Legal

Privacy Policy

How GetMaani collects, uses, and protects information for restaurants, guests, and visitors.

Last updated: May 25, 2026

1. Introduction

GetMaani ("we," "us," or "our") provides websites, online ordering, guest apps, guest CRM, marketing tools, and related services for independent restaurants and small groups ("Restaurants," "you"). This Privacy Policy explains how we collect, use, disclose, and protect information when you visit getmaani.com, use our operator dashboard, or interact with a Restaurant powered by GetMaani.

By using our services, you agree to this policy. If you do not agree, please do not use our services.

2. Information we collect

Information Restaurants provide

  • Business name, locations, hours, and contact details
  • Menu, pricing, and operational settings
  • Staff and administrator account credentials
  • Billing and subscription information
  • Content you upload (photos, videos, copy, promotions)

Guest and end-user information

  • Name, email, phone number, and delivery or pickup details when placing orders
  • Order history, preferences, loyalty status, CRM tags/segments, and marketing opt-ins
  • Device, browser, and usage data on Restaurant storefronts and apps
  • Payment-related tokens processed by our payment partners (we do not store full card numbers)

Information collected automatically

  • Log data such as IP address, pages viewed, and referring URLs
  • Cookies and similar technologies (see Cookies below)
  • Analytics and performance data to improve reliability and features

3. How we use information

We use information to operate, maintain, and improve GetMaani, including:

  • Providing websites, ordering, apps, guest CRM, loyalty, email/SMS, and reporting
  • Processing orders and transmitting them to Restaurant systems
  • Authenticating users and preventing fraud or abuse
  • Sending service, security, and account-related communications
  • Analyzing usage to improve product performance and support
  • Complying with legal obligations and enforcing our terms

4. Restaurant ownership of guest data

Restaurants are the controllers of their guests' personal data collected through their branded storefronts and apps. GetMaani processes that data on behalf of Restaurants to deliver the services they configure.

Restaurants are responsible for their own privacy notices, consent, and marketing compliance (including CAN-SPAM, TCPA, and applicable local laws). We provide tools to help Restaurants honor opt-outs and access requests but do not control how Restaurants use guest lists outside the platform.

5. Guest CRM

GetMaani's guest CRM helps Restaurants see guest profiles built from direct orders, reservations, loyalty activity, and marketing engagement. CRM data may include contact details, order and visit history, average spend, favorite items, loyalty tier, tags (such as "VIP" or "lapsed"), and campaign responses.

Restaurants choose how to use CRM insights—for example, win-back offers to guests who have not ordered recently or thank-you messages to high-value regulars. We process CRM data only to provide features Restaurants enable and do not sell guest lists to third-party marketers.

  • Restaurants can export or delete CRM records subject to legal and operational requirements
  • Guests may opt out of marketing while still receiving transactional messages about their orders
  • Staff access to CRM data should be limited to roles Restaurants authorize in their account settings

6. How we share information

We do not sell personal information. We may share information with:

  • Service providers (hosting, analytics, email/SMS delivery, payments, support) under contractual confidentiality obligations
  • Payment processors to complete transactions initiated by guests or Restaurants
  • Professional advisers or authorities when required by law or to protect rights and safety
  • A successor entity in connection with a merger, acquisition, or asset sale, with notice where required

7. Cookies and tracking

We use cookies and similar technologies for authentication, preferences, security, and analytics. You can control cookies through your browser settings; disabling certain cookies may limit functionality.

Restaurants may configure additional tracking or marketing pixels on their storefronts; those practices are governed by the Restaurant's policies.

8. Security

We implement administrative, technical, and organizational measures designed to protect information, including encryption in transit, access controls, and monitoring. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

9. Data retention

We retain information for as long as needed to provide services, comply with legal obligations, resolve disputes, and enforce agreements. Restaurants may request export or deletion of certain data subject to applicable law and operational requirements (e.g., tax or fraud records).

10. Your rights and choices

Depending on your location, you may have rights to access, correct, delete, or restrict processing of your personal information, and to object to certain processing or receive a portable copy.

Guests should contact the Restaurant they ordered from for order-specific requests. Account holders and Restaurants may contact us at the address below. We will respond within timeframes required by applicable law.

11. Children's privacy

Our services are not directed to children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children. Contact us if you believe we have collected such information.

12. International users

If you access our services from outside the United States, your information may be processed in the U.S. or other countries where we or our providers operate, which may have different data protection laws than your country.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the "Last updated" date. Material changes may be communicated by email or in-product notice where appropriate.