Privacy Policy

Last updated: 21 June 2026

This Privacy Policy explains how Eatza and the restaurants that use our platform collect, use, and protect your personal data when you place an order online or in person.

1. Who controls your data

When you place an order through an Eatza-powered ordering page, your personal data is collected and controlled by the restaurant you are ordering from. Eatza acts as a data processor on their behalf, providing the technology platform that enables ordering.

2. What data we collect

• Contact details: first name, last name, email address, phone number
• Delivery information: delivery address (if applicable)
• Order history: items ordered, sizes, options, totals, payment method used
• Marketing preferences: whether you opted in to receive offers and news from the restaurant

3. How we use your data

Your data is used to:

• Process and fulfil your order
• Contact you about your order if required
• Send you order confirmation (where email is provided)
• Send you marketing communications from the restaurant — only if you explicitly opted in
• Maintain a record of your order history so the restaurant can serve you better

We do not sell your personal data to third parties.

4. Marketing communications

If you ticked the box to receive offers and news from the restaurant at checkout, we will use your email address to send you marketing messages on behalf of that restaurant. You can opt out at any time by contacting the restaurant directly or by using the unsubscribe link in any marketing email.

5. Data retention

Your personal data is retained for as long as necessary to fulfil orders and maintain business records, typically up to 3 years. You may request deletion of your personal data at any time (see Section 7).

6. Data security

We take reasonable technical measures to protect your data including encrypted connections (HTTPS) and access controls. No payment card data is stored — card payments are processed by our payment providers.

7. Your rights (GDPR)

Under UK GDPR, you have the right to:

• Access — request a copy of the personal data held about you
• Rectification — ask us to correct inaccurate data
• Erasure — request deletion of your personal data ("right to be forgotten")
• Restriction — ask us to limit how we use your data
• Portability — receive your data in a structured, machine-readable format
• Object — object to processing for marketing purposes at any time

To exercise any of these rights, contact the restaurant you ordered from directly, or contact us using the details below.

8. Cookies

The ordering pages use only technically necessary session data to process your order. No advertising or tracking cookies are used.

9. Changes to this policy

We may update this policy from time to time. The date at the top of this page reflects the most recent update. Continued use of the service after changes constitutes acceptance of the updated policy.