Privacy Policy

The data controller is Eatopine, reachable at [email protected].

We collect the following categories of personal data:

• Registration data: username, email address, password (encrypted).
• Profile data: profile photo, bio, food preferences.
• User-generated content: reviews, dish photos, ratings, comments.
• Geolocation data: geographic location (only with your explicit consent) to show you nearby dishes and restaurants.
• Technical data: device type, operating system, IP address, access logs.
• Usage data: interactions with the app (likes, searches, dishes viewed).

We use your data to:

• Provide the Eatopine service (account creation, publishing reviews, dish search).
• Personalize your experience (personalized feed, location-based suggestions).
• Manage the gamification system (XP calculation, levels, leaderboards).
• Ensure platform security and prevent abuse.
• Send service communications (updates, notifications about your account).
• Improve the service through aggregated, anonymized analytics.

The processing of your data is based on:

• Contract performance: to provide you with the requested service.
• Consent: for geolocation and push notifications.
• Legitimate interest: for platform security and service improvement.
• Legal obligation: when required by applicable law.

We do not sell your personal data to third parties. We may share your data with:

• Service providers: hosting (cloud providers), analytics services, push notification services.
• Competent authorities: when required by law.

Content you publish (reviews, photos, ratings) is publicly visible to other platform users.

We retain your personal data for the duration of your account. Upon account deletion, your personal data will be removed within 30 days, except for data we are legally required to retain. Anonymized reviews may be kept to preserve the integrity of ratings.

Under the GDPR and applicable law, you have the right to:

• Access: obtain a copy of your personal data.
• Rectification: correct inaccurate or incomplete data.
• Erasure: request deletion of your data.
• Portability: receive your data in a structured, readable format.
• Object: object to processing based on legitimate interest.
• Withdraw consent: withdraw your consent at any time.

To exercise your rights, contact us at [email protected].

We implement appropriate technical and organizational measures to protect your data, including password encryption, HTTPS connections, and restricted data access.

The service is not intended for children under 16. We do not knowingly collect data from children under 16. If we discover we have collected data from a minor, we will promptly delete it.

We reserve the right to update this policy. In case of significant changes, we will notify you via in-app notification or email. We encourage you to check this page periodically.

For any privacy-related questions, contact us at [email protected].