Privacy Policy

Last updated: 12 December 2025

Eatspanda (“we”, “our”, “us”) is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect personal information when you use the Eatspanda website, web platform, and Eatspanda Merchant App (collectively, the “Platform”).

Eatspanda processes personal data in accordance with the General Data Protection Regulation (GDPR) and French data protection laws enforced by CNIL.

1. Data Controller

The Data Controller is:

• Name: Sardar Khan Naqibullah
• Trading name: Eatspanda
• Country: France
• Email: support@eatspanda.com

Registration details (SIREN/SIRET) will be added once officially issued.

2. Who This Policy Applies To

• Customers ordering food
• Restaurants/Merchants using our platform and Merchant App
• Administrative users operating the platform

3. Personal Data We Collect

3.1 Customer Data

• Name
• Email
• Phone number
• Delivery address
• Order details
• Geolocation (if enabled)

Payment data is processed by payment providers. We do not store full card numbers.

Phone numbers may be shared with merchants for order coordination and are subject to masking where technically possible.

3.2 Merchant Data

• Restaurant name
• Owner / contact details
• Email & phone
• Business address
• Bank/payout information
• KBIS or business verification documents

3.3 Merchant App Data

• Device information (model, OS version)
• Push notification tokens
• Login timestamps and access logs

These data are used to manage merchant accounts, send order notifications, and improve platform security.

3.4 Technical & Device Data

• IP address
• Browser & device information
• Cookies and tracking technologies
• Usage logs

4. How We Use Your Data

4.1 Legal Basis (GDPR Article 6)

• Contract: to provide ordering, delivery, payouts
• Consent: marketing emails, cookies
• Legitimate Interest: fraud prevention, platform security
• Legal obligation: accounting, verifying merchant identity

4.2 Purposes of Data Use

• Create and manage accounts
• Process orders and payments
• Enable communication between customers and merchants
• Send notifications about orders
• Prevent fraud and ensure platform security
• Improve our services and optimize user experience
• Provide customer support

5. Sharing Your Data

We share data only when necessary:

• With Merchants: customer name, phone number (temporary), order details, delivery address
• With Payment Processors: Stripe, PayPal, COD
• With Technical Providers: hosting, maps, analytics, email services

6. Cookies & Tracking Technologies

Eatspanda uses essential cookies, analytics cookies (Google Analytics), advertising cookies (Facebook Pixel), and geolocation cookies for mapping and routing.

You can manage or disable cookies from your browser settings or via our cookie banner.

7. International Transfers

No international transfers are planned. If any provider stores data outside the EU, we will update this section and ensure GDPR safeguards (e.g., SCCs).

8. Data Retention

• Account data → until account deletion
• Order data → retained for accounting/legal obligations
• Merchant verification documents → as required by French law
• Merchant App logs → short retention for security and fraud prevention

9. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or disclosure.

10. Your Rights (GDPR)

You have the right to access, rectify, erase, restrict, or object to the processing of your personal data, as well as the right to data portability and to withdraw consent at any time.

To exercise your rights: support@eatspanda.com

11. Children's Data

The Platform does not allow users under 18 to create accounts or place orders.