How SmartMenuScan handles your data.

Effective date: Fri Dec 05 2025

We run SmartMenuScan as a free, paperless alternative to disposable menus. This policy explains how we collect, use, share, and protect information while keeping advertisers separate from the restaurants we support.

1. Information we collect

Account data: owner name, email, restaurant details, uploaded logos, and menu metadata stored securely in Supabase.
Usage data: QR scans, page views, clicks on sponsored placements, device/browser information, and approximate location derived from IP addresses.
Support data: any information you send to smartmenuscan@gmail.com when requesting help or reporting issues.
We do not collect payment information because SmartMenuScan is entirely free for restaurants.

2. How we use information

Operate and improve the SmartMenuScan dashboard, onboarding flow, and public menu pages so restaurants can stay paperless.
Measure performance of sponsored placements and, in the future, AdSense or other ad networks that keep the platform free.
Prevent fraud, enforce the Terms of Service, and comply with legal obligations.
Respond to support requests and send essential service emails (no spam).

3. Advertising & cookies

SmartMenuScan manages all sponsored creatives—restaurant owners do not create or fund ads. Creatives may set cookies solely for measurement.
When we add Google AdSense, pages will display the standard 'ads by Google' notice. Google may collect cookies or device identifiers to deliver personalized or non-personalized ads in accordance with their Publisher Policies.
You can opt out of personalized ads by visiting Google’s Ads Settings or by using industry opt-out pages such as aboutads.info.

4. Data sharing

We do not sell restaurant or diner data.
We share limited data with service providers (Supabase, Vercel, analytics vendors) strictly to operate the platform.
Advertisers only receive aggregated, non-identifiable reporting so they understand performance without contacting restaurants directly.
If required by law or to protect our users, we may disclose information to authorities following due process.

5. Data retention & security

Restaurant data remains in Supabase while the account is active. Backups are retained for up to 90 days.
If you delete content, we remove it from production immediately and from backups during the next rotation.
We use encryption in transit (HTTPS) and enforce least-privilege access for internal tooling.

6. Your rights

You can request access, updates, or deletion of your data by emailing smartmenuscan@gmail.com.
If you are a diner who scanned a QR menu, contact us with the restaurant name and scan time; we will remove related analytics where legally permitted.
EU/EEA residents may exercise GDPR rights and California residents may exercise CCPA rights using the same email address above.

7. Changes & contact

We update this Privacy Policy whenever we launch new features or add ad networks such as AdSense.
We will post the new effective date and, if changes are material, notify account owners via email.
Questions? Reach us at smartmenuscan@gmail.com.