Privacy Policy

Last updated: May 13, 2026

1. Introduction

Restaurant Hub AI ("Restaurant Hub", "we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and safeguard information when you use the Restaurant Hub mobile application (the "App"). This policy is designed to comply with the Brazilian General Data Protection Law (Lei Geral de Proteção de Dados — LGPD, Law No. 13.709/2018) and the European Union General Data Protection Regulation (GDPR, Regulation (EU) 2016/679), the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), as well as other applicable privacy laws.

2. Data We Collect

We collect the following categories of personal data:

• Account information: name, email address, phone number, password (hashed), role (owner, provider, supplier, worker), business or restaurant name.

• Location data: with your permission, we access your precise device location to suggest nearby service providers, suppliers, jobs, and to enable accurate booking and delivery.

• Camera and photo library: with your permission, we access your camera and photo library so you may capture or upload photos of equipment, issues, receipts, licenses, or your profile. Images remain in your control and are uploaded only when you explicitly submit them.

• Push notification token: to deliver alerts about bookings, jobs, and operational events.

• Usage data: app interactions, screens visited, features used, device type, OS version, crash logs, and diagnostic information.

• Payment data: billing information is processed and stored by our PCI-compliant payment processors. We do not store full card numbers on our servers.

3. How We Use Your Data

We process your personal data for the following purposes:

• To create and manage your account and authenticate you;

• To connect you with service providers, suppliers, workers, and restaurants;

• To process bookings, orders, and payments;

• To send transactional notifications and, with your consent, marketing communications;

• To improve, secure, and personalize the App, including analyzing usage trends and demand patterns to optimize matching, pricing dynamics, and service quality;

• To comply with legal obligations and respond to lawful requests;

• To detect and prevent fraud, abuse, and security incidents.

The legal bases for processing under GDPR and LGPD include: your consent, performance of a contract, compliance with legal obligations, and our legitimate interests in operating and improving the App.

4. Sharing of Data

We share personal data only as necessary:

• With other users when you book a service, post a job, or place an order (e.g. the provider you book sees your name, location, and request details);

• With service providers that help us operate the App (cloud hosting, analytics, payment processing, customer support, push notifications), under appropriate data protection agreements;

• With marketing or industry partners — but ONLY if you turn on "Share data with partners" in Settings. This is off by default; we never share your personal data with partners unless you opt in, and you can withdraw consent at any time in the App;

• With authorities when required by law, regulation, or valid legal process;

• In connection with a merger, acquisition, or sale of assets, with notice to affected users where required.

We do not sell your personal data. We may create and share aggregated or de-identified statistics (for example, regional demand trends or category benchmarks) that cannot reasonably be used to identify you; this is not personal data.

5. International Transfers

Your data may be processed in countries other than your country of residence, including the United States and other jurisdictions where our service providers operate. When we transfer data internationally, we use safeguards such as Standard Contractual Clauses approved by the European Commission and equivalent mechanisms under LGPD.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting obligations. Account data is retained while your account is active and for a reasonable period thereafter to allow account recovery and comply with retention obligations. You may request deletion at any time as described in Section 7.

7. Your Rights

Subject to applicable law (including LGPD Articles 17–22 and GDPR Articles 15–22), you have the right to:

• Access the personal data we hold about you;

• Correct inaccurate or incomplete data;

• Request deletion of your account and personal data;

• Restrict or object to certain processing;

• Receive your data in a portable, machine-readable format;

• Withdraw consent at any time, without affecting prior lawful processing;

• Lodge a complaint with the Brazilian National Data Protection Authority (ANPD) or your local EU Data Protection Authority.

California residents (CCPA/CPRA): you also have the right to know what personal information we collect and how it is used; to request its deletion or correction; to opt out of the "sale" or "sharing" of personal information; and to not be discriminated against for exercising these rights. We do not sell your personal data. We share data with partners only if you opt in via "Share data with partners" in Settings, which is off by default and serves as your "Do Not Sell or Share My Personal Information" control. To exercise any CCPA/CPRA right, contact privacy@restauranthubai.com.

To exercise these rights, contact us at privacy@restauranthubai.com. We will respond within the timeframes required by applicable law.

8. Security

We implement technical and organizational measures designed to protect your data from unauthorized access, disclosure, alteration, or destruction, including TLS encryption in transit, encryption at rest, access controls, and regular security reviews. No method of transmission or storage is fully secure, so we cannot guarantee absolute security.

9. Children's Privacy

The App is not directed at children under 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the App or by email. Continued use of the App after changes take effect constitutes acceptance of the updated policy.

11. Contact

For privacy questions, requests, or to exercise your rights, contact our Data Protection Officer at privacy@restauranthubai.com.