Legal

Privacy Policy

What we collect, how we use it, and how we keep it safe. Plain English, no dark patterns.

Last updated: May 27, 2026

What we collect

We collect the minimum we need to run the business. That means:

  • Email address — when you purchase a guide or book a service (provided to us by Stripe at checkout).
  • Support correspondence — the content of emails you send us at [email protected] or related addresses.
  • Server logs — basic technical data (IP address, user agent, requested URL, timestamp) captured by our hosting provider, Cloudflare, for security and debugging.

We do not run analytics scripts, advertising pixels, or session-replay tools on the Site.

How we use it

We use your data only for these purposes: deliver the digital guide or service you purchased, send the receipt and (rarely) product update emails about the version you bought, respond to your support questions, and debug or secure the Site. We do not sell or rent your data. We do not use your data to train AI models. We do not send marketing emails unless you have explicitly opted in.

Third parties we use

We rely on a small set of vendors to operate:

  • Stripe — payment processing. Stripe receives your name, email, payment details, and billing address. See Stripe's privacy policy.
  • Cloudflare — hosting (Cloudflare Pages), CDN, DNS, and basic security logging. See Cloudflare's privacy policy.
  • Google Fonts — font delivery only. Loading a page makes a request to Google's font servers; Google may log basic technical request data.

Cookies

We use only strictly necessary cookies — for example, to keep a checkout session active when you buy a guide. We do not set tracking cookies, advertising cookies, or third-party analytics cookies. Because of this, we don't need a cookie consent banner under GDPR and ePrivacy rules. You can block all cookies in your browser and the Site will still work.

Your rights (GDPR & CCPA)

Depending on where you live, you have the right to: access the data we hold about you, correct it if it's wrong, delete it, port it to another service, restrict how we use it, and object to certain uses. California residents also have the right to opt out of the "sale" of personal information — we don't sell personal information, so this opt-out applies by default. To exercise any of these rights, email [email protected] or [email protected]. We'll respond within 30 days.

Data retention

We keep your data only as long as we need it:

  • Purchase records (including email) — 7 years, to comply with US tax and accounting rules.
  • Support emails — 24 months from the last reply.
  • Server logs — 30 days, then automatically purged by Cloudflare.

Children's data

The Site and products are intended for restaurant operators and professionals. They are not directed at children. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided us data, email us and we'll delete it.

International transfers

We are based in the United States, and our vendors (Stripe, Cloudflare, Google Fonts) operate globally. If you access the Site from outside the US, your data will be transferred to and processed in the US and other countries. We rely on the standard contractual safeguards offered by these vendors for international transfers under GDPR.

Changes

We may update this policy from time to time. The "Last updated" date at the top will always reflect the latest version. Material changes will be flagged on the Site before they take effect.

Contact

For any privacy question — including data access or deletion requests — email [email protected] or [email protected].