rights & Data Protection (GDPR)

If you are a resident of the European Economic Area (EEA), you enjoy complete protection under the General Data Protection Regulation. Your rights include:

  • The right to access, export, or receive a copy of your personal data.
  • The right to rectify inaccurate or outdated records.
  • The right to object to processing, restrict processing, or demand erasure ("the right to be forgotten").
  • The right to withdraw consent at any time (e.g., unsubscribing from a restaurant's loyalty push database).

To execute any of these statutory rights, please contact our designated Data Protection Officer at: privacy@flavortech.co.

7. Data Security

We implement rigorous technical, physical, and administrative protocols to shield our infrastructure from unauthorized access, breach, alteration, or loss. All traffic to and from FlavorTech endpoints is fully encrypted using SSL/TLS protocols.

If you have any questions, concerns, or requests relating to this Privacy Policy or your data, please contact our team directly at: privacy@flavortech.co