Privacy Policy

Last updated: February 23, 2026

Introduction

Scan2Order ("we", "us", or "our") operates the scan2order.app platform and related services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our QR menu platform, website, and related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our Service.

Information We Collect

Account Information

When you register for a Scan2Order account, we collect:

• Full name
• Email address
• Phone number (optional)
• Business name and type
• Business address
• Password (stored in encrypted form)

Payment Information

When you subscribe to a paid plan (Starter, Professional, Advanced, or Ultra) or purchase module add-ons, payment processing is handled by Stripe. We do not store your full credit card number, CVV, or banking details on our servers. Stripe processes and stores this information in accordance with PCI-DSS standards. We receive and store:

• Last four digits of your payment card
• Card brand (Visa, Mastercard, etc.)
• Billing address
• Stripe customer and subscription identifiers
• Transaction history and invoice records

Menu & Business Content

We store the content you create and manage through the platform:

• Menu items, descriptions, and pricing
• Product images and media uploads
• Category structures and menu configurations
• Multi-language translations (up to 31 supported languages)
• QR code configurations and customizations

Usage & Analytics Data

We automatically collect certain information when you or your customers interact with the Service:

• QR code scan counts and timestamps
• Menu page views and popular item analytics
• Device type and browser information
• IP address and approximate geographic location
• Pages visited and time spent on the platform
• Referring URLs and search terms

Cookies & Tracking

We use cookies and similar technologies to enhance your experience. For detailed information, please see our Cookie Policy.

How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To create and manage your account, process subscriptions, generate QR menus, and provide all platform features
• Payment Processing: To process subscription payments, module add-on purchases, plan upgrades/downgrades, and issue invoices via Stripe
• Analytics: To provide you with insights about your menu performance, QR scan statistics, and customer engagement metrics
• Communication: To send service-related emails including account confirmations, billing notifications, subscription changes, and security alerts
• Marketing: To send newsletters and promotional content (only with your consent; you may opt out at any time)
• Platform Improvement: To analyze usage patterns, fix bugs, develop new features, and improve user experience
• Security: To detect and prevent fraud, unauthorized access, and other harmful activities
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

Data Sharing & Third Parties

We do not sell your personal data. We may share your information with the following categories of third parties:

Service Providers

• Stripe: Payment processing for subscriptions and transactions
• Cloud Hosting Providers: Infrastructure and data storage
• Analytics Providers: Website and platform analytics (e.g., Google Analytics)
• Email Service Providers: Transactional and marketing email delivery

Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Scan2Order, our users, or the public.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change.

Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. Specifically:

• Account Data: Retained while your account is active and for 30 days after deletion request
• Payment Records: Retained for 7 years for tax and legal compliance
• Analytics Data: Aggregated and anonymized data may be retained indefinitely
• Menu Content: Deleted within 30 days of account closure
• Server Logs: Retained for up to 90 days

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restriction: Request that we limit the processing of your data
• Right to Data Portability: Request your data in a structured, machine-readable format
• Right to Object: Object to certain types of data processing, including direct marketing
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, contact us at hello@scan2order.app. We will respond within 30 days.

Data Security

We implement appropriate technical and organizational security measures to protect your data, including:

• SSL/TLS encryption for all data in transit
• Encrypted storage for sensitive data at rest
• Regular security audits and vulnerability assessments
• Access controls and authentication requirements for staff
• Secure, PCI-compliant payment processing through Stripe

International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including countries within the European Economic Area (EEA) and beyond. When transferring data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or adequacy decisions.

Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information promptly.

Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

• Email: hello@scan2order.app
• Address: Scan2Order, Krya Vrysi, Pella, Greece

For GDPR-related inquiries, please see our GDPR Compliance page.