QR Restaurant Menu Logo QR Restaurant Menu Digital Menu
Privacy

Privacy Policy

This Privacy Policy explains how personal data is processed on the website and in connection with the use of QR Restaurant Menu.

Important: Before publishing, replace all placeholders (company name, legal form, address, email, VAT/UID, court venue, hosting/service providers).

Last updated: 2026-02-25

1. Controller

The controller for the data processing described in this Privacy Policy is: [Company name / legal form], [Address], [ZIP City], Switzerland, email: [Email address], phone: [Phone number optional].

If a dedicated privacy contact exists, it can be reached at [Privacy email].

2. Applicable data protection law

We process personal data primarily in accordance with the Swiss Federal Act on Data Protection (FADP / revFADP) and the related ordinance (DPO).

Where applicable (e.g. offers to persons in the EEA), we also observe the requirements of the EU General Data Protection Regulation (GDPR).

3. Categories of personal data we process

We only process data that is necessary for operating the website, providing the platform, performing contracts, ensuring security and handling communications.

  • • Master data (e.g. name, restaurant name, business address, contact details)
  • • Communication data (e.g. email content, support requests, contact form information)
  • • Contract and invoice data (booked plan, invoices, payment status, correspondence)
  • • Usage and log data (IP address, timestamps, pages visited, browser/device information, referrer, log files)
  • • Content data (menu categories, items, prices, descriptions, images, PDFs, logos, slogans)
  • • Technical data related to QR code access and menu display

4. Purposes of processing

  • • Providing the website and SaaS platform
  • • Creating, managing and delivering digital menus
  • • User account administration and customer support
  • • Invoicing and receivables management
  • • Security measures, misuse detection and system stability
  • • Improving features and user experience
  • • Compliance with legal obligations

5. Contact form and communications

If you contact us via the contact form, email or other channels, we process your information to handle your request and any follow-up questions.

Required fields are needed so that we can reasonably respond to your request.

6. Account, menu management, PDF import and AI functions

If you create an account or use the platform, we process the registration, management and content data required for this purpose.

For PDF imports and AI-assisted menu structuring, we process the files you upload and the structured content derived from them in order to detect categories, items and prices and insert them into the menu management.

Please only upload content you are allowed to process and that does not contain unnecessary personal data.

7. Invoicing and payments (without payment gateway)

We issue invoices directly (e.g. by email invoice). Payments may be made, depending on agreement, for example by bank transfer.

In this context, we process invoice and payment information (e.g. billing address, amount, payment status, reference numbers).

As a rule, we do not process credit card data if no external payment gateway is used.

8. Cookies and similar technologies

We use cookies and similar technologies where technically necessary (e.g. security, language settings or session functions).

If we use optional analytics, tracking or marketing technologies, we provide separate information and obtain consent where required.

You can also manage or delete cookies in your browser. Please note that this may limit website functionality.

9. Disclosure to third parties and processors

We only disclose personal data where this is necessary for service provision, required by law or based on an appropriate legal basis.

Recipients may include in particular IT/hosting providers, email/communication services, backup/infrastructure providers and other technical processors.

If external analytics or support tools are used, these are disclosed transparently in this Privacy Policy and/or in the consent tool.

10. International data transfers

Service providers may be located in Switzerland, the EEA or other countries.

If data is transferred to countries without an adequate level of protection, we ensure appropriate safeguards where required (e.g. standard contractual clauses) or rely on a statutory exception.

11. Retention period

We retain personal data only for as long as necessary for the respective purposes or as required by legal retention obligations.

Contract and invoice data is generally retained as long as statutory record-keeping and evidence obligations require.

Log data and technical records are generally retained for a limited period unless longer retention is required for security or evidence purposes.

12. Rights of data subjects

Depending on the applicable law, you may in particular have the right to access, rectification, erasure, restriction of processing, objection to certain processing, and data delivery or transfer.

You may also withdraw consent at any time with effect for the future.

If a legally relevant automated individual decision exists, information and review rights may apply.

To exercise your rights, please contact us using the contact details above. We may request proof of identity.

13. Data security

We implement appropriate technical and organizational security measures to protect personal data against unauthorized access, loss, misuse or alteration.

Despite appropriate measures, absolute data security cannot be guaranteed for internet transmissions.

14. Changes to this Privacy Policy

We may update this Privacy Policy if data processing activities, legal requirements or the services used change.

The version published on this website applies.

Contact us View pricing