arrow_backBack to Home

Privacy Policy

Last updated: January 8, 2026

Epitto ("we", "our", "us") respects your privacy and is committed to protecting the personal information of users who access or use our platform, including restaurant owners, staff, and customers ("you", "user").

This Privacy Policy explains how we collect, use, store, and protect your information when you use the Epitto website, web application, mobile interfaces, QR-based ordering system, and related services (collectively, the "Services").

1. Information We Collect

1.1 Information You Provide Directly

We may collect the following information when you sign up or interact with our Services:

Account Information

  • Name
  • Email address
  • Phone number
  • Restaurant name and details

Authentication Data

  • Login credentials (encrypted)
  • OAuth identifiers (e.g., Google login)

Business & Operational Data

  • Menu items
  • Table details
  • Order data
  • Staff accounts and roles

Communication Data

  • Messages sent via contact forms
  • Support requests and feedback

1.2 Information Collected Automatically

When you access our Services, we may automatically collect:

  • Device type, browser type, operating system
  • IP address (used for security and fraud prevention)
  • Usage data (pages visited, features used, timestamps)
  • Cookies and similar technologies (see Section 6)

1.3 Customer Order Data (End Users)

When customers place orders via QR codes at partner restaurants, we may process:

  • Order details (items, quantity, price)
  • Table number / QR identifier
  • Optional customer contact details (if provided by the restaurant)

Note: Epitto does not require customers to create accounts to place orders.

2. How We Use Your Information

We use collected information to:

  • Provide and operate the Epitto platform
  • Process and manage restaurant orders
  • Enable QR-based ordering and table mapping
  • Authenticate users and prevent unauthorized access
  • Improve platform performance and user experience
  • Communicate important updates, service notices, and support responses
  • Generate analytics and reports for restaurant owners
  • Comply with legal and regulatory obligations

We do not sell your personal data.

3. Legal Basis for Processing

We process personal data based on one or more of the following legal grounds:

  • Your consent
  • Performance of a contract (providing the Services)
  • Compliance with legal obligations
  • Legitimate business interests (platform security, analytics, improvements)

4. Data Sharing and Disclosure

4.1 Service Providers

Trusted third-party vendors who assist us in:

  • Hosting and infrastructure
  • Email delivery
  • Analytics
  • Authentication services

These providers are contractually obligated to protect your data.

4.2 Legal Requirements

We may disclose information if required by law, court order, or government authority.

4.3 Business Transfers

If Epitto is involved in a merger, acquisition, or asset sale, user data may be transferred as part of that transaction.

5. Data Storage and Security

We implement industry-standard security measures, including:

  • HTTPS and SSL encryption
  • Secure authentication using HttpOnly cookies
  • Encrypted storage of sensitive credentials
  • Restricted access controls

However, no system is 100% secure. You acknowledge that you use the Services at your own risk.

6. Cookies and Tracking Technologies

Epitto uses cookies and similar technologies to:

  • Maintain user sessions
  • Authenticate logged-in users
  • Improve performance and usability

You can control cookies through your browser settings. Disabling cookies may affect functionality.

7. Data Retention

We retain personal data only for as long as necessary to:

  • Provide the Services
  • Comply with legal requirements
  • Resolve disputes
  • Enforce agreements

Restaurant data may be retained until the account is deleted or terminated.

8. User Rights

Depending on applicable laws, you may have the right to:

  • Access your personal data
  • Correct inaccurate information
  • Request deletion of your data
  • Withdraw consent (where applicable)

To exercise these rights, contact us at support@epitto.com

9. Children's Privacy

Epitto is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from minors.

10. Third-Party Links

Our Services may contain links to third-party websites or services. We are not responsible for their privacy practices.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date.

Continued use of the Services after changes constitutes acceptance of the updated policy.