← Back to RestoQR

Privacy Policy

Last updated: 5 July 2026

Who we are

RestoQR is a restaurant ordering and point-of-sale platform. This policy explains what personal data we process when guests order and when restaurants operate on RestoQR.

What we collect

  • Guests: your name and mobile number (verified by OTP), and the orders you place.
  • Restaurant owners/staff: email, a hashed password, and restaurant profile details.

We do not collect card numbers, government IDs, or precise location. Payments are handled by cash / the restaurant’s own UPI QR — no card data reaches us.

Why we use it

To run your meal (send orders to the kitchen, split and settle the bill), to show a returning guest their past orders, to authenticate owners/staff, and to give owners aggregate analytics about their restaurant.

Where it’s stored

In a managed PostgreSQL database and object storage hosted with our cloud providers. Data is encrypted in transit (HTTPS). Access to a guest’s order history requires proof that they verified that mobile number.

How long we keep it

Order and session data is kept for the meal and for the restaurant’s analytics. Accounts and their data are removed when a restaurant’s workspace is deleted. We are finalising fixed retention windows and will update this page.

Your rights

Depending on your region (e.g. GDPR/CCPA) you may request access to, correction of, or deletion of your personal data. Email privacy@restoqr.app and we’ll respond within 30 days.

Contact

Questions about this policy: privacy@restoqr.app.

See also our Terms of Service.