Privacy Policy

1) Scope

This Policy applies to information we process in connection with the Services. It does not apply to third-party websites, apps, or services that may link to or integrate with the Services. Those are governed by their own policies.

2) Information We Collect

We collect information in the following ways:

(a) Information You Provide

• Account and profile details (e.g., name, display name, email, business details).
• Content you submit or upload (e.g., text, images, reviews, business listings, menu items) and related metadata.
• Communications with us (e.g., support requests, feedback).
• Payment-related information (processed by our payment providers; we do not store full payment card numbers).

(b) Information from Your Use of the Services

• Device and usage data (e.g., IP address, device type, OS, app version, browser type, pages/screens viewed, referring/exit pages, timestamps, crash and performance logs).
• Cookies, SDKs, and similar technologies that help us authenticate users, remember preferences, measure usage, and secure the Services.
• Approximate location derived from IP address or device settings if you enable location features.

(c) Information from Third-Party Services (if you connect them)

If you choose to connect Third-Party Services (e.g., Google), we may receive information from those services consistent with your settings and their policies. Examples include your basic profile, business profile data, content you authorize us to access, and tokens that allow us to act on your behalf within the scope you grant.

We may de-identify or aggregate information so it can no longer reasonably be linked to an identifiable person. We may use and disclose such information for any purpose, subject to applicable law.

3) How We Use Information

We use information for the following purposes:

• Provide and operate the Services, including authentication, account management, content hosting, and integrations you enable.
• Improve and develop the Services, including debugging, analytics, and research to enhance performance, security, and user experience.
• Communicate with you, such as sending service messages, updates, and responding to inquiries.
• Personalize features and content consistent with your settings and applicable law.
• Protect the Services and users, including detecting, preventing, and responding to fraud, abuse, security risks, and technical issues.
• Comply with legal obligations and enforce our Terms of Service.

Where required by law, we rely on one or more legal bases to process personal data, including: performance of a contract, legitimate interests (such as providing and improving the Services and ensuring security), consent (which you may withdraw at any time), and compliance with legal obligations.

4) Cookies and Similar Technologies

We and our service providers use cookies, SDKs, and similar technologies to operate, secure, and measure the Services. You can control cookies through browser settings and system permissions. If you disable cookies, some features may not work properly. We do not currently respond to "Do Not Track" signals.

5) How We Share Information

We may share information as follows:

• Service Providers. With vendors and contractors who perform services on our behalf (e.g., hosting, storage, analytics, customer support, payment processing, security). They are contractually required to use information only to provide services to us and to protect it.
• Affiliates. With our affiliates as needed to operate and improve the Services.
• Legal, Safety, and Security. To comply with law or legal process; protect the rights, property, or safety of us, our users, or others; or investigate suspected or actual illegal activity.
• Business Transfers. In connection with a corporate transaction (e.g., merger, acquisition, financing, or sale of assets).
• With Your Direction. When you instruct us or consent to sharing (e.g., enabling an integration or publishing content).

We do not sell personal information and do not share personal information for cross-context behavioral advertising as those terms are defined under the California Consumer Privacy Act (CCPA/CPRA).

6) Data Retention

We retain information for as long as necessary to provide the Services, comply with our legal obligations, resolve disputes, and enforce agreements. Retention periods vary depending on the type of data and the purposes for which we use it. When we no longer need information, we take steps to delete or de-identify it.

If you revoke access to a connected Third-Party Service (e.g., via your Google Account settings), we will delete stored OAuth tokens and related data we are not legally required to retain within a reasonable period.

7) Google API Services — User Data Policy (Limited Use)

For users who connect Google accounts:

• We access Google user data only to provide or improve user-facing features you request.
• We do not use or transfer Google user data for serving ads, or for purposes unrelated to your use of the Services.
• We do not permit humans to read Google user data unless (i) you give explicit consent, (ii) it's necessary for security or to comply with law, or (iii) our use is limited to internal operations and the data (including derivations) have been aggregated and de-identified.
• We do not transfer Google user data to third parties except to service providers as necessary to provide the Services and only in compliance with Google's policies and applicable law.
• You can revoke access at any time in your Google Account's security settings. After revocation, we delete OAuth tokens and related data not required to be retained within a reasonable time.

We comply with the Google API Services User Data Policy, including the Limited Use requirements.

8) Security

We implement reasonable technical and organizational measures designed to protect information (e.g., encryption in transit, access controls, and monitoring). No system is perfectly secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and for promptly notifying us of any suspected compromise.

9) Your Rights and Choices

Depending on your location, you may have rights over your personal information.

California (CCPA/CPRA)

California residents have the right to: (i) know/access categories and specific pieces of personal information we collect and disclose; (ii) delete personal information; (iii) correct inaccurate personal information; (iv) opt-out of sale or sharing (we do not sell or share); (v) limit the use and disclosure of sensitive personal information where applicable; and (vi) be free from discrimination for exercising these rights. You may submit a verifiable request using the contact methods in Section 12. You may use an authorized agent; we may need to verify your identity and the agent's authority.

EEA/UK/Switzerland (GDPR)

You may have rights to access, rectify, erase, restrict or object to processing, and data portability. When processing is based on consent, you may withdraw consent at any time. You also have the right to lodge a complaint with your local data protection authority.

Marketing Communications

You can opt out of non-transactional email marketing by using the unsubscribe link in those emails.

10) International Data Transfers

We may transfer, store, and process information in countries other than your own (including the United States). Where required, we use appropriate safeguards such as Standard Contractual Clauses to permit data transfers.

11) Children's Privacy

The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If we learn that a child under 13 has provided personal information, we will take steps to delete it.

12) Contact Us

13) Changes to This Policy

We may update this Policy from time to time. If we make material changes, we will provide notice (e.g., by posting the updated Policy and updating the "Effective Date" above). Your continued use of the Services after the updated Policy becomes effective constitutes acceptance.

14) California Notice at Collection (Summary)

We collect the following categories of personal information: identifiers (e.g., name, email, IP), commercial information (e.g., subscriptions), internet/usage data (e.g., device and analytics data), geolocation (approximate), and inferences drawn from other personal information to personalize Services. We use and disclose these categories for the purposes described in Sections 3 and 5. We do not sell or share personal information for cross-context behavioral advertising.