Privacy Policy

1. Who We Are

iMango is the data controller for personal data processed through the iMango service. For privacy questions or requests, contact us at support@imango.app.

2. Information We Collect

We collect account and workspace information, including email address, authentication data, restaurant records, workspace records, subscription plan, billing status, menus, categories, menu items, prices, option groups, table records, QR destinations, and uploaded item images.

When guests use a table QR menu, we may process table code, cart contents, submitted item snapshots, selected options, quantities, guest notes, order totals, submitted-order history for the current browser or device, and ready-to-pay signals. Guests do not need a iMango account to browse a public menu or submit a table order where ordering is enabled.

We collect technical and device information needed to operate and secure the service, including IP address, browser and device information, logs, cookies, and local storage data.

When a restaurant owner uses translation features, the selected menu text is sent to Google Cloud Translation so translations can be returned.

When a restaurant owner uses paid features, payment and subscription processing is handled by Stripe. iMango stores Stripe customer, subscription, payment status, and billing sync identifiers, but does not store full payment card details.

3. How We Use Information

We use personal data to provide iMango, authenticate users, maintain restaurant workspaces, publish public menus, generate QR destinations, support table ordering, show submitted order records to restaurant staff, provide translation features, manage billing and subscriptions, prevent fraud and abuse, secure the service, troubleshoot issues, provide support, comply with legal obligations, and enforce our Terms of Service.

Some information is required to provide the service. If you do not provide required account, restaurant, menu, billing, or technical information, parts of iMango may not work.

4. How We Share Information

We share personal data with service providers that help us operate iMango, including hosting and database providers, authentication and storage providers, Stripe for billing, and Google Cloud Translation when translation is requested.

Restaurant owners and authorized staff can access restaurant content and order records for their own restaurant workspace. We may also disclose information if required by law, to protect rights and security, or as part of a merger, acquisition, financing, or sale of assets.

We do not sell personal data.

5. Cookies and Local Storage

iMango uses cookies for authentication, sessions, security, and restaurant preferences. iMango uses local storage for guest cart state, submitted-order history on the current browser or device, and admin order-alert preferences.

Guest submitted-order history is device-scoped. A public table QR link does not expose a table-wide order history to every visitor.

6. Retention

We retain account, workspace, restaurant, menu, order, billing, and support records for as long as needed to provide the service, comply with legal obligations, resolve disputes, prevent abuse, enforce agreements, and maintain business records.

Guest cart data stored in local storage expires according to iMango's local cart rules. Billing records may be retained for tax, accounting, audit, fraud-prevention, and payment-dispute purposes. We delete or anonymize personal data when it is no longer needed, unless retention is required or permitted by law.

7. International Processing

iMango and its service providers may process personal data in countries other than the country where you are located. Where required, we use appropriate safeguards for cross-border processing.

8. Security

We use reasonable technical and organizational safeguards, including encrypted transport, access controls, provider-managed security controls, and service-role boundaries for sensitive server operations. No online service can be guaranteed to be completely secure.

9. Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict, object to, or receive a copy of your personal data. You may also have the right to withdraw consent where processing is based on consent, and the right to lodge a complaint with a data protection authority.

To exercise privacy rights, contact support@imango.app. We may need to verify your identity before responding.

10. Children

iMango is designed for restaurant businesses and is not directed to children. We do not knowingly collect personal data from children.

11. Changes

We may update this Privacy Policy from time to time. The updated version will show a new "Last updated" date.