Privacy Policy

Last updated: December 2024

California Residents: Your Privacy Rights

Under CCPA, you have the right to know, delete, and opt-out of the sale of your personal information.

1. Introduction

DeliCodes, operated by Openkan LLC (“we,” “our,” or “us”), respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital menu platform and services.

This policy complies with the California Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR), and other applicable privacy laws.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

  • Account Information: Name, email address, phone number, business information
  • Restaurant Profile Data: Restaurant name, address, menu items, photos, descriptions
  • Payment Information: Billing address, payment method details (processed by third-party providers)
  • Communication Data: Messages, support tickets, feedback
  • Usage Information: How you interact with our platform, features used, time spent

2.2 Automatically Collected Information

  • Device Information: IP address, browser type, operating system, device identifiers
  • Analytics Data: Page views, clicks, session duration, referral sources
  • Location Data: Approximate location based on IP address (with consent)
  • Cookies and Tracking: See our Cookie Policy below

3. How We Use Your Information

We use your personal information for the following purposes:

Service Provision

  • Create and manage your restaurant profiles
  • Generate QR codes and digital menus
  • Provide AI nutritional analysis
  • Feature your restaurant in our mobile app directory
  • Process payments and manage subscriptions

Cross-Platform Restaurant Discovery

Important: By using our service, your restaurant information will be shared across our product ecosystem to maximize your visibility:

  • Restaurant profiles displayed in our consumer mobile apps
  • Menu items searchable across our platform network
  • Restaurant data used in our recommendation algorithms
  • Business information integrated into our mapping and discovery services
  • Menu content used to improve search and matching capabilities

This cross-platform sharing may provide marketing exposure and help customers discover your restaurant, subject to our algorithms and platform policies. Exposure is not guaranteed and may vary based on various factors.

Communication & Support

  • Respond to customer service requests
  • Send service updates and notifications
  • Provide technical support
  • Send marketing communications (with consent)

Business Operations

  • Improve and optimize our services
  • Conduct analytics and research
  • Ensure security and prevent fraud
  • Comply with legal obligations

AI and Machine Learning Services

  • Provide AI-powered nutritional analysis for menu items
  • Generate ingredient lists and dietary information
  • Improve AI model accuracy through aggregated, anonymized data
  • Personalize recommendations based on usage patterns

Note: Personal data used for AI processing is anonymized and aggregated. We do not use individual personal information to train our AI models.

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

4.1 Cross-Platform Sharing (Core Service Feature)

By using our service, you automatically consent to sharing your restaurant information across our product ecosystem:

  • Mobile Apps: Restaurant profiles displayed in our consumer discovery apps
  • Search Platforms: Menu items and restaurant data indexed for search functionality
  • Recommendation Services: Business information used in AI-powered restaurant suggestions
  • Mapping Integration: Location and business details integrated into location-based services
  • Partner Platforms: Restaurant data shared with approved food discovery partners (with additional consent)

Limited Opt-Out: Some cross-platform sharing controls may be available in your privacy settings, though this may limit potential marketing benefits of our service. Complete opt-out may not be available for core service features.

4.2 Marketing Partnerships

  • Third-party food delivery platforms (only with explicit consent)
  • Local business directories and review sites (with your approval)
  • Tourism and travel recommendation services (opt-in basis)

4.3 Service Providers

We share information with trusted third-party service providers who assist us in operating our service:

  • Payment Processing: Stripe, PayPal (for payment processing and billing)
  • Cloud Infrastructure: Vercel, Supabase, AWS (for hosting and data storage)
  • Analytics: Google Analytics, Mixpanel (for usage analytics and improvements)
  • Email Services: Resend, SendGrid (for transactional and marketing emails)
  • Customer Support: Intercom, Zendesk (for customer service and support)
  • AI Services: OpenAI, Google AI (for nutritional analysis and content generation)

All service providers are contractually required to protect your information and use it only for the purposes we specify.

4.4 Legal Requirements

  • To comply with laws, regulations, or court orders
  • To protect our rights, property, or safety
  • To investigate fraud or security issues
  • In connection with legal proceedings

We do not currently sell your personal information to third parties for direct monetary consideration, though we may share data with partners for mutual business benefits.

5. California Consumer Privacy Act (CCPA) Rights

If you are a California resident, you have the following rights under the CCPA:

Right to Know

Request information about what personal information we collect, use, disclose, or sell

Right to Delete

Request deletion of personal information we have collected about you

Right to Portability

Request a copy of your personal information in a portable format

Right to Opt-Out

Opt-out of the sale of personal information (we don't sell personal information) and control cross-platform sharing of your restaurant data

Cross-Platform Sharing Control: Limited controls may be available for some sharing of your restaurant information across our product ecosystem, though this may limit marketing exposure benefits. Complete control may not be available for core service features.

How to Exercise Your Rights

You can exercise your CCPA rights through multiple methods:

Self-Service Options

  • Delete Account: Request deletion of your data through account settings (subject to retention requirements below)
  • Export Data: Request available information through your dashboard (subject to technical limitations and processing)
  • Privacy Controls: Manage some cookie preferences and data sharing settings

Some data may be retained for business operations, legal compliance, or legitimate interests as described in our retention policy.

Contact Us for Other Requests

  • Email: contact@deli.codes
  • Phone: (510) 227-1981
  • Mail: 2108 N st STE N, Sacramento, CA 95816

For requests requiring identity verification, we will make reasonable efforts to respond within applicable legal timeframes, which may be extended based on request complexity, verification requirements, technical limitations, and available resources. We do not discriminate against consumers who exercise their CCPA rights.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Remember your preferences and settings
  • Provide personalized content and features
  • Analyze site usage and improve performance
  • Deliver relevant advertising (with consent)

6.1 Types of Cookies We Use

Essential Cookies

Required for basic site functionality, user authentication, and security.

Analytics Cookies

Help us understand how visitors interact with our website (Google Analytics, Mixpanel).

Functional Cookies

Remember your preferences and settings for enhanced user experience.

Marketing Cookies

Used to deliver relevant advertisements and track campaign effectiveness (only with consent).

6.2 Cookie Management

You can control cookies through your browser settings. However, disabling essential cookies may affect the functionality of our services. You can opt-out of analytics cookies through our cookie preference center.

7. Data Security

We implement appropriate technical and organizational security measures to protect your information:

  • Encryption in transit and at rest
  • Access controls and authentication
  • Regular security audits and updates
  • Employee privacy training
  • Incident response procedures

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

8. Data Retention

We retain your personal information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Improve our services (using aggregated, anonymized data only)

8.1 User-Controlled Deletion

You have control over your data retention, subject to our business needs:

  • Immediate Deletion: Use the “Delete Account” feature to remove personal data (some data may be retained as described below)
  • Automatic Cleanup: Inactive accounts are automatically deleted after 3 years of inactivity
  • Business Operations Retention: We may retain data necessary for business operations, legal compliance, fraud prevention, and service improvements
  • Aggregated Data: Anonymous, aggregated analytics and business intelligence data is retained indefinitely
  • Legal Requirements: Data required for tax, accounting, legal, or regulatory purposes may be retained for up to 7 years

8.2 Cross-Platform Data Deletion

Important for Multi-Product Users: When you request account deletion, we will make reasonable efforts to remove your restaurant information from our systems, subject to technical, operational, and legal constraints:

  • ✅ Primary DeliCodes platform (within 30 days)
  • ✅ Mobile app directory listings (within 30-60 days)
  • ✅ Search indexes and recommendation systems (within 60 days)
  • ⚠️ Partner platform integrations (within 90 days, subject to partner policies)
  • ⚠️ Cached data in CDNs and search engines may persist for up to 12 months
  • ⚠️ Aggregated, anonymized data may be retained indefinitely
  • ⚠️ Data required for legal, tax, or business purposes may be retained up to 7 years

Third-party platforms have their own data retention policies. We provide deletion notices but cannot guarantee immediate compliance. Some data may be retained for legitimate business interests or legal requirements.

Important: Account deletion is immediate and irreversible. Please export any data you wish to keep before using the deletion feature.

9. Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process personal information based on the following legal grounds:

  • Contract Performance: Processing necessary to provide our services, including cross-platform sharing, AI analysis, and recommendation systems
  • Legitimate Interest: Analytics, security, service improvements, business intelligence, marketing exposure for restaurants, fraud prevention, product development, and competitive analysis
  • Consent: Marketing communications, optional features, and enhanced data sharing with partners
  • Legal Obligation: Compliance with applicable laws, regulations, tax requirements, and legal process

We may process data for multiple legal bases simultaneously. Our legitimate interests include operating, improving, and expanding our business to benefit our restaurant partners.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard contractual clauses
  • Adequacy decisions
  • Certification schemes

11. Children's Privacy

Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take reasonable steps to delete such information when feasible and legally permitted.

12. Changes to This Privacy Policy

We may update this Privacy Policy at any time at our sole discretion. We may provide notice of material changes by one or more of the following methods:

  • Posting the updated policy on our website with a new “Last Updated” date
  • Sending email notifications to registered users (when feasible)
  • Providing in-app notifications (when possible)

Your continued use of our services after changes become effective constitutes acceptance of the updated policy. If you do not agree to changes, you must discontinue use of our services. We are not responsible for ensuring you receive or review change notifications.

We may make changes to comply with legal requirements, improve our services, or adapt to business needs without additional consent.

13. Contact Information

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Privacy Officer

Openkan LLC - DeliCodes Privacy Team

Email: contact@deli.codes

Address: 2108 N st STE N, Sacramento, CA 95816

For CCPA Requests:

Email: contact@deli.codes

Subject Line: “CCPA Request - [Your Request Type]”

14. Additional California Disclosures

In the past 12 months, we have collected the following categories of personal information:

  • Identifiers (name, email, IP address)
  • Commercial information (purchase history, preferences)
  • Internet activity (browsing history, interactions)
  • Professional information (business details)
  • Inferences (preferences, characteristics)

We collect this information for the business purposes described in Section 3. We share information with the categories of third parties described in Section 4.

This Privacy Policy was last updated on December 2024 and is effective immediately. This policy is governed by California law.