Privacy Policy | OrderMyAI

How OrderMyAI and Safentra Limited collect, use, retain, and protect personal data.

Introduction

This Privacy Policy explains how Safentra Limited, trading with the OrderMyAI product name, collects and uses personal data when restaurants, prospects, staff users, or end customers interact with our website, software, WhatsApp ordering workflows, tablet applications, and related support channels.
OrderMyAI is intended for business use by restaurants and takeaways. Where we process personal data on behalf of a restaurant customer, that restaurant may act as the controller and Safentra Limited may act as a processor or service provider, depending on the circumstances.

Business contact details such as name, restaurant name, email address, phone number, and enquiry content submitted through our website or sales process.
Restaurant account data such as staff names, login details, menu data, order settings, product availability, and operational preferences.
Order data such as customer name where supplied, customer phone number, order contents, notes, payment method, order status, print status, collection timing, and repeat-order history linked to a phone number.
Technical data such as IP address, browser type, device information, logs, authentication events, and analytics data where analytics is enabled.
Data received through Meta or WhatsApp integrations may include WhatsApp identifiers, message content necessary to process an order, timestamps, and related conversation metadata.

To provide, secure, maintain, and improve OrderMyAI services.
To create, confirm, manage, print, and display restaurant orders.
To help restaurant staff identify repeat customers and view relevant order history.
To respond to enquiries, provide onboarding, technical support, and service notices.
To comply with applicable law, enforce our terms, prevent misuse, and protect our rights and users.
To measure website performance and marketing effectiveness where permitted and where analytics is enabled.

If OrderMyAI uses Meta APIs or WhatsApp Business Platform features for a restaurant, we use data received through those services only to provide the requested messaging, ordering, support, and operational features.
We do not sell personal data received from Meta or WhatsApp.
We do not use Meta or WhatsApp data for unrelated advertising profiles.
Access to Meta or WhatsApp data is limited to authorised systems, service providers, and personnel who need it to provide or support the service.

We may share data with trusted service providers that help us host, operate, secure, analyse, or support the service.
We may share order and customer information with the restaurant that receives or fulfils the order.
We may disclose information if required by law, regulation, legal process, or to protect the rights, property, and safety of Safentra Limited, our customers, or others.
We do not sell personal data.

Where UK GDPR or EU GDPR applies, we may process personal data because it is necessary to perform a contract, because we have a legitimate interest in operating and improving our business software, because we must comply with legal obligations, or because consent has been provided for specific processing.

We keep personal data only for as long as reasonably necessary for the purposes described in this policy, including service operation, account administration, legal compliance, dispute resolution, security, and backup requirements.
Restaurant order and customer-history records are retained according to the restaurant account settings, contractual requirements, and operational needs unless deletion is requested and legally permitted.

We use reasonable technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.
No internet or messaging system is completely secure. Restaurants should ensure their own staff access, devices, and WhatsApp Business settings are managed responsibly.

Depending on your location and relationship with us, you may have rights to access, correct, delete, restrict, object to, or receive a copy of your personal data.
To make a privacy request, contact us using the details on this page. If your request relates to an order placed with a restaurant, we may direct you to that restaurant where it controls the data.

Service providers may process data in countries outside the UK or European Economic Area. Where required, we use appropriate safeguards for such transfers.

Privacy requests can be sent through the contact form on this website or by writing to Safentra Limited, registered in England and Wales, company number 17253757.