menudanmenudan
Log inGet Started

Privacy Policy

Last updated: March 17, 2026

1. What We Collect

When you create an account, we collect:

  • Account info — your name, email address, and password (stored as a secure hash).
  • OAuth data — if you sign in with Google, we receive your name, email, and profile picture from Google. We do not access any other Google data.
  • Restaurant data — your restaurant name, description, address, phone number, menus, categories, items, and uploaded images.

When customers view a menu, we log:

  • Timestamp of the visit
  • Browser type (user agent)
  • Selected language
  • HTTP referrer

We do not store IP addresses.

If you accept analytics cookies, we also collect anonymous usage data via Google Analytics (see Section 3).

2. How We Use Your Data

  • To provide and operate your digital menu
  • To authenticate you and keep your session active
  • To process payments for paid plans
  • To send transactional emails (verification, password reset)
  • To generate anonymous menu view statistics
  • To extract menu data from photos and generate translations using AI

3. Cookies

We use the following cookies:

  • Session cookie (authjs.session-token) — strictly necessary to keep you logged in. This cookie does not track you.
  • Cookie consent (cookie-consent) — stored in localStorage to remember your cookie preference.

Analytics Cookies (optional)

If you click "Accept" on our cookie banner, we load Google Analytics (measurement ID: G-H4GSRG292N), which sets its own cookies (e.g. _ga, _ga_*) to collect anonymous usage statistics such as page views, session duration, and general geographic region. IP addresses are anonymized.

If you click "Decline", no analytics cookies are set and Google Analytics is not loaded. You can change your preference at any time by clearing your browser's local storage for this site.

We do not use any advertising or retargeting cookies.

4. Third-Party Services

We use the following services to operate menudan.com:

  • Google Analytics — for anonymous website usage statistics (only when you consent). Subject to Google's Privacy Policy. You can opt out using the cookie banner or install the Google Analytics Opt-out Browser Add-on.
  • Google OAuth — for sign-in (optional). Subject to Google's Privacy Policy.
  • Stripe — for payment processing. Subject to Stripe's Privacy Policy.
  • Amazon Web Services — for image storage.
  • Anthropic — for AI-powered menu extraction and translations. Menu data sent for processing is not stored by Anthropic.
  • Resend — for sending transactional emails.

5. Data Retention

We retain your data for as long as your account is active. When you delete your account, all your data — including your restaurant profile, menus, images, translations, and analytics — is permanently deleted.

6. Your Rights

Under GDPR and similar regulations, you have the right to:

  • Access — request a copy of your personal data.
  • Rectification — update or correct your data via your account settings.
  • Erasure — delete your account and all associated data from the Settings page.
  • Portability — request your data in a machine-readable format.

7. Security

Passwords are hashed with bcrypt. All connections are encrypted with HTTPS. We follow industry best practices to protect your data.

8. Contact

If you have questions about this privacy policy or want to exercise your data rights, contact us at support@menudan.com.