VendBase

Privacy Policy

Effective date: February 23, 2026

1. Information We Collect

We collect the following types of information:

  • Account information — Name, email address, and password when you create an Operator or Client account.
  • Business information — Business name, description, address, phone number, logo, and menu details provided by Operators.
  • Booking information — Event details, dates, guest counts, and messages exchanged between Clients and Operators.
  • Order information — Guest name, order items, and order status. Guests do not need an account to place orders.
  • Payment information — Payment processing is handled by Stripe. We do not store credit card numbers. See Stripe's Privacy Policy for details on how Stripe handles your data.
  • Usage data — Pages visited, features used, and general interaction patterns to improve the Service.

2. How We Use Your Information

We use your information to:

  • Provide and operate the Service
  • Process bookings and orders
  • Send transactional emails (booking confirmations, quotes, status updates)
  • Improve the Service and develop new features
  • Communicate important updates about your account or the Service
  • Prevent fraud and ensure security

3. Data Sharing

We do not sell your personal information. We share data only with the following third parties as necessary to operate the Service:

  • Supabase — Database hosting and authentication.
  • Stripe — Payment processing for Operators who accept online payments.
  • Vercel / Hosting provider — Application hosting and delivery.

We may also disclose information if required by law or to protect the rights, safety, or property of VendBase, our users, or the public.

4. Cookies

We use essential cookies to maintain your authentication session and preferences. We do not use third-party tracking or advertising cookies.

5. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., resolving disputes).

6. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your data in a portable format

To exercise any of these rights, contact us at support@vendbase.app.

7. Data Security

We use industry-standard measures to protect your data, including encrypted connections (HTTPS), secure authentication, and row-level security in our database. However, no method of transmission over the Internet is 100% secure.

8. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, contact us and we will delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. The updated policy will be effective when posted.

10. Contact

If you have questions about this Privacy Policy, contact us at support@vendbase.app.