Privacy Policy

1. Introduction

This Privacy Policy describes how MenuPortal (“we,” “us,” or “our”) collects, uses, discloses, and protects personal information in relation to its API service, which delivers restaurant data for integration into other applications. This Policy applies to all users who access or interact with the MenuPortal API and affiliated services. By using our services, you acknowledge and agree to the data practices described in this Privacy Policy.

2. Information We Collect

We collect and process several types of data to operate and improve the MenuPortal API, including:

  • User Data: Information needed to create and manage accounts, authenticate users, and support account administration, such as:
    • Account Information: Names, email addresses, usernames, passwords, and API keys.
    • Billing Information: Payment details, including credit card information and billing addresses, managed through secure, third-party payment processors.
    • Usage Data: Information related to API interactions, such as request logs and usage statistics, collected for performance monitoring, support, and service optimization.
    • Support Data: Information provided by users via support tickets or inquiries to assist with troubleshooting and service enhancement.
  • Technical Data: Automatically collected technical details about devices and interactions with the MenuPortal API or website, including:
    • Device and Browser Information: IP addresses, browser types, operating systems, and unique device identifiers.
    • Cookies and Tracking Technologies: Cookies and similar technologies used for authentication, analytics, and to enhance user experience on our website.
  • Restaurant Data: Data about restaurants, such as menus, hours, and public information, provided through our API for use in applications. This data is strictly business-related, with no user-generated content or personal information beyond publicly accessible business data.

3. How We Use Information

We use collected data for the following purposes:

  • Account Management and Authentication: To create and manage user accounts, enable secure API access, and support customer interactions.
  • Service Provision and Performance: To deliver the API services, monitor usage, maintain performance standards, and troubleshoot technical issues.
  • Billing and Payments: To manage paid subscriptions and process payments, working with PCI-compliant third-party payment processors to ensure secure handling of financial information.
  • Customer Support and Communication: To respond to inquiries, provide technical support, and communicate updates or relevant information about the service.
  • Analytics and Service Improvements: To analyze API usage and improve our offerings. Aggregated data is used to understand general usage trends and optimize service functionality.

4. Information Sharing and Disclosure

MenuPortal is committed to protecting user privacy and limits data sharing to specific circumstances:

  • Service Providers: We may share necessary data with trusted third-party vendors who provide essential services, such as payment processing, infrastructure hosting, and technical support. These providers are contractually obligated to protect your data and use it solely for the purpose of providing services to MenuPortal.
  • Aggregated and Anonymized Data: For business insights and analytics, we may share aggregated, non-identifiable data with partners or publish it for reporting purposes.
  • Legal Obligations: We may disclose personal information if required to comply with legal processes, such as court orders or subpoenas, or to protect MenuPortal’s rights and the security of our services.
  • Business Transfers: In the event of a merger, acquisition, or asset sale, personal data may be transferred as part of the transaction. We will notify users if their personal data is subject to such a transfer and becomes subject to a new privacy policy.

5. International Data Transfers

MenuPortal may transfer and store personal information in countries outside your own, including in the United States or other countries where our third-party service providers operate. When transferring data internationally, we ensure it is protected by using legally approved mechanisms, such as Standard Contractual Clauses (SCCs), to maintain an adequate level of protection for personal data as required by relevant data protection laws.

6. Data Retention

We retain personal data only as long as it is necessary to provide our services or to fulfill legal or business obligations:

  • Account and Billing Information: Retained as long as the user has an active account. Upon account deletion, all non-billing-related data is erased within 30 days.
  • Usage Data: Retained for a minimum of one year to monitor service quality, ensure compliance, and enhance security.
  • Deletion Requests: Users may request deletion of their data, subject to legal and business requirements. Deletion requests are processed within 30 days, with only essential billing and financial records retained as required by law.

7. Data Security

We employ a range of security measures to protect your personal data against unauthorized access, loss, or alteration:

  • Data Encryption: Sensitive data is encrypted both in transit and at rest.
  • Access Controls: Strict access controls limit access to personal data, with role-based permissions to enhance privacy protection.
  • Regular Security Audits: Our infrastructure undergoes regular security reviews and updates to ensure the highest standards of data protection.

Despite these precautions, no transmission or storage system can guarantee absolute security, and we encourage users to take steps to protect their own account information.

8. User Rights and Choices

MenuPortal respects users’ rights concerning their personal data and provides several ways to manage information:

  • Access and Update: Users may request access to their personal data or request corrections by contacting our support team.
  • Data Portability: Users can request their data in a commonly used, machine-readable format.
  • Data Deletion: Users may request account deletion and data removal, which will be processed within 30 days, with all non-essential data permanently erased.
  • Opt-Out of Tracking: Where applicable, users may adjust browser settings to control cookie preferences or opt out of specific data-sharing practices.

9. Children’s Privacy

MenuPortal services are not directed at children under 16, and we do not knowingly collect or solicit personal information from individuals in this age group. If we become aware of any such data collected unintentionally, we will take prompt action to delete it.

10. Automated Decision-Making

MenuPortal may use automated processes for service-related functions, such as identifying unusual API usage to prevent security breaches. No automated processing results in decisions that have legal or significant effects on users, and data used for monitoring is anonymized and aggregated.

11. Legal Bases for Processing (GDPR)

For users within the European Union, we rely on the following legal bases for processing personal data, in accordance with the General Data Protection Regulation (GDPR):

  • Contractual Necessity: Data processing for account creation, service provision, and billing.
  • User Consent: For optional data collection (e.g., marketing communications), we seek and rely on user consent.
  • Legitimate Interests: Processing data for purposes of security, performance analysis, and service improvements where it is in both our interests and does not override user rights.
  • Legal Compliance: When necessary, to fulfill legal obligations.

12. Compliance with Privacy Laws

  • General Data Protection Regulation (GDPR): MenuPortal complies with GDPR for users in the European Union, providing rights to data access, deletion, portability, and more.
  • California Consumer Privacy Act (CCPA): MenuPortal respects the CCPA for California residents, offering transparency and control over data collection and sharing practices.
  • Other Jurisdictions: MenuPortal seeks to comply with applicable data privacy laws in all regions where it operates.

13. Changes to this Privacy Policy

MenuPortal may update this Privacy Policy to reflect changes in our practices or legal obligations. Material changes will be communicated via email or a prominent notice on our website. We encourage users to review this Privacy Policy periodically to stay informed about our data practices.

14. Contact Us

If you have questions about this Privacy Policy, your rights, or MenuPortal’s data practices, please contact us at:

MenuPortal Privacy Team
contact@mail.apix.site