Privacy Policy

Introduction

DineDesk ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our restaurant platform services. We comply with the Australian Privacy Act 1988 (Cth) and the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth).

Information We Collect

Restaurant Owner Information

When you sign up for DineDesk, we collect:

• Contact information: name, email address, phone number
• Business information: restaurant name, address, ABN (if provided)
• Payment information: processed securely through Stripe (we do not store complete card details)
• Account credentials: encrypted passwords and authentication tokens
• Configuration data: branding preferences, menu items, pricing, operating hours

Customer Information (via Restaurant Websites)

Through restaurant websites powered by DineDesk, our restaurant partners collect customer information for orders, reservations, and loyalty programs:

• Order information: customer name, email, phone, delivery address, order details
• Reservation information: name, contact details, booking date/time, party size
• Loyalty program data: points, rewards, purchase history
• Payment information: processed securely through Stripe
• Reviews and feedback (if provided)

Technical Information

We automatically collect:

• IP addresses and browser type
• Device information and operating system
• Usage data through Google Analytics
• Cookies and similar tracking technologies

How We Use Your Information

We use the collected information for:

• Providing and operating the DineDesk platform
• Processing orders, reservations, and payments
• Managing loyalty programs and rewards
• Communicating with you about your account and services
• Improving our platform and developing new features
• Analysing usage patterns to enhance user experience
• Complying with legal obligations
• Preventing fraud and ensuring security

Data Sharing and Third-Party Services

We may share your information with:

• Stripe: For secure payment processing. Stripe is PCI DSS Level 1 certified.
• Netlify: For website hosting and deployment. Your data is stored on Australian servers.
• Google: For Google Analytics (usage data) and Google Reviews integration.
• Service Providers: Trusted third parties who assist in operating our platform (e.g., email services, customer support tools).

We do not sell your personal information to third parties for marketing purposes.

Data Storage and Security

We implement appropriate technical and organisational measures to protect your information:

• SSL/TLS encryption for data in transit
• Encrypted storage for sensitive data (passwords, payment tokens)
• Australian-based data hosting for compliance with Australian data sovereignty requirements
• Regular security assessments and penetration testing
• Access controls and authentication systems
• Regular data backups

Despite our security measures, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Data Retention

We retain your information for as long as necessary to provide our services and for legitimate business purposes:

• Account Data: Retained while your account is active and for a reasonable period after closure (typically 7 years for legal compliance).
• Order Data: Retained for tax and accounting purposes (minimum 7 years under Australian law).
• Loyalty Data: Retained while the loyalty program is active and for a reasonable period after.
• Analytics Data: Retained for 26 months by Google Analytics (configurable).

Upon your request, we will delete your personal information unless we are required by law to retain it.

Your Rights Under Australian Privacy Law

Under the Australian Privacy Act, you have the right to:

• Access: Request access to the personal information we hold about you.
• Correction: Request correction of inaccurate or incomplete information.
• Deletion: Request deletion of your personal information (subject to legal requirements).
• Opt-out: Opt-out of marketing communications at any time.
• Complain: Lodge a complaint with us or the Office of the Australian Information Commissioner (OAIC).

Cookies and Tracking

We use cookies and similar technologies to:

• Remember your preferences and settings
• Analyze website traffic through Google Analytics
• Improve user experience
• Provide personalised content

You can control cookies through your browser settings. Note that disabling cookies may affect certain features of our platform.

International Data Transfers

Your data is primarily stored on Australian servers. We may transfer data to countries outside Australia only when:

• Required to provide our services (e.g., Stripe for payments)
• The recipient has adequate data protection laws in place
• We have your explicit consent
• Required by law

Children's Privacy

Our services are not intended for children under the age of 13. We do not knowingly collect personal information from children. If we become aware that we have collected such information, we will take steps to delete it.

Data Breaches

In the event of a data breach that is likely to result in serious harm to individuals, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required by the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth).

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on our website and updating the "Last updated" date.

Contact Us

If you have questions about this Privacy Policy or how we handle your personal information, please contact us: