Privacy Policy for DormDish

Last Updated: [Insert Date - e.g., August 5, 2024]

1. Introduction

Welcome to DormDish! This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application DormDish. We respect your privacy and are committed to protecting it. Please read this policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last Updated" date of this Privacy Policy.

2. Information We Collect

We may collect information about you in a variety of ways. The information we may collect via the App includes:

• Personal Data You Provide: When you register for an account, we collect personally identifiable information, such as your name, email address, phone number, dorm, room number, chosen role (customer or chef), and password. Chef applicants may provide additional details like allergens, cuisine preferences, bio, and availability. Providing this information is necessary to use core features of the App.
• Device Information: We collect specific information about the device you use to access our App, including a unique Device ID and a Push Notification Token (FCM Token) generated by your device's operating system and the messaging service.
• Usage Data (Internal): We may collect information about how you use the App, such as features accessed and actions taken. This is used for internal analysis to improve app functionality and user experience.

Important Note (Data Linking): As disclosed in our App Store listing, the Contact Info (Name) and Identifiers (User ID, Device ID) we collect are primarily used for App Functionality and internal Analytics. This data is processed in a way that is not linked to your specific, real-world identity outside the context of the app's operation. For example, while we store your name with your profile, our internal analytics processes focus on aggregated patterns and app performance rather than tracking individual user behavior tied to their real name for external marketing purposes.

3. How We Use Your Information

Having accurate information about you permits us to provide you with a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the App to:

• Create and manage your account.
• Enable user-to-user communications (e.g., between customers and chefs).
• Send you push notifications regarding your account or orders, provided you have consented to receive them.
• Process transactions and fulfill orders.
• Monitor and analyze usage and trends to improve your experience with the App (internal analytics).
• Ensure the security and operational functionality of our services.
• Respond to user inquiries and offer support.
• Comply with legal obligations.

4. Disclosure of Your Information

We do not sell or rent your personal information to third parties. We may share information we have collected about you in certain situations:

• By Law or to Protect Rights: If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation.
• Third-Party Service Providers: We use Supabase as our backend provider for database storage, authentication, and potentially other backend services. We use Firebase Cloud Messaging (FCM) for push notifications. These service providers have access to your information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
• User Interactions: If you interact with other users of the App (e.g., placing an order with a chef), those users may see your name, profile picture (if provided), and other information necessary to facilitate the interaction (like order details).

5. Data Storage and Security

We use administrative, technical, and physical security measures to help protect your personal information. Your data is primarily stored using Supabase's infrastructure. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.

We retain your personal information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes, and enforce our agreements.

6. Your Rights (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights under the GDPR. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

• Access: You have the right to access the personal information we hold about you.
• Rectification: You have the right to request correction of any inaccurate information.
• Erasure: You have the right to request the deletion of your personal data, subject to certain exceptions.
• Restriction: You have the right to request that we restrict the processing of your personal information.
• Objection: You have the right to object to our processing of your personal data.

To exercise these rights, please contact us using the contact information below. We may ask you to verify your identity before responding to such requests.

7. Children's Privacy

Our App is not intended for use by children under the age of 13 (or higher age as required by local law), and we do not knowingly collect personal information from children under this age.

8. Contact Us