EatsDeskEatsDesk
  • Features
  • Pricing
  • How it works
  • Reviews
  • Compare
  • FAQ
  • Blog
Sign inStart free trial →Free trial →
← Back to home

Privacy Policy

Last updated: July 7, 2026

At Eats Desk, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our restaurant management platform. Please read this privacy policy carefully.

1. Information We Collect

Personal Information

When you register for an Eats Desk account, we collect information such as:

  • Restaurant name and business details
  • Contact information (name, email address, phone number)
  • Business address and location
  • Payment information for subscription billing
  • User account credentials

Restaurant Data

When you use our platform, we collect and store:

  • Menu items, categories, and pricing information
  • Inventory and ingredient data
  • Order and transaction records
  • Customer information (names, phone numbers, delivery addresses)
  • Staff accounts and role assignments
  • Sales reports and analytics data

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain our restaurant management services
  • Process transactions and manage your subscription
  • Generate your restaurant website and enable online ordering
  • Send you operational updates, technical notices, and support messages
  • Respond to your inquiries and provide customer support
  • Improve and optimize our platform's functionality and user experience
  • Monitor usage patterns and detect potential security issues
  • Send marketing communications (with your consent, which you can withdraw at any time)

3. Data Security

We implement industry-standard measures to protect your data:

  • All data is encrypted in transit using SSL/TLS protocols
  • Passwords are hashed using secure algorithms
  • Our multi-tenant architecture is designed to isolate each restaurant's data, with role-based access controls governing who on your team can see and do what.
  • Access controls and role-based permissions
  • Automated backups to prevent data loss
  • Software and infrastructure updates as part of our normal operations

Your data is stored on secure, managed cloud database infrastructure (currently DigitalOcean Managed MongoDB) with encryption in transit (SSL/TLS), encryption at rest, and automated daily backups. Application services are hosted on established cloud platforms (Vercel and Render). Access to production systems is restricted to authorized personnel only.

Additional security measures include: hashed and salted password storage (passwords are never stored in plain text), token-based authentication with expiring sessions, permission-gated API access on every request, and audit logging of sensitive administrative actions. We continuously review and improve our security controls.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your data only in the following circumstances:

  • Service Providers: We may share data with trusted third-party service providers who assist us in operating our platform (e.g., payment processors, hosting providers, email services). These providers are contractually obligated to protect your data. AI-powered features: where you enable AI-powered features (such as the WhatsApp AI Receptionist), message content from those conversations is processed by our AI infrastructure provider (Anthropic) solely to generate responses on your behalf. Under our agreement with them, this data is not used to train their models and is not retained for their own purposes.
  • Legal Requirements: We may disclose your information if required by law, court order, or government regulation.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner.
  • With Your Consent: We may share your information for any other purpose with your explicit consent.

5. Your Customers' Data

When your customers place orders through your EatsDesk-powered website, POS, or WhatsApp, we process their information — such as name, contact details, delivery address, and order history — on your behalf and under your instructions, solely to operate your restaurant's services (taking orders, arranging delivery, printing receipts, and generating your reports). We act as a data processor for this information; you, the restaurant, are the data controller. We do not sell your customers' data, use it to market to them, or share it with other restaurants on the platform. You are responsible for informing your customers about how their information is used. If a customer asks us directly to access or delete their data, we will refer the request to you and assist you in fulfilling it.

6. Your Rights and Choices

You have the following rights regarding your personal data:

  • Access: You can access and review your account information at any time through your dashboard.
  • Correction: You can update or correct your information directly in your account settings.
  • Deletion: You can request deletion of your account and associated data by contacting our support team.
  • Data Portability: You may request an export of your restaurant's data at any time by contacting support; we will provide it in a common electronic format (such as CSV) within a reasonable time, where technically practicable.
  • Marketing Opt-Out: You can unsubscribe from marketing communications at any time using the unsubscribe link in our emails.

7. Data Breach Notification

In the unlikely event of a security breach affecting your data, we will notify affected customers without undue delay after becoming aware of it, describe the nature of the incident and the data involved, and outline the steps we are taking in response.

8. Subprocessors

We rely on a small number of trusted infrastructure providers to deliver the service: DigitalOcean (database hosting), Render (backend hosting), Vercel (frontend hosting), Anthropic (AI processing for AI-powered features), Meta (WhatsApp Business Platform, for WhatsApp features), and our SMTP email provider (transactional email delivery). Each processes data only as needed to provide their service to us.

9. Data Retention

We retain your information for as long as your account is active or as needed to provide you services. If you close your account, we will delete your data within 90 days, except where we are required to retain it for legal, regulatory, or security purposes.

Transactional records may be retained for longer periods as required by applicable tax and accounting regulations.

10. Cookies and Tracking

We use cookies and similar technologies that are necessary to run the platform. As of the date of this policy, these include:

  • Essential cookies: Required for the platform to function (for example, session management and authentication).
  • Preference cookies: Remember your settings and preferences where we offer them.

You can control cookie settings through your browser, but disabling certain cookies may affect platform functionality.

11. Third-Party Links

Our platform may contain links to third-party websites or services (e.g., payment gateways, delivery platforms). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

12. Children's Privacy

Eats Desk is intended for business use and is not designed for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by email or through a prominent notice on our platform. Your continued use of Eats Desk after changes are made constitutes acceptance of the updated policy.

For users in the European Economic Area or United Kingdom, you may have additional rights under GDPR or UK GDPR. Please contact us to exercise these rights.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, contact us:

EatsDesk — Privacy

Email: support@eatsdesk.com (include "Privacy" in the subject line for data requests)

WhatsApp: +92 316 6222269

Registered office: Islamabad, Pakistan

Your restaurant deserves
better than paper.

30 days free. We set everything up. You start taking orders the same day.

Start free — 30 days →

No credit card · No hardware · Cancel anytime

EatsDeskEatsDesk

Restaurant OS for fast food — POS, kitchen, riders, inventory, and your site in one place.

Product

  • Features
  • Pricing
  • Compare plans
  • How it works
  • FAQ

Account

  • Sign in
  • Start free trial
  • Contact
  • Privacy
  • Terms

Resources

  • Blog

Socials

  • X (Twitter)
  • Instagram
  • LinkedIn
  • Facebook
© 2026 EatsDeskeatsdesk.com