Privacy Policy

Last Updated: January 10, 2026

At iMenu ("we", "us", "our"), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital menu platform service at imenu.mk ("Service").

By using iMenu, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our Service.

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide when using our Service:

• Account Information: Name, email address, password, business name, phone number, address
• Payment Information: Payment method details (processed securely by third-party payment processors)
• Menu Content: Menu items, descriptions, prices, images, categories, and other content you upload
• Profile Information: Restaurant details, branding preferences, template selections, language preferences
• Communications: Messages you send us through support tickets or email

1.2 Automatically Collected Information

When you use iMenu, we automatically collect certain information:

• Usage Data: Pages viewed, features used, time spent, click patterns
• Device Information: IP address, browser type, operating system, device type
• Analytics Data: Menu views, popular items, language preferences, visitor counts
• Log Data: Access times, error logs, performance metrics
• Cookies: Session tokens, preferences, authentication data

1.3 Third-Party Information

We may receive information from third-party services:

• Payment processors (Stripe, PayPal)
• Analytics providers
• Email service providers
• Security and fraud prevention services

2. How We Use Your Information

We use your information for the following purposes:

2.1 Provide and Improve the Service

• Create and manage your account
• Display your digital menus to visitors
• Process payments and subscriptions
• Provide customer support
• Improve and optimize our platform
• Develop new features

2.2 Communications

• Send transactional emails (signup confirmations, password resets, payment receipts)
• Send service updates and announcements
• Respond to your inquiries and support requests
• Send marketing communications (you can opt-out anytime)

2.3 Analytics and Performance

• Analyze usage patterns and trends
• Monitor and improve performance
• Generate analytics for your restaurant (menu views, popular items, etc.)
• Conduct research and testing

2.4 Security and Compliance

• Protect against fraud and abuse
• Enforce our Terms of Service
• Comply with legal obligations
• Respond to legal requests

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

3.1 Public Information

Your digital menus are publicly accessible by design. Information you include in your menus (restaurant name, menu items, prices, images) is visible to anyone who accesses your menu URL or QR code.

3.2 Service Providers

We share information with trusted third-party service providers who help us operate our Service:

• Payment Processors: Stripe, PayPal (for payment processing)
• Email Services: For sending transactional and marketing emails
• Cloud Hosting: For data storage and hosting
• Analytics: For usage analytics and monitoring
• Security: For fraud prevention and security monitoring

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

3.3 Legal Requirements

We may disclose your information if required by law or in response to:

• Court orders or subpoenas
• Government requests
• Legal processes
• Protection of our rights, property, or safety
• Prevention of fraud or abuse

3.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

4. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: SSL/TLS encryption for data in transit
• Secure Storage: Encrypted databases and secure servers
• Access Controls: Limited access to personal data
• Password Security: Bcrypt hashing for passwords
• Regular Backups: Daily automated backups
• Security Monitoring: 24/7 monitoring for threats
• Security Headers: CSP, X-Frame-Options, HSTS
• Input Validation: Protection against SQL injection and XSS

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service:

• Active Accounts: Data is retained indefinitely while your account is active
• Expired Subscriptions: 7-day grace period to renew before data deletion
• Deleted Accounts: Personal data is deleted within 30 days of account deletion
• Legal Requirements: Some data may be retained longer to comply with legal obligations
• Backups: Data in backups is retained for up to 90 days

6. Your Rights (GDPR Compliance)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights:

6.1 Right to Access

You can request a copy of the personal data we hold about you.

6.2 Right to Rectification

You can update or correct your personal information through your account settings or by contacting us.

6.3 Right to Erasure

You can request deletion of your personal data. You can delete your account directly from your dashboard.

6.4 Right to Restrict Processing

You can request that we limit how we use your personal data.

6.5 Right to Data Portability

You can request a copy of your data in a machine-readable format.

6.6 Right to Object

You can object to our processing of your personal data for marketing purposes.

6.7 Right to Withdraw Consent

You can withdraw your consent to data processing at any time.

To exercise these rights, please contact us at privacy@imenu.mk.

7. Cookies and Tracking

7.1 What Are Cookies

Cookies are small text files stored on your device that help us provide and improve our Service.

7.2 Types of Cookies We Use

• Essential Cookies: Required for authentication and security (cannot be disabled)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how you use our Service
• Performance Cookies: Monitor and improve performance

7.3 Managing Cookies

You can control cookies through your browser settings. Note that disabling cookies may limit some functionality of the Service.

8. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

9. Children's Privacy

iMenu is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable laws.

11. Do Not Track Signals

We do not currently respond to "Do Not Track" signals from browsers. We do, however, respect your privacy choices and allow you to opt-out of non-essential cookies and marketing communications.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending you an email notification
• Displaying a notice in your dashboard

Your continued use of the Service after changes become effective constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Privacy Email: privacy@imenu.mk
• Support Email: support@imenu.mk
• Website: https://imenu.mk

14. Data Protection Officer

For GDPR-related inquiries, you can contact our Data Protection Officer at:

dpo@imenu.mk

---

By using iMenu, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.