Privacy Policy

menewz ("menewz", "we", "us", or "our") operates a digital menu platform that lets restaurants build and publish QR-ready menus. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the choices you have.

If you have questions about this policy, contact us at danantomer@gmail.com.

Information we collect

• Account information. When you create an account or sign in - including signing in with Google - we receive your email address and, where provided, your name and profile picture.
• Content you create. Restaurant and menu details you enter (names, descriptions, prices, categories) and images you upload.
• Images. Images you upload are hosted on Cloudinary. We store the resulting image URL and a dominant colour value used to render a placeholder.
• Usage data. We record anonymous menu-view and interaction events so we can show you analytics about how your menus perform.
• Technical data. We process your IP address, device and browser information, and cookies that are necessary to keep you signed in.

Cookies

We use cookies that are strictly necessary for authentication - they keep you signed in to your account (set by Supabase Auth). We do not use advertising or cross-site tracking cookies.

Bot protection (Cloudflare Turnstile)

To protect sign-in, sign-up, and other forms from automated abuse, we use Cloudflare Turnstile in its invisible mode. Turnstile may collect and process information about your device and network connection to determine whether you are a human. This processing is governed by Cloudflare. See the Cloudflare Turnstile Privacy Policy.

How we use your information

We use your information to provide and operate the service, authenticate you, render and publish your menus, generate analytics for you, keep the platform secure, provide support, and comply with legal obligations.

Service providers

We share data with processors that help us run the service: Supabase (database, authentication, and file storage), Cloudinary (image hosting and delivery), Vercel (application hosting and content delivery), Google (sign-in via Google OAuth), and Cloudflare (Turnstile bot protection).

These providers act on our instructions and may process data on servers located outside Israel, including in the European Union and the United States.

Legal basis

We process personal data to perform our contract with you (providing the service), for our legitimate interests (security, analytics, and improving the product), and, where required, on the basis of your consent.

Data retention

We keep your account and content for as long as your account is active. You can ask us to delete your account and associated data at any time.

Your rights

Depending on your location, you may have the right to access, correct, delete, or export your personal data, and to object to or restrict certain processing. To exercise these rights, contact us at danantomer@gmail.com.

Children

The service is not directed to children under 16, and we do not knowingly collect personal data from them.

Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the latest version. Material changes will be communicated where appropriate.

Contact

For any privacy questions or requests, email us at danantomer@gmail.com.