Skip to main content

Privacy Policy

1. Information We Collect

Account information: When you create an account, we collect your name, email address, and authentication credentials. Runners additionally provide business details and identity verification through Stripe.

Order information: We collect details of your orders including items, quantities, amounts paid, pickup locations, and timestamps.

Payment information: Payment card details are collected and processed by Stripe. We do not store full card numbers on our servers. We retain Stripe customer and payment intent identifiers.

Communication data: If you opt in to SMS or email notifications, we store your phone number or email address and records of messages sent.

Usage data: We collect standard server logs including IP addresses, browser type, pages visited, and timestamps.

2. How We Use Your Information

We use your information to:

  • Process orders and payments
  • Send order confirmations, pickup reminders, and run updates
  • Facilitate dispute resolution between Buyers and Runners
  • Improve the Platform and develop new features
  • Detect and prevent fraud, abuse, and policy violations
  • Comply with legal obligations

3. Information Sharing

We do not sell your personal information. We share information only as follows:

With Runners and Buyers: When you place an order, the Runner sees your name and order details to fulfill the pickup. Buyers see the Runner's brand name and pickup location.

With service providers: We use Stripe for payments, Neon for database hosting and authentication, Cloudflare for content delivery, and Resend or AWS SES for transactional email. These providers process data on our behalf under their own privacy policies.

As required by law: We may disclose information in response to legal process or government requests.

4. Data Retention

We retain your account and order data for as long as your account is active and for a reasonable period afterward to comply with legal and financial reporting obligations. Anonymized and aggregated data may be retained indefinitely for analytics. You may request deletion of your account and associated data by contacting us.

5. Data Security

We use industry-standard measures to protect your data, including encrypted connections (TLS), row-level security policies on our database, and restricted access to production systems. No system is perfectly secure, and we cannot guarantee absolute security.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate information
  • Request deletion of your data
  • Object to or restrict certain processing
  • Receive a portable copy of your data
  • Opt out of marketing communications

To exercise any of these rights, contact us at support@foodieandbandit.com.

7. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising or tracking cookies. Stripe may set cookies required for payment processing and fraud prevention.

8. Children

The Platform is not intended for users under 18. We do not knowingly collect personal information from children. If we learn that we have collected data from a child, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. The effective date at the top of this page indicates when the policy was last revised.

10. Contact

For privacy-related questions or requests, contact us at support@foodieandbandit.com.