Nazad na registraciju

Politika privatnosti

Verzija v1.0 · Pun tekst je ispod (ENG). Proveri da adresa u §15 odgovara sedištu.

# MeniQR Privacy Policy

**Effective date:** 4 May 2026  
**Version:** v1.0  
**Document type:** Privacy policy for restaurant / business accounts and platform visitors

---

## 1. Purpose and scope

This Privacy Policy explains how MeniQR (“**we**”, “**us**”, “**our**”) collects, uses, shares and protects personal information when you:

- Register for or use the MeniQR restaurant technology platform (**Panel**, **ordering flows**, integrations, APIs, notifications, analytics where offered);
- Browse our marketing website or authenticated areas;
- Communicate with our support team.

Your relationship with MeniQR is primarily **business-to-business (B2B)** when you act on behalf of a restaurant or similar venue. Separate notices may apply where we process personal data purely as a **processor** on instructions of our business customers (**Restaurants**)—see Section 7.

If you interact with MeniQR as a **guest** of a Restaurant (for example QR menu browsing or placing an order), the **Restaurant is typically responsible** for providing you notices about that processing under applicable law; MeniQR often acts strictly as an infrastructure provider instructed by the Restaurant—see Sections 7–8.

For **businesses in the Republic of Serbia**, the **primary regulatory reference** is **Serbian personal data protection legislation** as in force from time to time (confirm current act titles and consolidated texts via **official Serbian legal sources / Official Gazette**).

We also aim to meet internationally recognised baseline principles (**lawfulness**, **purpose limitation**, **data minimisation**, **accuracy**, **storage limitation**, **integrity and confidentiality**, **accountability**) where they reinforce—and **never below**—mandatory Serbian rules. Where EU-like standards apply by **separate contract** (for example enterprise SCC-shaped terms), those contractual modules apply only to the extent **recognised / permitted** under Serbian law alongside this Policy.

---

## 2. Data controller

The **controller** of personal information described in this Policy is **the MeniQR legal entity that contracts with your business** (“**Controller**”). The Controller’s identification details (**legal name**, **seat/address**, **company registration/APR identifiers**, **tax ID/PIB**, **privacy contact**) appear in commercial documents (Restaurant Terms & Subscription Agreement, invoices, onboarding materials) as finalised by MeniQR for your jurisdiction.

If you require the Controller’s particulars for Serbia or cross-border enquiries, please use the privacy contact stated in Section 15.

Where we provide services **only as a processor** for a Restaurant customer, **that Restaurant** is the controller for many guest-related datasets; see Section 7.

---

## 3. Personal information we collect

### 3.1 Restaurant account holders and staff (“Business Users”)

- **Identity**: full name  
- **Contact**: email address, telephone if provided  
- **Authentication**: hashed credentials handled by Supabase Auth; tokens/sessions secured by cookie technologies  
- **Organisation/restaurant linkage**: identifiers linking your user to Restaurants, organisations, invites, roles, permissions  
- **Billing** (when applicable): minimal billing/contact information required by payment providers/invoicing; **we do not store full raw card PAN** unless a licensed payment PSP instructs technical elements under PCI rules  
- **Support content**: emails, uploads, screenshots, logs you send us  
- **Technical usage**: IP address, approximate location from IP where available, browser/device type, timestamps, referrer, coarse diagnostic events for security/abuse-prevention  

### 3.2 Site visitors / marketing recipients

Same technical elements as §3.1 where applicable plus **preferences** captured through cookie/UI choices.

### 3.3 Sensitive categories

Unless explicitly volunteered for support troubleshooting, we generally **should not ask** health or biometric data via MeniQR. If Restaurants collect special-category data concerning guests beyond what MeniQR’s product requires, that is strictly between the Restaurant and its guests—and must have an independent lawful basis handled by that Restaurant.

---

## 4. Purposes & lawful bases

| Purpose | Examples | Typical lawful bases* |
|---------|----------|------------------------|
| **Provide the service & perform our contract with you/Business** | account creation; hosting Panel; syncing menus/orders/features you enable | **Contract** / **Necessary steps prior to contract** |
| **Security, integrity & abuse-prevention** | rate limits, anomaly detection logs, MFA-like controls | **Legitimate interests** (balanced) / occasional **Legal obligation** |
| **Operate & improve the product** | aggregated analytics, QA, performance tuning | **Legitimate interests** / **Consent** where required for non-essential cookies |
| **Support & communications** | replying to tickets, incident handling | **Contract** / **Legitimate interests** |
| **Comply with law** | tax/audit retention, lawful requests where valid | **Legal obligation** |
| **Marketing to Business Users** where permitted | newsletters to registered owners about product updates (**opt-in checkbox if required**) | **Consent** |

\*Exact lawful basis labels depend on your jurisdiction; where multiple bases could apply we select the strongest available baseline.

---

## 5. Retention

We retain data **no longer than necessary** for purposes above, observing:

- **Account data**: while the account stays active plus a limited grace period afterwards for recovery/disputes.  
- **Support tickets**: operational window common to ticketing (often 24–36 months unless law requires shorter/longer).  
- **Audit/security logs**: often **90–365 days**, unless prolonged for incident investigation/legal hold.  
- **Billing/tax artefacts**: statutory periods (typically **6–11 years** jurisdiction-dependent).

Exact retention schedules evolve with infra and may be narrowed; material reductions are reflected in summaries here over time.

---

## 6. Sharing & recipients

We may share limited personal information with categories of recipients:

| Category | Why |
|---------|-----|
| **Hosting & infra** (cloud providers such as regions used by MeniQR) | persistence, backups |
| **Auth & database** providers (currently **Supabase** for identity/session infrastructure) | account security |
| **Email / transactional messaging** gateways | confirmations, resets, transactional notices |
| **Payment facilitators / PSP** (only if billing enabled) | card/bank workflows |
| **Analytics** (subject to lawful configuration) | aggregated traffic insight |
| **Professional advisers** under confidentiality | mergers, reorganisations due diligence |

We require processors by contract (**including standard clauses & security expectations**) aligned with Annex obligations when we act separately as processor for Restaurants (see Annex document).

Some recipients may reside **outside Serbia / EEA-equivalent protections**. Where required, transfers rely on **adequacy**, **EU SCC-equivalent safeguards**, supplementary measures proportionate to residual risk—or other legally grounded mechanisms Serbia recognises.

---

## 7. Controller vs Processor (Restaurants using MeniQR for guest orders)

For many guest-facing flows (menus, carts, waiter calls):

- **The Restaurant chooses** menus, prompts, integrations, printers, staffing; it instructs operational logic of its guest experience via configuration.  
- **MeniQR processes** transactional records (order lines, timestamps, identifiers, QR/table tokens, coarse device fingerprints for anti-abuse sometimes) strictly to **transmit and display** hospitality operations on that Restaurant’s configuration.

Hence for much guest-related personal data (**only where factually justified on a case-specific basis**), Restaurants act as **controllers** and MeniQR as **processor** instructed by Restaurants’ lawful use plus our commercial terms & **Data Processing Annex**.

When MeniQR uses data for independent purposes (billing our customer, safeguarding platform integrity, analysing aggregate cross-customer infra health), MeniQR is **also** a distinct controller—but still minimises overlap beyond necessity.

Where law obliges Restaurants to furnish guest-facing notices, **that obligation lies primarily with Restaurants** unless MeniQR’s direct statutory duties apply distinctly.

---

## 8. Your rights & exercise

Depending on Serbian **Law on Personal Data Protection (Official Gazette coordination—commonly abbreviated ZZPL / PDP Law)** plus any parallel EU-GDPR style obligations where applicable by contract/geography, relevant individuals (**data subjects**) may have rights:

- Access  
- Correction / completion  
- Deletion (**not absolute**—statutory exemptions may apply for accounting, lawful claims, security retention)  
- Restriction  
- Portability (**where technically feasible**, mainly structured account exports)  
- Object to certain processing (**especially direct marketing**)  
- Withdraw consent (**without impacting prior lawful processing**)  
- Lodge a complaint with the **Republic of Serbia Commissioner for Information of Public Importance and Personal Data Protection** (identity of authority may evolve—customers should verify up-to-date name/URL)

**Restaurant staff & owners** exercising rights concerning account data tied to Restaurants should initiate via the privacy inbox (§15).

**Restaurant guests** exercising rights relating to hospitality orders should ordinarily contact **the Restaurant** first; MeniQR may reroute/coordinate technically where we are processor.

We respond within **30 days** (extensions possible under law for complexity/volume—we will explain delays).

---

## 9. Security

We apply layered technical & organisational safeguards (least-privilege RBAC internally, HTTPS, encryption at-rest where supported by subsystems, access logging, patching discipline, segregation of prod vs nonprod). Absolute security cannot be guaranteed; please protect credentials/API keys Restaurants issue.

Breaches materially affecting persons may generate notification duties for Controllers—and **assistive Processor duties** where Annex applies—without undue delay per law.

---

## 10. Children

Services are oriented to **commercial hospitality operators**, not minors as direct account owners. Restaurants must not enlist child labour contrary to labour law nor collect children’s ordering data unnecessarily. If inadvertent minors’ data emerges, Restaurants should rectify and notify us operationally where joint mitigation is warranted.

---

## 11. Automated decision-making

We do **not** use guest profiling producing **solely automated decisions with legally significant/equivalent impacts** absent future explicit lawful design + notice. Routine fraud heuristics (rate limits blocking abusive POST spam) aren’t individualized “profiles” aimed at discriminatory adjudication—they protect systems.

---

## 12. Cookies & similar tech

Dedicated details: **Cookie Policy** (`Cookie Policy – meni_qr_cookie_policy_v_1.md`) cross-linked at registration & site footer when published in UI routing.

---

## 13. Third-party integrations

Restaurants opting into integrations (payments, printers, POS, loyalty, ERP) may cause personal data transit through **those suppliers’ processors**, whose policies prevail for their spheres. Restaurants must DPIA/high-level assess third-party pipelines they enable.

---

## 14. Changes

We revise this Privacy Policy periodically. Registration flows show version references; materially adverse changes impacting existing customers should be heralded (**email + banner + effective date**) with opportunity to discontinue where contractually fair.

Continuing use **after** communicated effective revision where contractually permitted constitutes acknowledgement for non-core optional processing changes—or separate re-consent mechanics if stricter regimes demand.

---

## 15. Privacy contact & grievances

**Privacy / data protection enquiries:** **privacy@meniqrr.com**

**Postal / lawful authority letters:** use the **registered business address** printed on your MeniQR invoices and in the Restaurant Terms (update this line with the exact address when accounting finalises it).

**Support (non-legally-privileged troubleshooting):** **support@meniqrr.com**

Complaints escalation path: polite **pre-resolution** negotiation (30 calendar days goodwill), then supervisory authority avenue from §8 preserved.

---

## 16. Governing interpretive interplay

Interpretation references **Republic of Serbia** substantive law gaps only where unavoidable; cross-border overlaps may concurrently reference EU benchmarks where contractually stipulated (e.g. enterprise customers imposing GDPR-shaped DPA). Conflicts prioritise **narrower specificity** clauses in negotiated enterprise agreements—but never below mandatory Serbian minima protecting individuals.