Effective date: April 29, 2026
DineLinks ('we', 'us', 'our') operates dinelinks.com and provides digital menu services to restaurants. This policy explains what data we collect, how we use it, and your rights.
Account information: When you create an account, we collect your email address and a password (hashed with bcrypt — never stored in plain text). We may also collect your business name and contact info if you provide it.
Restaurant data: Menu items, categories, descriptions, prices, photos, and themes you upload. This data is used solely to display your menu publicly.
Payment information: We use Stripe to process payments. We never see or store your full credit card numbers — Stripe handles all payment data per PCI-DSS standards. We only store your Stripe customer ID and subscription status.
Analytics: We collect anonymous, aggregated data about how customers interact with your menu (page views, item clicks, language preferences, device type, time of visit). No personally identifiable information about your customers is collected. Customer IP addresses are not stored.
Cookies and session storage: We use minimal cookies and browser session storage for authentication and to maintain analytics session IDs. We do not use third-party advertising cookies.
To provide and improve the DineLinks service. To process payments via Stripe. To send you transactional emails (account verification, password reset, trial reminders, billing). To communicate updates about your account. We do not sell your data. We do not share your data with third parties for marketing.
All data is stored in Supabase (PostgreSQL) on infrastructure hosted in North America. Passwords are hashed using bcrypt before storage and are never accessible in plain text — even to us. All data in transit is encrypted via TLS. Access to production data is limited to the founder of DineLinks.
You can: View, edit, or delete your menu data at any time from your admin panel. Export your data on request. Delete your account permanently from your account settings, which will remove all associated data within 30 days. Request a copy of all data we hold about you by emailing hello@dinelinks.com.
DineLinks is not intended for users under 16. We do not knowingly collect data from children.
Stripe (payment processing). Resend (transactional email delivery). Vercel (hosting). Supabase (database). Google Translate API (menu translation). Each has its own privacy policy.
We may update this policy occasionally. Material changes will be communicated via email.
Questions? Email hello@dinelinks.com or use our contact page.