Privacy Policy

1. Information We Collect

When you interact with a restaurant using DineChat, we process "Platform Data" received from Meta and information provided directly by you:

• Contact Information: Your WhatsApp phone number, profile name, and Meta User ID.
• Communication Data: The text of messages sent to the AI assistant to facilitate real-time inquiries.
• Reservation Details: Specific information provided for table bookings, including name, date, and number of guests.

2. How We Use Your Information

We use the information collected to:

• Process automated AI responses regarding restaurant services (menus, hours, location).
• Facilitate and manage restaurant reservations on behalf of our hospitality clients.
• Notify restaurant management when human intervention is required for complex guest requests.

3. Data Ownership & Non-Monetization

DineChat operates strictly as a software utility (SaaS) and Data Processor for the hospitality venues we serve. To be clear about our business model:

• No Sale of Data: We 100% DO NOT sell, rent, trade, or monetize guest contact information or booking habits to third parties, marketing agencies, or aggregators.
• Ownership: All guest data (including phone numbers and reservation history) is considered the property of the specific Restaurant you are booking with. DineChat acts solely as the technical conduit to facilitate the transaction.
• Zero Competition Policy: We do not use your reservation data to build a competing consumer-facing dining network or discovery app.

4. Data Sharing and Third Parties

We do not sell your personal data. We share data only with the following service providers necessary to operate DineChat:

• Restaurant Reservation Systems: To fulfill your specific booking requests, we transmit reservation details (Name, Phone, Time) securely to the Restaurant’s internal Table Management System (e.g., Eat App, SevenRooms, SerVme) via their official APIs.
• Meta Platforms, Inc.: To facilitate messaging via the WhatsApp Business API.
• AI Processors (Google Gemini & OpenRouter): To process text inputs and generate AI concierge responses.
• Infrastructure Providers (Railway, Clerk & PostgreSQL): We use Railway Corp. for secure application hosting, Clerk for secure user authentication, and PostgreSQL for encrypted data persistence.

5. Data Security Measures

We employ enterprise-grade security standards to protect your information and the integrity of our restaurant partners' databases:

• Encryption: All data is encrypted in transit using TLS/SSL protocols and encrypted at rest in our databases.
• API Safety: We utilize strict authentication when connecting with third-party restaurant APIs to prevent unauthorized access.
• Data Minimization: We only request and store the specific data fields necessary to confirm a reservation or answer a user query.

6. Requests from Public Authorities

We value user privacy and will only disclose Platform Data to public authorities (e.g., government or law enforcement) under the following conditions:

• The request is accompanied by a valid legal process, such as a subpoena, court order, or search warrant.
• We perform a strict legal review of every request to ensure it is lawful and justified.
• We adhere to a data minimization policy, providing only the bare minimum information required to comply with the legal request.

8. Contact Us

For any questions regarding this policy or our data practices, please contact our legal entity:

MARIOS GAITANIS & SONS MECHANICAL WORKS LIMITED
Attn: DineChat Privacy Team
Email: contact@dinechat.io
Website: https://dinechat.io