Menuva Privacy Policy

Privacy Policy

Effective date: 16 December 2025 Last updated: 1 January 2026

This Privacy Policy explains how Menuva handles personal data when you use the Menuva iOS app (the “App”) and the Menuva web pages we operate (the “Website”) (together, the “Service”). Menuva is designed to be accountless and data-minimizing, but some information (especially location data and online identifiers) can still be personal data under UK GDPR.

Key points: we do not transmit raw latitude/longitude off-device; the Website is cookie-free as of the “Last updated” date; the App uses Firebase Analytics for usage measurement, with ads features disabled and no typed search queries sent

1.

Who is responsible for your data

  1. 1.1 Controller. Duke DJ Saputra (student-led project, “Menuva”).
  2. 1.2 Emails. hello@menuva.co.uk (general) and support@menuva.co.uk (support).
  3. 1.3 Address. University of Warwick, Scarman Rd, Coventry CV4 7AL, United Kingdom.
  4. 1.4 If you contact us by email, we process the information you include to respond.
2.

Intended users and territory

  1. 2.1 Menuva is intended for users in the United Kingdom. If you use the Service elsewhere, this policy still applies, and our service providers may process data internationally (see Section 8).
3.

What data we collect

A. Precise location (on-device, foreground only)

  1. 3.A.1 If you grant iOS location permission (“When In Use”), the App collects precise location on your device to:
    1. show nearby venues, and
    2. determine which venue’s menus to load.
  2. 3.A.2 How it works.
    1. Location updates may run continuously while the App is in the foreground on relevant screens (for example, home/map).
    2. Distance calculations happen locally on your device.
    3. The App may cache your last known location and city on-device only (for example, via iOS local storage) for faster loading and fallback behavior.
  3. 3.A.3 What we do not do.
    1. We do not transmit raw latitude/longitude off-device.
    2. We do not intentionally store your precise location in our databases.
  4. 3.A.4 You can disable location access at any time in iOS settings. If you deny location access, manual venue selection remains available.

B. Dietary and allergen preferences (on-device)

  1. 3.B.1 If you set dietary or allergen preferences, they are stored on-device only and are not synced to our servers.

C. App analytics (Firebase Analytics)

  1. 3.C.1 The App uses Firebase Analytics to understand usage and improve the App.
  2. 3.C.2 App interaction events. Examples include opening a menu, tapping map controls, opening settings, configuring personalization, and adding/removing items in the order summary.
  3. 3.C.3 Event parameters. Examples include venue identifiers (restaurant slug, location ID), feature flags (for example, has_location true/false), counts (for example, basket count, totals), and configuration choices (language code, currency code). We log allergy and dietary configuration as counts only, not specific selections.
  4. 3.C.4 Device and app information used for measurement. Firebase Analytics processes device and app information and identifiers used for measurement (for example, an app-instance identifier), plus technical data that may be processed by the analytics provider to deliver the service securely and reliably (such as IP address and request metadata).
  5. 3.C.5 Important clarifications.
    1. The App does not log typed search queries (no free-text search strings are sent to analytics).
    2. Users do not have accounts, and we do not set a custom user ID in analytics.
    3. Ads features are disabled, and we do not use analytics for cross-app tracking.

D. Feedback (optional, Website)

  1. 3.D.1 If you submit feedback at menuva.co.uk/feedback, your submission may include:
    1. your responses, and
    2. optional contact details (only if you choose to provide them).
  2. 3.D.2 If you include contact details, they are personal data.

E. Technical and network data (Service delivery)

  1. 3.E.1 When your device connects to Firebase/Google infrastructure to fetch menus and images, technical data such as IP address and request metadata may be processed by service providers to deliver content, maintain security, and prevent abuse.

F. Website data (cookie-free)

  1. 3.F.1 As of the “Last updated” date, the Website is cookie-free and does not run analytics. Our hosting provider may still process technical log data (IP address and request metadata) to deliver the Website securely.
4.

What we do not collect

  1. 4.1 For the current App:
    1. no account registration, and no sign-in,
    2. no names, emails, or phone numbers unless you voluntarily provide them via feedback or email,
    3. no advertising identifier (IDFA) collection, and no ATT-based tracking, and
    4. no cross-app tracking for advertising.
5.

How we use data and our legal bases

UK GDPR requires a lawful basis for processing.

Purpose Data Lawful basis
Provide nearby venue discovery and load correct menus Precise location (on-device) Consent (you enable location permission in iOS)
Provide the Service reliably and securely Technical/network data handled by providers Legitimate interests (operate a secure, reliable service)
Understand usage and improve the App Analytics event data Legitimate interests (product improvement and pilot evaluation)
Receive and respond to feedback Feedback content; optional contact details Consent (you choose what to submit) and/or legitimate interests (improving the Service)

You can withdraw consent for location processing at any time by disabling location permissions in iOS settings.

6.

Who we share data with

  1. 6.1 We share data only as needed to run the Service.

A. Google Firebase / Google Cloud

  1. 6.A.1 We use Firebase services:
    1. Firebase Storage (menus and images delivery),
    2. Firebase Firestore (read-only menu metadata used by the App),
    3. Firebase Analytics (usage analytics), and
    4. Firebase App Check (abuse prevention, for example validating requests using Apple’s device attestation mechanisms).
  2. 6.A.2 Google processes data as needed to provide and secure these services.

B. Google Forms (feedback)

  1. 6.B.1 If you submit feedback via Google Forms, Google processes that submission as the form provider.

C. Apple

  1. 6.C.1 Apple processes App Store distribution and provides developers with aggregated App Store metrics.

D. Participating venues (aggregated only)

  1. 6.D.1 We may share aggregated pilot reporting with participating venues. We do not share precise location data or per-device analytics.
  2. 6.D.2 As of the “Last updated” date, venue partners do not have access to our Firebase Analytics dashboards. If we enable partner access in the future, we will update this policy first (see Section 12).
  3. 6.D.3 We do not sell personal data.
7.

Data retention

  1. 7.1 We keep data only as long as needed:
    1. Precise location: used on-device; not stored in our databases; last known location/city may be cached locally until you delete the App or reset preferences
    2. On-device preferences and caches: stored locally until you delete the App or reset preferences
    3. Analytics (Firebase/GA4): retained for 14 months (per our current analytics retention configuration)
    4. Feedback submissions (Google Forms): we periodically review feedback and delete or anonymize it when no longer needed, typically within 24 months, unless we need to keep it longer to resolve issues or for legitimate record-keeping
    5. Service-provider logs: may exist within third-party infrastructure for security and operational reasons and are retained per provider configuration
8.

International transfers

  1. 8.1 Our service providers may process data outside the UK. Where required, transfers are protected using appropriate safeguards (such as contractual protections) consistent with UK data protection requirements.
9.

Security

  1. 9.1 We use reasonable technical and organizational measures to protect data, including encryption in transit and at rest where supported, and restricted administrative access.
10.

Children

  1. 10.1 The Service is intended for users aged 13+. We do not knowingly collect personal data from children under 13. The App does not currently implement age verification.
11.

Your rights and how they work in an accountless app

  1. 11.1 Depending on your circumstances, you may have rights including access, deletion, correction, restriction, portability, and objection. You also have the right to complain to the UK supervisory authority (the Information Commissioner’s Office).
  2. 11.2 Accountless limitation. Because the App does not use accounts and does not collect direct identifiers, we may not be able to identify or retrieve App-related data about you beyond:
    1. feedback you submitted (if you provided contact details or sufficient context to locate it), and
    2. correspondence you send us by email.
  3. 11.3 Objecting to analytics. You can object to analytics processing by contacting us. Because analytics is not tied to an account identity, we generally cannot reliably locate or delete past analytics records associated with a specific person. If you delete the App, it stops further analytics events from being sent from that device.
12.

Changes to this Privacy Policy

  1. 12.1 If we change how we process data (for example, enabling Website analytics, adding new SDKs, changing analytics settings, or expanding who can access analytics dashboards), we will update this policy and, where appropriate, provide in-app or Website notice. Apple also requires keeping App Privacy disclosures accurate.
13.

Contact

  1. 13.1 Questions or requests: hello@menuva.co.uk
  2. 13.2 Support: support@menuva.co.uk
  3. 13.3 Privacy Policy page: menuva.co.uk/privacy