Privacy Policy | CoRestaurant

1. Introduction

Welcome to CoRestaurant.ch ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our mobile application, or engage with our services (collectively, the "Service").

We are committed to protecting your privacy and ensuring transparency about our data practices. Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

Your Privacy Rights

We respect your privacy rights and are committed to GDPR compliance. You have control over your personal data and can exercise your rights at any time.

2. Information We Collect

2.1 Personal Information

Account Information: When you create an account, we collect information such as your name, email address, username, and password.

Profile Information: You may choose to provide additional information such as profile pictures, preferences, and dining history.

2.2 Usage Information

We automatically collect information about how you use our Service, including:

Pages visited and features used
Search queries and restaurant interactions
Reviews and ratings you submit
Time spent on different sections of our platform
Device information and browser type

2.3 Location Information

With your consent, we may collect and process information about your location to:

Show nearby restaurants and dining options
Provide location-based recommendations
Improve our mapping and navigation features

2.4 Communication Data

We collect information when you contact us, including email correspondence, support tickets, and feedback you provide.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Provision

Create and manage your account
Provide restaurant search and discovery features
Process and display your reviews and ratings
Offer personalized recommendations
Enable communication between users and restaurants

3.2 Service Improvement

Analyze usage patterns to improve our platform
Develop new features and functionality
Conduct research and analytics
Enhance user experience and interface design

3.3 Communication

Send important service updates and notifications
Respond to your inquiries and support requests
Send promotional communications (with your consent)
Provide customer support

3.4 Legal and Security

Comply with legal obligations
Protect against fraud and abuse
Enforce our Terms and Conditions
Ensure platform security and integrity

4. Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

Contract Performance: Processing necessary to provide our services to you
Legitimate Interest: Improving our services, preventing fraud, and ensuring security
Consent: For marketing communications and location data (where required)
Legal Obligation: Compliance with applicable laws and regulations

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

5.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our platform, such as:

Cloud hosting and storage providers
Payment processing services
Email and communication services
Analytics and marketing platforms

5.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5.3 Legal Requirements

We may disclose your information if required by law, legal process, or to protect our rights, property, or safety, or that of our users or the public.

5.4 Public Information

Reviews, ratings, and profile information you choose to make public will be visible to other users of our platform.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

Encryption of data in transit and at rest
Regular security assessments and updates
Access controls and authentication procedures
Employee training on data protection practices
Incident response and breach notification procedures

However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Specific retention periods include:

Account Information: Until you delete your account or request deletion
Usage Data: Typically retained for 2-3 years for analytics purposes
Communication Records: Retained for customer service and legal compliance
Reviews and Ratings: May be retained to maintain platform integrity

8. Your Privacy Rights

Under GDPR, you have the following rights:

Right of Access: Request information about your personal data
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure: Request deletion of your personal data
Right to Restrict Processing: Limit how we use your data
Right to Data Portability: Receive your data in a portable format
Right to Object: Object to certain types of processing
Right to Withdraw Consent: Withdraw consent for consent-based processing

To exercise any of these rights, please contact us using the information provided in the Contact section below. We will respond to your request within 30 days.

9. Cookies and Tracking Technologies

9.1 Types of Cookies

We use cookies and similar tracking technologies to enhance your experience on our platform:

Essential Cookies: Necessary for basic platform functionality
Performance Cookies: Help us understand how you use our service
Functional Cookies: Remember your preferences and settings
Marketing Cookies: Used for advertising and personalization (with consent)

9.2 Cookie Management

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our Service.

10. International Data Transfers

Your information may be transferred to and processed in countries outside of your residence. We ensure that such transfers comply with applicable data protection laws through:

Adequacy decisions by the European Commission
Standard Contractual Clauses (SCCs)
Binding Corporate Rules (BCRs)
Other appropriate safeguards as required by law

11. Children's Privacy

Our Service is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

Posting the updated Privacy Policy on our website
Sending you an email notification (if you have an account)
Displaying a prominent notice on our platform

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

Data Protection Contact: contact@corestaurant.ch
Website: CoRestaurant.ch

For GDPR-related inquiries or to exercise your privacy rights, please include "Privacy Request" in your email subject line.

14. Supervisory Authority

If you are located in the European Economic Area (EEA), you have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not complied with applicable data protection laws.