DineFlow

DineFlow legal

Privacy Policy

This policy explains how DineFlow collects, uses, shares, stores, and protects information across our mobile application, web workspace, branded menu pages, and restaurant ordering services.

Effective July 3, 2026

1. Who this policy covers

DineFlow is a restaurant operations platform operated by Haroo Technologies. It includes tools for branded digital menus, QR and table ordering, point of sale, inventory, kitchen operations, analytics, branches, tables, shifts, and staff workflows.

This policy applies to restaurant owners, managers, staff members, customers who place orders through a DineFlow-powered menu, and visitors to DineFlow websites. A restaurant may also be responsible for how it uses customer information in its own workspace. Questions about a specific restaurant's practices should be directed to that restaurant.

2. Information we collect

Account and identity information

Name, email address, phone number, authentication and verification records, profile information, staff role, account status, and restaurant membership.

Restaurant and operational information

Restaurant profiles, branches, addresses, contact details, tables, branded menu settings, categories, menu items, prices, uploaded images, QR codes, inventory, suppliers, recipes, stock movements, shifts, waiter calls, and related operational records.

Orders and customer information

Order contents, quantities, notes, table or order type, customer name and phone number, phone verification status, order status, amounts, payment method and payment status. DineFlow does not require full payment-card numbers to provide its current application features.

Device, usage, and security information

IP address, browser and device type, app version, timestamps, notification tokens, QR scan activity, menu views, request and security logs, and diagnostic information needed to operate and protect the service.

Information you choose to upload

Restaurant logos, cover images, menu-item photographs, and other images selected through your device's system photo picker.

3. How we use information

  • Create, verify, secure, and administer user accounts.
  • Provide restaurant menus, QR ordering, POS, inventory, kitchen, analytics, branch, table, shift, and notification features.
  • Publish restaurant-approved information on public branded menu and discovery pages.
  • Process and communicate orders between customers and authorized restaurant staff.
  • Send OTP verification, transactional, operational, security, and support communications.
  • Measure QR scans, menu engagement, order performance, reliability, and feature usage.
  • Detect misuse, investigate incidents, enforce our terms, and maintain service security.
  • Comply with applicable accounting, tax, legal, and regulatory obligations.
We do not sell personal information.

We do not use information from DineFlow restaurant workspaces to sell third-party advertising profiles.

4. Public menu information

Restaurants can choose to publish branded menu pages and restaurant discovery information. Published content may include the restaurant name, logo, cover image, address, contact details, branches, menu categories, item names, descriptions, prices, dietary information, and photographs. Public pages may be indexed by search engines.

Account credentials, private inventory records, staff records, internal analytics, and private operational data are not intended to appear on public menu pages.

5. When we share information

We may disclose information in these limited circumstances:

  • Within a restaurant workspace: to owners, managers, and authorized staff according to their role and restaurant membership.
  • With customers: limited restaurant, menu, order, and status information needed to provide ordering and tracking.
  • With service providers: vendors supporting cloud hosting, storage, email or OTP delivery, notifications, monitoring, and technical support, subject to appropriate obligations.
  • For legal and safety reasons: when required by law or reasonably necessary to protect users, restaurants, DineFlow, or the public.
  • Business changes: as part of a merger, financing, acquisition, reorganization, or sale of assets, subject to applicable law and continued protection of the information.

6. Mobile app permissions

Permission or accessWhy DineFlow uses it
Internet accessConnects the app to DineFlow services, synchronizes restaurant data, and processes requests.
NotificationsShows order, kitchen, waiter-call, account, and operational alerts when you allow notifications.
Photos or media selectionLets you choose restaurant branding and menu images using the device's system picker. DineFlow does not request unrestricted access to your entire photo library through its Android manifest.
Secure local storageStores authentication tokens and limited session information on the device so you can remain signed in securely.

You can manage notification permission in your device settings. Disabling notifications does not prevent you from viewing information inside the app.

7. Security

We use administrative, technical, and organizational safeguards designed to protect information, including authenticated access, role and restaurant-level authorization, secure token storage, access logging, and protected production connections. No system can guarantee absolute security, and users should protect their devices and account verification methods.

8. Data retention

We keep information only for as long as reasonably needed for the purposes described in this policy. Retention depends on the type of information and legal or operational requirements.

InformationTypical retention approach
Account and restaurant workspace dataWhile the account or workspace is active, and for a limited period afterward to support recovery, security, and deletion processing.
Orders, POS, shift, and transaction recordsAs needed by the restaurant for operations and by applicable accounting, tax, dispute, fraud-prevention, or legal requirements.
OTP and security recordsFor short operational or security periods, unless longer retention is required to investigate abuse.
Public menu contentUntil the restaurant removes it, unpublishes it, closes its workspace, or requests deletion, subject to search-engine caching outside our direct control.
Backups and logsFor limited backup, continuity, troubleshooting, and security cycles before routine deletion or replacement.

When deletion is appropriate, information is deleted or anonymized. Some records may be retained where required for security, fraud prevention, legal compliance, or legitimate restaurant accounting obligations.

9. Your privacy choices

Depending on your location and relationship with DineFlow, you may request access to, correction of, deletion of, or a copy of eligible personal information. You may update certain account and restaurant information directly in the app.

  • Manage notification permission through your device settings.
  • Update profile, restaurant, menu, and branding information through authorized app features.
  • Contact the restaurant directly regarding information submitted to that restaurant through an order.
  • Contact DineFlow for account or privacy requests using the details below.

We may need to verify your identity and authority before completing a request.

10. Account and data deletion

DineFlow users can initiate an account deletion request from the app or through our public account deletion page. Eligible account data will be deleted or anonymized after verification, except information that must be retained for legitimate security, fraud-prevention, accounting, tax, dispute, or legal reasons.

Request DineFlow account deletion

Visit the DineFlow account deletion page for the request process and a description of information that may be retained.

11. Children's privacy

DineFlow restaurant management accounts are intended for adults and authorized restaurant staff. DineFlow is not directed to children under 13, and we do not knowingly create management accounts for children. If you believe a child has provided personal information improperly, contact us so we can investigate and take appropriate action.

12. International processing

DineFlow and its service providers may process information in countries other than the country where you live. Where required, we use appropriate safeguards for these transfers and continue to protect information as described in this policy.

13. Changes to this policy

We may update this policy as DineFlow changes or legal requirements evolve. We will publish the revised policy on this page and update the effective date. If a change materially affects how we handle personal information, we may provide an additional notice through the app, website, or account contact information.

14. Contact us

For privacy questions, rights requests, or concerns about DineFlow's handling of information, contact Haroo Technologies using the details below.

Privacy and support emailsupport@dineflow.et
ProductDineFlow by Haroo Technologies