Privacy Policy
1. Information We Collect
We collect only the information necessary to provide and operate the service. This includes:
- Full name, email address, and phone number provided at registration
- Password, stored in encrypted (hashed) format — never readable or transmitted in plain text
- Profile avatar image (optional, uploaded by you)
- Last login timestamp, used for account security
- Restaurant name, address, contact number, and business type
- Seating spaces, table names, and capacity info
- Dish categories, names, descriptions, prices, and variants
- Dish photos uploaded by you for menu display purposes
- Inventory stock items, quantities, and units
- KOT (Kitchen Order Tickets) — items ordered, status, timestamps
- Order records — bill numbers, items, tax, discounts, payment methods, totals
- Purchase records — supplier transactions and payment status
- Stock consumption logs per order
- Notification history — order and general alerts
- Firebase Cloud Messaging (FCM) device token — used for push notifications only
- User notification preferences (on/off per category)
- Organization-level settings (currency, tax rate, service charge)
- If you configure Fonepay QR payments: merchant username, password, API key, and merchant code
- This is entirely optional and only relevant if you enable QR payment collection
2. How We Use Your Information
| Data | Purpose |
|---|---|
| Name, email, phone | Account creation, login, password recovery |
| Password (hashed) | Authentication only — never accessed in plain text |
| Restaurant details | Multi-restaurant management and configuration |
| Order and KOT data | Real-time order tracking, kitchen display, billing |
| Inventory and stock | Purchase tracking, automatic stock deduction on orders |
| Dish photos | Displaying items in the restaurant's digital menu |
| FCM token | Delivering push notifications for orders and alerts |
| OTP via email | Account email verification and password reset |
| Fonepay credentials | Initiating QR payment and verifying transactions |
| Customer/party profiles | Credit tracking, delivery records, supplier management |
| Server logs | Error diagnosis and service reliability |
3. App Permissions
Below is every permission the app requests and why it is needed:
- Camera — Used only when you actively take a photo for a dish. No background access, no video recording. Photos are uploaded to our server for menu display.
- Read External Storage — Allows selecting existing photos from your gallery to use as dish images. Read-only access to images you explicitly choose.
- Write External Storage — Required on older Android versions to save or share bill receipts generated in the app.
- Internet — Required for all core functions: syncing orders, inventory, notifications, and backend communication over HTTPS.
- Vibrate — Provides haptic feedback when push notifications arrive for new orders or kitchen alerts.
- Post Notifications — Required on Android 13+ to display push notifications. You can disable this in system settings at any time.
4. Fonepay QR Code Display (Optional Feature)
Restaurant operators who wish to show a Fonepay Dynamic QR code at checkout can optionally configure their Fonepay merchant account credentials within the app. This is entirely optional; the app is fully functional without it.
- Fonepay merchant username and password (password stored encrypted)
- Fonepay API key and merchant code
- These are the same credentials issued to the restaurant by Fonepay when they register as a merchant on fonepay.com
- When a bill is ready, Dinedex uses these credentials to call the Fonepay API and generate a Dynamic QR code for the exact bill amount
- The QR code is displayed on-screen for the customer to scan using their own wallet app (e.g., eSewa, Khalti, or any Fonepay-compatible app)
- Dinedex does not process, transfer, or store payment funds — the entire payment transaction happens between the customer's wallet and Fonepay's infrastructure
- All API calls to Fonepay are made server-side over HTTPS; credentials are never sent directly from the device
- Credentials are stored encrypted at rest on our backend server
- They are used only to call the Fonepay QR generation API — for no other purpose
- If you do not configure Fonepay, no payment credentials are stored at all
5. Third-Party Customer and Supplier Data
During normal use, Dinedex allows restaurant operators to record information about their customers and suppliers. Dinedex acts as a data processor on behalf of the operator.
- Customer name, phone number, and credit/debit account balances (for party accounts)
- For delivery orders: customer name, phone number, and delivery address
- Supplier name, contact number, purchase amounts, and payment status
Restaurant operators are responsible for ensuring they have an appropriate basis to store their customers' and suppliers' contact information. End-customers of the restaurant who wish to have their data removed may contact us directly.
6. Push Notifications
Dinedex uses Firebase Cloud Messaging (FCM) by Google to deliver push notifications. The following types of notifications are sent:
- New order alerts when a customer places an order
- KOT status updates from the kitchen
- General service announcements
Your FCM device token is stored on our server and shared with Google's FCM infrastructure to route notifications to your device. Google's handling of FCM data is governed by Google's Privacy Policy. You can disable notifications at any time from your device's system settings or from within the app's User Settings screen.
8. Data Security
- All communication between the app and our servers uses HTTPS/TLS encryption
- Passwords are stored using bcrypt hashing — never readable in plain text
- Fonepay credentials are encrypted at rest on our server
- Authentication uses short-lived JWT tokens with refresh token rotation
- Server access is protected with rate limiting and security headers
- Server error and request logs are retained for up to 90 days for diagnostics and are not tied to personal identity
No online system is fully risk-free. While we apply industry-standard practices, we cannot guarantee absolute security. If you suspect unauthorized access to your account, please contact us immediately.
9. Your Rights
You may exercise any of the following rights by emailing us at the address in Section 13:
- Access — Request a copy of all personal data we hold about you
- Correction — Ask us to correct inaccurate or incomplete data
- Deletion — Request complete deletion of your account and all associated data. We will process this within 30 days.
- Portability — Request an export of your data in a machine-readable format
- Opt-out of notifications — Disable push notifications anytime in app settings or your device's system settings
To submit a request, email us with the subject line: "Data Request — [Your Name]". We will respond within 30 days.
10. Data Retention
| Data | Retention Period |
|---|---|
| Account data | Retained while account is active. Deleted within 30 days of deletion request. |
| Restaurant operational data | Retained for the duration of the account. Deleted on account or organization removal. |
| Dish photos | Deleted when the dish or organization is removed. |
| FCM device token | Replaced on each login. Removed on logout or account deletion. |
| OTP records | Automatically deleted on use or expiry (typically within 10 minutes). |
| Fonepay credentials | Retained until deleted by you in settings, or on account deletion. |
| Server logs | Up to 90 days for diagnostic purposes, then purged automatically. |
| Customer/supplier data | Retained while the organization exists. Deleted on organization or account removal. |
11. Children's Privacy
Dinedex is intended for users who are 13 years of age or older. We do not knowingly collect personal information from anyone under 13. If we become aware that a user under 13 has provided personal data, we will delete it immediately. If you believe this has occurred, please contact us.
12. Location Data
Dinedex does not collect or request location data. Future versions may add location-based features such as delivery suggestions. If added, this will be disclosed in an updated policy with an in-app notice before taking effect.
13. Policy Updates
We may update this Privacy Policy to reflect changes in our practices or legal requirements. When we do:
- The "Last Updated" date at the top of this page will be revised
- Significant changes will be communicated via a push notification or in-app notice
- Continued use of the app after the updated date constitutes acceptance
The current version is always available at https://dinedex-privacy-page.netlify.app/
14. Contact
For any questions, concerns, or data requests related to this Privacy Policy:
Dinedex
Kathmandu, Nepal
Email: bijayniraula@bijay-niraula.com.np
We typically respond within 2 business days.