menudan.com

Privacy Policy

Last updated: March 9, 2026

1. What We Collect

When you create an account, we collect:

  • Account info — your name, email address, and password (stored as a secure hash).
  • OAuth data — if you sign in with Google, we receive your name, email, and profile picture from Google. We do not access any other Google data.
  • Restaurant data — your restaurant name, description, address, phone number, menus, categories, items, and uploaded images.

When customers view a menu, we log:

  • Timestamp of the visit
  • Browser type (user agent)
  • Selected language
  • HTTP referrer

We do not store IP addresses, and we do not use any tracking cookies or third-party analytics.

2. How We Use Your Data

  • To provide and operate your digital menu
  • To authenticate you and keep your session active
  • To process payments for paid plans
  • To send transactional emails (verification, password reset)
  • To generate anonymous menu view statistics
  • To extract menu data from photos and generate translations using AI

3. Cookies

We use a single cookie (authjs.session-token) to keep you logged in. This cookie is strictly necessary for the service to function and does not track you.

We do not use any advertising, analytics, or third-party tracking cookies.

4. Third-Party Services

We use the following services to operate menudan.com:

  • Google OAuth — for sign-in (optional). Subject to Google's Privacy Policy.
  • Stripe — for payment processing. Subject to Stripe's Privacy Policy.
  • Amazon Web Services — for image storage.
  • Anthropic — for AI-powered menu extraction and translations. Menu data sent for processing is not stored by Anthropic.
  • Resend — for sending transactional emails.

5. Data Retention

We retain your data for as long as your account is active. When you delete your account, all your data — including your restaurant profile, menus, images, translations, and analytics — is permanently deleted.

6. Your Rights

Under GDPR and similar regulations, you have the right to:

  • Access — request a copy of your personal data.
  • Rectification — update or correct your data via your account settings.
  • Erasure — delete your account and all associated data from the Settings page.
  • Portability — request your data in a machine-readable format.

7. Security

Passwords are hashed with bcrypt. All connections are encrypted with HTTPS. We follow industry best practices to protect your data.

8. Contact

If you have questions about this privacy policy or want to exercise your data rights, contact us at support@menudan.com.