Legal

Privacy Policy

Last updated: June 11, 2026

AllerIQ ("we", "us") provides software that helps restaurants publish allergen-aware digital menus. This policy explains what we collect, why, and the choices you have. It covers two groups: restaurant accounts (owners and staff who sign up) and menu visitors (guests who view a published menu).

What we collect — restaurant accounts

  • Account details. Name, email address, and a hashed password. We never store plaintext passwords.
  • Restaurant content. Your restaurant profile, menu sections, dishes, prices, ingredients, allergen mappings, uploaded images, and appearance settings — everything needed to render your public menu.
  • Billing. Payments are processed by Stripe. We store your Stripe customer reference and subscription status, never your card number.
  • Audit records. For food-safety accountability we keep an append-only log of changes to allergen-related data (what changed, when, by which account, and the request IP).

What we collect — menu visitors

  • No account required. Guests browse menus without signing in. Allergen selections are kept on the guest's own device and are not stored on our servers.
  • Menu chat & translation. If a guest uses the optional "Can I eat this?" chat or menu translation, the conversation text and the menu content are processed by our AI provider (Google Gemini) to generate the answer. Chat messages are not used to build guest profiles.
  • Technical logs. Our hosting provider (Cloudflare) processes IP addresses and request metadata to serve pages, prevent abuse, and rate-limit traffic.

How we use information

  • To operate the service: render menus, generate QR codes, and sync subscriptions.
  • To send transactional email: welcome messages, password resets, and billing notices (via Postmark).
  • To process menu imports and AI features you explicitly trigger.
  • To protect the service: rate limiting, abuse prevention, and security logging.

We do not sell personal data, run third-party advertising, or use your menu content to train AI models.

Service providers

We share data only with the processors that run the service: Cloudflare (hosting, storage), Neon (database), Stripe (payments), Postmark (email), and Google (AI features, only when an AI feature is used). Each receives only what it needs to perform its function.

Retention & deletion

Your content stays as long as your account is active. You can delete your account at any time from Dashboard → Settings → Danger zone; this permanently removes your account, restaurant, menu, and uploaded content, and cancels any active subscription. Audit logs and published-menu snapshots may be retained where we have a legal obligation or a food-safety accountability basis to keep them.

Security

All traffic is encrypted in transit (TLS). Passwords are stored using salted PBKDF2 hashing. Access to production systems is restricted, and allergen-data changes are tracked in an append-only audit log.

Your rights

Depending on where you live (e.g., GDPR or CCPA jurisdictions), you may have rights to access, correct, export, or delete your personal data. Most of these are self-serve in the dashboard; for anything else, email privacy@alleriq.app and we'll respond within 30 days.

Children

AllerIQ is a business tool and is not directed at children under 13. We do not knowingly collect personal information from children.

Changes

If we make material changes to this policy we'll update the date above and notify account holders by email. Questions? Contact privacy@alleriq.app.

See also our Terms of Service.