Privacy Policy

Last updated: February 28, 2026

1. Information We Collect

Account Data: Name, email address, phone number, city, and optional profile photo when you register.

Booking Data: Reservation details, dining history, preferences, and special requests.

Payment Data: Transaction amounts and gateway references. We do NOT store your credit card numbers — all payment processing is handled by PCI-DSS compliant third parties (JazzCash).

Usage Data: Browser type, IP address, pages visited, and interaction patterns for analytics.

Location Data: With your consent, we may collect geolocation data to show nearby restaurants.

2. How We Use Your Information

  • To create and manage your account
  • To process reservations and payments
  • To send booking confirmations, OTP codes, and important service updates
  • To personalize your experience and show relevant restaurant recommendations
  • To maintain platform security and prevent fraud
  • To compute and distribute Foodie Coins and rewards
  • To improve the Platform through analytics

3. Data Sharing

We share limited data with:

  • Restaurant Partners: Your name, party size, and booking details for reservation fulfillment.
  • Payment Processors: Transaction data for payment processing (JazzCash).
  • Analytics Providers: Anonymized usage data for platform improvement.

We do NOT sell your personal data to third parties for marketing purposes.

4. Data Security

We implement industry-standard security measures:

  • Passwords are hashed using bcrypt with a cost factor of 12
  • OTP codes are stored in Redis with automatic TTL expiration
  • All API endpoints use rate limiting to prevent abuse
  • HTTPS encryption for all data in transit
  • Payment subscription cards use TOTP-based cryptographic verification

5. Cookies

We use essential cookies for authentication (session tokens) and optional analytics cookies. You can control cookie preferences through your browser settings.

6. Your Rights

You have the right to:

  • Access: Request a copy of your personal data.
  • Correction: Update inaccurate information via your profile.
  • Deletion: Request deletion of your account and associated data.
  • Data Portability: Receive your data in a structured format.

To exercise these rights, contact [email protected].

7. Data Retention

We retain account data for as long as your account is active. Booking history is retained for 3 years for auditing purposes. Financial transaction records are retained for 7 years as per Pakistani financial regulations.

8. Children's Privacy

Foodies Pakistan is not intended for use by individuals under 16 years of age. We do not knowingly collect data from children.

9. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated through email or in-app notifications.

10. Contact

For privacy-related inquiries, contact our Data Protection Officer at [email protected].