Privacy Policy

This Privacy Policy explains what data FasterMenu (“FasterMenu”, “we”, “us”) collects, why, and what your rights are. It covers our website and app at fastermenu.com (for restaurant owners — “you”) and the public menus we host on FasterMenu subdomains (for the people viewing them — “diners”). By using the Service you agree to this policy together with our Terms of Service.

Account data. Your email address and sign-in activity. We use passwordless email links, so we never store a password for you.

Restaurant and menu content. Everything you add to build your menu: restaurant name and menu address (subdomain), descriptions, dish names and prices, categories, dietary tags, colours, and images such as logos and dish photos.

Billing data. Payments are handled by Stripe. We store your Stripe customer reference, subscription status and trial dates — never your card number.

Usage data. How you use the app (pages visited, features used, approximate location derived from IP, browser and device type), collected through our product analytics tooling. This may include session replays of your interactions with our app, which we use to fix bugs and improve the product.

AI usage. A count of your AI feature usage (e.g. menu imports, image generations) per billing period, used to enforce plan quotas.

Support. Messages you send us and the email thread around them.

Public menus are designed to be privacy-friendly. Diners do not create accounts, and we do not build profiles of individual diners. We collect anonymised, aggregated statistics per menu — page views, which dishes are opened, how long dishes are looked at, and daily visit counts — and show those aggregates to the restaurant owner.

If a diner uses the “Ask the menu” assistant, their question is processed (including by a third-party AI provider) to generate dish suggestions. Questions are not linked to an identified person.

The restaurant itself is responsible for the content of its menu; if you have questions about a specific restaurant’s offering, contact the restaurant directly.

• to provide the Service: build, host and serve your menu;
• to authenticate you and secure your account;
• to process subscriptions and prevent payment fraud;
• to power AI features you invoke, and to enforce plan quotas;
• to show you analytics about how diners engage with your menu;
• to understand how the product is used, fix bugs and improve it;
• to send you transactional email (sign-in links, billing and important service notices); and
• to comply with legal obligations.

When you use AI features — importing a menu from photos, generating descriptions, images or a logo, or when a diner asks the menu assistant a question — the relevant content (e.g. the menu photo or the question) is sent to third-party AI model providers to produce the result. We send only what is needed for the feature, and we do not allow providers to use your content to train their models where the provider offers that control.

We do not sell your data. We share it only with the providers we need to run the Service, under contracts that restrict what they may do with it:

• Supabase — database hosting and authentication;
• Stripe — payment processing and billing;
• Amazon Web Services (S3) — image storage;
• PostHog — product analytics and session replay;
• Cloudflare — bot protection (Turnstile) on our sign-in and signup forms;
• AI model providers (currently Moonshot AI, Google and DeepSeek) — processing for the AI features described above; and
• Email delivery providers — sending sign-in links and service email.

We may also disclose data if required by law, or as part of a merger, acquisition or sale of assets (in which case this policy continues to apply to it).

We use cookies and similar storage to keep you signed in, remember your language preference, protect forms from bots, and (in production) measure product usage through our analytics tooling. Public diner-facing menus do not use advertising cookies and do not track diners across sites.

We keep your data while your account is active. After you cancel or we terminate your account, we delete or anonymise your data within a reasonable period, except where we need to keep it longer for legal, tax or accounting reasons (e.g. invoices). Aggregated, anonymised statistics may be retained indefinitely.

Depending on where you live (e.g. under the GDPR), you may have the right to access, correct, export, delete or restrict the processing of your personal data, to object to processing, and to withdraw consent where processing is based on consent. You also have the right to complain to your local data protection authority.

To exercise any of these rights, email us at support@fastermenu.com. Most menu content can also be edited or deleted directly from your dashboard.

Our service providers may process data in countries other than your own, including the United States. Where data is transferred out of the EEA or UK, we rely on appropriate safeguards such as standard contractual clauses offered by our providers.

We protect your data with measures appropriate to its sensitivity, including encryption in transit, passwordless authentication, access controls and isolation between customer accounts. No system is perfectly secure — if we learn of a breach affecting your data, we will notify you as required by law.

The Service is for businesses and is not directed at children. We do not knowingly collect personal data from anyone under 16 through owner accounts. Public menus can be viewed by anyone, but they collect only the anonymous statistics described above.

We may update this policy from time to time; material changes will be announced by email or in the app before they take effect. For any privacy question, contact support@fastermenu.com.