Savorly

Savorly Privacy Policy

Last updated: March 2026

At Savorly, we take the privacy and protection of our users' personal data seriously.

This Privacy Policy explains how we collect, use, store, and protect personal data when you access or use our platform, including our website, admin panel, digital menus, public pages accessible via QR code, and any other service-related features.

This policy applies to:

  • Restaurants, bars, cafes, hotels, or other businesses that use Savorly.
  • Administrators, employees, or authorized representatives of these businesses.
  • Individuals who access public digital menus via QR code, web link, or other means.
  • Individuals who contact Savorly through forms, email, or other channels.

The processing of personal data is carried out in accordance with the European Union General Data Protection Regulation, Spanish Organic Law 3/2018 on the Protection of Personal Data and guarantee of digital rights, and other applicable regulations.

1. Data Controller

Hereinafter, "Savorly", "we", or "the platform".

For any questions about privacy or data protection, you can write to us at support@savorly.me.

2. What is Savorly

Savorly is a technology platform that enables restaurants and hospitality businesses to create, manage, and publish digital menus accessible via web links and QR codes.

Savorly is not a restaurant, does not sell food or beverages, does not prepare orders, and does not intervene directly in the commercial relationship between the restaurant and its customers.

Restaurants are responsible for the content they publish on their digital menus, including dish names, prices, ingredients, images, allergens, availability, and descriptions.

3. Personal Data We Collect

The data we collect depends on the type of user and how the platform is used.

3.1. Restaurant and Professional User Data

When a restaurant or business creates an account on Savorly, we may collect:

  • User's first and last name.
  • Email.
  • Phone number, if provided.
  • Position or role within the restaurant.
  • Encrypted password.
  • Restaurant trade name.
  • Legal name, if applicable.
  • Tax or business address.
  • Billing information.
  • Subscribed plan information.
  • Configuration preferences.
  • Communications with support.
  • Activity history within the platform.

3.2. Restaurant Data Published on the Digital Menu

The restaurant can enter and publish information that will be visible to consumers who access the digital menu.

This information may include:

  • Restaurant name.
  • Logo.
  • Restaurant images.
  • Address.
  • Hours.
  • Contact information.
  • Social media links.
  • Menu sections.
  • Dishes, drinks, or products.
  • Dish images.
  • Descriptions.
  • Ingredients.
  • Allergens.
  • Prices.
  • Tags, recommendations, or featured information.
  • Availability information.

3.3. Consumer or Visitor Data from the Public Menu

Consumers can access the public digital menu without creating an account.

When someone scans a QR code or visits a digital menu, we may collect technical or usage data, such as:

  • IP address.
  • Date and time of access.
  • Device type.
  • Operating system.
  • Browser.
  • Approximate browser language.
  • Pages or sections visited.
  • Basic interactions with the menu.
  • Restaurant or QR code used to access.
  • Approximate location data derived from IP, if analytics tools are used.
  • Cookies or simple technical identifiers, when necessary for service operation.

This data is used to enable the technical operation of the service, improve the user experience, generate aggregate statistics for the restaurant, and protect platform security.

3.4. Contact and Support Data

If you contact Savorly via email, form, chat, social media, or other channels, we may process:

  • Name.
  • Email.
  • Phone, if you provide it.
  • Company or restaurant.
  • Message content.
  • Voluntarily submitted attachments.
  • Communication history.

3.5. Payment and Billing Data

If you subscribe to a paid plan, we may process:

  • Name or legal name.
  • Tax address.
  • Billing email.
  • Subscribed plan.
  • Amount.
  • Payment date.
  • Subscription status.
  • Invoice history.

Savorly does not directly store complete bank card data when payments are managed by Stripe.

3.6. Image and Content Data

When the restaurant uploads images, logos, photos, or text to Savorly, this content may be stored, processed, and technically optimized for display on the digital menu.

For example, we may perform:

  • Image resizing.
  • Format conversion.
  • Mobile loading optimization.
  • Storage on servers or external storage services.
  • Thumbnail or adapted version generation.

The restaurant must ensure it has the rights to use and publish that content.

3.7. Data Processed via Machine Translation or AI

Savorly may offer automatic translation or text assistance features to help restaurants prepare their menu content.

In such cases, text, dish names, descriptions, ingredients, or other information entered by the restaurant may be processed by technology providers such as OpenAI or Anthropic, solely to provide that functionality.

Savorly does not recommend entering particularly sensitive information in fields not intended for it.

When these features involve external providers, Savorly will adopt reasonable measures to protect data and limit processing to what is necessary to provide the service.

4. Purposes of Processing

Savorly may process personal data for the following purposes:

4.1. Provide the Contracted Service

We use the data to:

  • Create and manage user accounts.
  • Enable access to the back office.
  • Create and publish digital menus.
  • Generate links and QR codes.
  • Display the public menu to consumers.
  • Manage images, sections, dishes, prices, and settings.
  • Enable restaurant administration.
  • Provide features included in each plan.

4.2. Manage the Contractual Relationship

We process data to:

  • Manage subscriptions.
  • Process payments.
  • Issue invoices.
  • Manage renewals, cancellations, or plan changes.
  • Communicate relevant information about the service.
  • Resolve account-related issues.

4.3. Customer Service and Support

We process data to:

  • Respond to inquiries.
  • Resolve technical issues.
  • Support restaurants.
  • Manage requests or complaints.
  • Improve service quality.

4.4. Security and Abuse Prevention

We may process technical data and activity logs to:

  • Detect unauthorized access.
  • Prevent fraud.
  • Protect user accounts.
  • Avoid misuse.
  • Analyze technical errors.
  • Maintain platform stability and security.

4.5. Statistics and Product Improvement

We may use usage data to:

  • Measure visits to digital menus.
  • Analyze sections or dishes viewed.
  • Generate statistics for restaurants.
  • Improve user experience.
  • Optimize system performance.
  • Identify most-used features.
  • Make product decisions.

Whenever possible, these statistics will be used in aggregate or anonymized form.

4.6. Operational Communications

We may send communications related to:

  • Account security.
  • Important service changes.
  • Billing.
  • Renewals.
  • Technical issues.
  • Legal updates.
  • Notices necessary for platform operation.

These communications are not promotional and are necessary for the provision of the service.

4.7. Marketing Communications

When there is a legal basis to do so, we may send information about:

  • New features.
  • Product improvements.
  • Promotions.
  • Usage tips.
  • Offers related to Savorly.

Users may opt out or unsubscribe from these communications at any time.

4.8. Legal Compliance

We may process data to comply with legal, tax, accounting, administrative obligations, or requirements from competent authorities.

5. Legal Basis for Processing

The legal basis for processing your data will depend on each purpose.

5.1. Contract Performance

We process data on this basis when necessary to provide the contracted service, manage the account, publish the digital menu, process payments, or manage the subscription.

5.2. Consent

We may process data based on consent when:

  • You subscribe to non-essential marketing communications.
  • You accept the use of cookies or optional functions when required.
  • You authorize certain optional functionalities.
  • You give consent for specific processing.

You can withdraw your consent at any time, without affecting the lawfulness of processing conducted previously.

5.3. Legitimate Interest

We may process data based on legitimate interest to:

  • Maintain platform security.
  • Prevent fraud or abuse.
  • Improve the service.
  • Analyze feature usage.
  • Send marketing communications about similar services to existing customers, when permitted by law.
  • Manage claims or defend our rights.

5.4. Legal Obligation

We process data when necessary to comply with legal, tax, accounting obligations, or requirements from authorities.

6. Publicly Visible Data

The restaurant understands that certain data entered into Savorly may be published on pages accessible via QR code or web link.

This may include:

  • Restaurant name.
  • Images.
  • Menu.
  • Dishes.
  • Prices.
  • Descriptions.
  • Ingredients.
  • Allergens.
  • Hours.
  • Address.
  • Contact information.
  • Restaurant business information.

The restaurant should avoid publishing unnecessary personal data in publicly visible fields.

For example, it should not include employee personal data, private phone numbers, identity documents, sensitive information, or any data not necessary to display the digital menu.

7. Data Retention

We will retain personal data for as long as necessary to fulfill the purposes for which it was collected.

In general:

  • Account data will be retained while the account remains active.
  • Restaurant data will be retained while the restaurant uses Savorly.
  • Billing data will be retained for the periods required by tax and accounting regulations.
  • Technical and security logs will be retained for as long as necessary to protect the platform and resolve incidents.
  • Support communications will be retained for as long as necessary to manage the inquiry and any potential claims.
  • Data processed with consent will be retained until you withdraw that consent.
  • Deleted data may remain for a limited time in backups.

When data is no longer necessary, it will be securely deleted or anonymized, unless there is a legal obligation to retain it.

8. Recipients and External Providers

Savorly may share data with providers who help us deliver the service.

Depending on the functionality used, these providers may include:

  • Hosting and infrastructure services.
  • Stripe, for payment processing.
  • OpenAI and Anthropic, when translation or text assistance features are used.
  • Technical tools necessary for platform security, storage, and operation.

These third parties will act, as applicable, as data processors or independent controllers, and will process data only for the purposes necessary to provide their services.

9. International Data Transfers

Some technology providers may be located outside the European Economic Area or process data from countries that do not offer the same level of protection as the European Union.

When this occurs, Savorly will adopt appropriate safeguards provided for by applicable regulations, such as:

  • European Commission adequacy decisions.
  • Standard contractual clauses.
  • Additional technical and organizational measures.
  • Data processing agreements with providers.

10. Cookies and Similar Technologies

Savorly uses simple cookies and similar technologies for the basic operation of the platform and to remember some preferences.

  • Maintain the technical operation of the site.
  • Remember the user's selected language.
  • Remember cookie notice acceptance and certain technical identifiers necessary for some functions.

We currently do not use a complex cookie category system for advertising or marketing on these informational pages.

If we add additional non-essential cookies in the future, we will update this policy and request consent when necessary.

11. Data Security

Savorly implements reasonable technical and organizational measures to protect personal data against:

  • Unauthorized access.
  • Accidental loss.
  • Alteration.
  • Unlawful disclosure.
  • Destruction.
  • Misuse.

These measures may include:

  • Password encryption.
  • Access controls.
  • Secure connections.
  • Backups.
  • Error monitoring.
  • Activity logging.
  • Internal permission restrictions.
  • Security updates.
  • Environment separation where applicable.

However, no computer system is completely secure. Users must protect their credentials and report any suspected unauthorized access.

12. User Rights

Data subjects may exercise the rights recognized by data protection regulations.

These rights include:

  • Access: know what personal data we process.
  • Rectification: correct inaccurate or incomplete data.
  • Erasure: request data deletion where applicable.
  • Objection: object to certain processing.
  • Restriction: request we limit data processing in certain cases.
  • Portability: receive data in a structured format and transmit it to another controller, where applicable.
  • Withdrawal of consent: withdraw previously granted consent.
  • Not to be subject to automated decisions: when such decisions produce legal effects or significantly affect you.
< class="mb-2 mt-0"p>To exercise these rights, you may write to:

Email: support@savorly.me

Your request should clearly indicate which right you wish to exercise and allow us to verify your identity if necessary.

You also have the right to file a complaint with the Spanish Data Protection Agency if you believe your data processing does not comply with applicable regulations.

13. Processing of Minors' Data

Savorly is primarily intended for restaurants, hospitality businesses, and professional users.

The platform is not designed to intentionally collect personal data from minors.

If we detect that we have collected personal data from a minor without adequate legal basis, we will delete it as soon as reasonably possible.

14. Restaurant Responsibility as Savorly User

The restaurant is responsible for the personal data it enters or publishes on Savorly.

This includes, for example:

  • Employee data included in profile or menu.
  • Personal phone numbers.
  • Personal emails.
  • Images featuring identifiable individuals.
  • Third-party information.
  • Data published in publicly visible fields.

The restaurant must ensure it has sufficient legal basis to publish or process such data.

Savorly will not be responsible for personal data that the restaurant improperly publishes on its digital menu or public profile.

15. Savorly as Data Processor

In some cases, Savorly may act as a data processor regarding personal data that the restaurant enters on the platform pertaining to its own customers, employees, or third parties.

In such cases:

  • The restaurant will act as data controller.
  • Savorly will act as data processor.
  • Savorly will process such data following the restaurant's instructions and solely to provide the service.
  • The restaurant will be responsible for informing data subjects and having the appropriate legal basis.

16. Automated Decisions and Profiling

Savorly may use usage data to generate statistics, recommendations, or aggregated analysis.

Unless expressly stated otherwise, Savorly does not make automated decisions that produce legal effects on users or similarly significantly affect them.

If advanced profiling, personalized recommendations, or relevant automation features are implemented in the future, users will be informed in accordance with applicable regulations.

17. Marketing Communications

Savorly may send marketing communications to professional users when there is a legal basis to do so.

These communications may include:

  • Information about new features.
  • Usage tips.
  • Product improvements.
  • Content related to digital menus, hospitality, or digitalization.

Users may unsubscribe at any time via the link included in communications or by writing to support@savorly.me.

18. Links to External Sites

Digital menus, the Savorly website, or restaurant profiles may contain links to external sites, social networks, maps, payment gateways, or other third-party services.

Savorly is not responsible for the privacy policies, terms, or practices of such external sites.

We recommend reviewing the privacy policies of each service before providing personal data.

19. Changes to this Privacy Policy

Savorly may modify this Privacy Policy to adapt to legal, technical, operational, or commercial changes.

When changes are significant, users will be notified via the platform, email, or other reasonable means.

The updated version will always be available on the Savorly website.

20. Contact

For any inquiries regarding this Privacy Policy or personal data processing, you may contact us at:

Savorly

Access the restaurant menu in seconds from your phone.

Own a restaurant?

Publish your menu with us

Contact Us: sales@savorly.me

© 2026 Savorly. All rights reserved.

Privacy Policy | Terms and Conditions

Copied to clipboard
Done! Added to your order