← Back to home

Privacy policy

How SmartMenuScan handles your data.

Effective date: May 11, 2026

We run SmartMenuScan as a free, paperless alternative to disposable menus. This policy explains how we collect, use, share, and protect information while keeping advertisers separate from the restaurants we support.

1. Information we collect

  • Account data: owner name, email, restaurant details, uploaded logos, and menu metadata stored securely in Supabase.
  • Usage data: QR scans, page views, clicks on sponsored placements, device/browser information, and approximate location derived from IP addresses.
  • Support data: any information you send to smartmenuscan@gmail.com when requesting help or reporting issues.
  • We do not collect payment information because SmartMenuScan is entirely free for restaurants.

2. How we use information

  • Operate and improve the SmartMenuScan dashboard, onboarding flow, and public menu pages so restaurants can stay paperless.
  • Measure performance of sponsored placements and Google AdSense advertisements that keep the platform free.
  • Prevent fraud, enforce the Terms of Service, and comply with legal obligations.
  • Respond to support requests and send essential service emails (no spam).

3. Advertising & cookies

  • SmartMenuScan manages all sponsored creatives—restaurant owners do not create or fund ads. Creatives may set cookies solely for measurement.
  • SmartMenuScan displays Google AdSense advertisements on resource and guide pages. These pages show the standard 'ads by Google' notice. Google may collect cookies or device identifiers to deliver personalized or non-personalized ads in accordance with their Publisher Policies.
  • You can opt out of personalized ads by visiting Google’s Ads Settings or by using industry opt-out pages such as aboutads.info.

4. Data sharing

  • We do not sell restaurant or diner data.
  • We share limited data with service providers (Supabase, Vercel, analytics vendors) strictly to operate the platform.
  • Advertisers only receive aggregated, non-identifiable reporting so they understand performance without contacting restaurants directly.
  • If required by law or to protect our users, we may disclose information to authorities following due process.

5. Data retention & security

  • Restaurant data remains in Supabase while the account is active. Backups are retained for up to 90 days.
  • If you delete content, we remove it from production immediately and from backups during the next rotation.
  • We use encryption in transit (HTTPS) and enforce least-privilege access for internal tooling.

6. Your rights

  • You can request access, updates, or deletion of your data by emailing smartmenuscan@gmail.com.
  • If you are a diner who scanned a QR menu, contact us with the restaurant name and scan time; we will remove related analytics where legally permitted.
  • EU/EEA residents may exercise GDPR rights and California residents may exercise CCPA rights using the same email address above.

7. Changes & contact

  • We update this Privacy Policy whenever we launch new features or add ad networks such as AdSense.
  • We will post the new effective date and, if changes are material, notify account owners via email.
  • Questions? Reach us at smartmenuscan@gmail.com.