Privacy Policy
Last updated: 29 May 2026
1. Who We Are
This Privacy Policy explains how Menu Ember Technologies Ltd., a company registered in Ghana (“Ember”, “we”, “us”, or “our”), collects, uses, stores, and protects your personal data when you use the Ember platform.
Ember is a technology platform that provides digital menu, ordering, reservation, and restaurant management services. We act as the data controller for data we collect to operate the Platform itself, and as a data processor on behalf of restaurant operators for diner transaction data.
For questions about this Privacy Policy or to exercise your data rights, contact us at: privacy@menuember.com
2. Personal Data We Collect
2.1 Data Collected from Diners (Guests)
| Data Category | Specific Data | Purpose |
|---|---|---|
| Identity | Full name | Order identification, receipts, reservation records |
| Contact | Phone number | Order communications, OTP verification |
| Contact (optional) | Email address | Digital receipts, reservation confirmations, self-cancellation links |
| Order Data | Items ordered, quantities, order total, payment method (card or mobile money — not card numbers), payment status, order type, collection method, scheduled pickup time, rush upgrade selection | Processing and fulfilling your order |
| Courier Contact | Third-party courier name and phone number (provided by you) | Coordinating order handoff for courier collection |
| Review Content | Star rating (1–5), review text (max 280 characters) | Publishing verified reviews linked to completed orders |
| Reservation Data | Date, time slot, guest count, deposit payment status | Processing table bookings |
| Technical Data | IP address, browser type, device type | Rate limiting, security, error monitoring |
| Authentication | Supabase user ID, session tokens | Secure login and session management |
2.2 Data Collected from Operators (Restaurant Owners & Staff)
| Data Category | Specific Data | Purpose |
|---|---|---|
| Business Identity | Restaurant name, address, slug, branch details | Platform listing and public menu pages |
| Operator Identity | Name, email, phone number | Account management, OTP verification |
| Payment Settlement | Paystack subaccount code, settlement bank code, account number | Routing payments to the restaurant's bank or mobile money |
| Menu Content | Dish names, descriptions, prices, allergen tags, nutritional data, photos | Displaying the restaurant's digital menu |
| POS Credentials | OAuth access tokens (operator-authorised) | Synchronising with external POS systems |
| Branch Staff Data | Staff member names, roles, invitation status, chef check-in/out times | Kitchen queue management and capacity tracking |
2.3 Data We Do NOT Collect
- Credit card numbers, CVVs, or bank PINs. All card and mobile money transactions are processed directly by Paystack. Card details never touch Ember's servers.
- Precise GPS location or location history. We use Mapbox GL JS on the client side only to verify distance for pre-order collection. No location data is transmitted to or stored on our servers.
- Advertising or tracking profiles. We do not build advertising profiles, sell data to advertisers, or use tracking pixels.
3. Legal Basis for Processing
| Legal Basis | Application |
|---|---|
| Performance of a contract | Processing orders, reservations, and payments; delivering receipts; managing operator accounts |
| Legitimate interest | Rate limiting and abuse prevention; error monitoring; AI moderation of reviews; fraud detection |
| Legal obligation | Retaining transaction records as required by applicable tax and financial regulations |
| Consent | Where explicitly obtained (e.g., optional email for receipts). You may withdraw consent at any time by contacting privacy@menuember.com |
4. Third-Party Sub-Processors
We share personal data with the following third-party service providers, strictly for the purposes described. We do not sell personal data to any third party.
| Sub-Processor | Purpose | Data Shared |
|---|---|---|
| Supabase | Database hosting, user authentication | All platform data (encrypted at rest) |
| Paystack | Payment processing, merchant KYC/KYB | Transaction amounts, payment references, operator bank details |
| Cloudflare | Image CDN for dish photos | Dish media files (no PII) |
| Resend | Transactional email delivery | Email address, order/reservation details |
| Twilio | OTP and SMS verification | Phone number |
| Anthropic | AI review moderation, menu PDF parsing, dish rewrites | Review text, menu documents, dish descriptions |
| Sentry | Error and performance monitoring | IP address, browser metadata, error traces |
| Vercel | Application hosting | HTTP request metadata |
| Upstash | Rate limiting (Redis) | IP address (hashed) |
| Inngest | Background job processing | Job metadata |
| Toast / Square / Lightspeed / Clover | POS integrations (operator-authorised only) | Menu data, order data |
5. Data Retention
| Data Type | Retention Period | Rationale |
|---|---|---|
| Order records | 24 months from order date | Financial record-keeping, dispute resolution |
| Reservation records | 12 months from reservation date | Operational reference and dispute resolution |
| Review content | While restaurant is active, or until diner requests deletion | Public review visibility |
| Operator account data | Active account + 12 months after closure | Account recovery and regulatory requirements |
| Diner profile data | Active account + 6 months after deletion request | Processing deletion and resolving transactions |
| POS OAuth tokens | While connection is active; immediately purged on disconnect | POS synchronisation |
| Server logs | 90 days | Security monitoring and debugging |
After the retention period, data is permanently deleted or irreversibly anonymised.
6. Your Rights
Under the Ghana Data Protection Act 2012, the Nigeria Data Protection Act 2023, and the GDPR, you have the following rights:
| Right | Description |
|---|---|
| Access | Request a copy of the personal data we hold about you |
| Correction | Request correction of inaccurate or incomplete data |
| Deletion | Request deletion of your data (subject to legal retention obligations) |
| Portability | Request your data in a structured, machine-readable format |
| Objection | Object to processing based on legitimate interest |
| Restriction | Request that we restrict processing in certain circumstances |
| Withdraw consent | Where processing is based on consent, withdraw it at any time |
How to Exercise Your Rights
Send your request to privacy@menuember.com with your full name, the email or phone number associated with your account, and a clear description of what right you wish to exercise. We will respond within 30 days.
If you believe your data rights have not been adequately addressed:
- Ghana: The Data Protection Commission (www.dataprotection.org.gh)
- Nigeria: The Nigeria Data Protection Commission (www.ndpc.gov.ng)
- EU: Your local supervisory authority
7. Cookies & Local Storage
Ember uses strictly necessary cookies and local storage only. We do not use any tracking, advertising, analytics, or third-party marketing cookies.
| Storage Item | Type | Purpose |
|---|---|---|
| Supabase session token | Cookie / Local Storage | Authenticating your logged-in session securely |
| Shopping cart state | Local Storage | Persisting items you add to your order while browsing the menu |
Why no cookie consent banner? Under the EU ePrivacy Directive, the Ghana DPA, and the Nigeria NDPA, cookies that are strictly necessary for providing a service you have explicitly requested are exempt from consent requirements. Since we use no optional cookies, no consent banner is legally required.
8. AI Processing Disclosure
Ember uses artificial intelligence provided by Anthropic in the following limited ways:
- Review Moderation (Claude Haiku): When you submit a review, the review text is automatically screened by an AI model to detect hate speech, offensive language, threats, spam, or personally identifiable information. Flagged reviews are hidden from public display.
- Menu PDF Parsing (Claude Sonnet): When an operator uploads a menu as a PDF or photo during onboarding, the document is processed by an AI vision model to extract structured menu data. The original document is not retained after parsing.
- Dish Description Rewriting (Claude Haiku): Operators may use an optional AI rewrite feature. AI-generated suggestions are presented for operator review — they are never published automatically.
No personal data from diners is used to train AI models. Review text is sent to Anthropic's API for real-time moderation only and is subject to Anthropic's data processing terms, which prohibit using API inputs for model training.
9. Data Security
- Database Security: Row-Level Security (RLS) policies on every table
- Encryption: Data encrypted at rest (AES-256) and in transit (TLS 1.2+)
- Payment Security: All payments handled by Paystack (PCI-DSS certified). No cardholder data stored.
- Webhook Authentication: HMAC-SHA512 cryptographic signature verification
- Authentication: Supabase Auth with magic link and OTP — no passwords stored
- Rate Limiting: Sliding-window rate limiters on all API endpoints
- Error Sanitisation: Internal error details never exposed in API responses
10. International Data Transfers
Some of our sub-processors are located outside Ghana and Nigeria (primarily in the United States). Where personal data is transferred internationally, we ensure appropriate safeguards are in place, including contractual obligations and industry-standard security certifications (SOC 2, ISO 27001, PCI-DSS as applicable).
11. Children's Privacy
Ember is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact privacy@menuember.com and we will delete such data promptly.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page and notify registered users via email or an in-app notice. Where changes materially affect your rights, we will request re-consent before you continue using the Platform.
13. Contact Us
For any questions, concerns, or requests related to this Privacy Policy:
Menu Ember Technologies Ltd.
Email: privacy@menuember.com
© 2026 Menu Ember Technologies Ltd. All rights reserved.