Skip to content
Sufra logoSufra iconعربي
Chat on WhatsApp

Privacy Policy

Last updated: March 2026

1. Introduction

At Sufra, we respect your privacy and are committed to protecting your personal data. This policy explains how we collect, use, and protect your information when using our platform.

2. Data We Collect

We collect the following information: restaurant data (name, address, contact information), menu content (dish names, prices, images, descriptions), account data (email, encrypted password or OAuth provider identifier), and aggregated analytics data (menu views, QR scans).

2.1 Sign in with Google

When you choose "Continue with Google" to create an account or sign in, we receive only the following information from Google via the OAuth 2.0 protocol:

  • Email address
  • Full name as set on your Google account
  • Profile picture (public URL)
  • A stable, unique Google account identifier (Google Sub ID)

We use this data exclusively to create your Sufra account, authenticate your sign-in sessions, and display your name and avatar inside the dashboard. We do not request access to any other Google service (Gmail, Drive, Calendar, Photos, etc.).

You can revoke Sufra's access at any time via your Google account permissions page. Revoking access does not delete your Sufra account; to delete your account, email us at [email protected].

3. How We Use Your Data

We use your data to provide and improve our services, display your restaurant's digital menu, provide aggregated statistics about menu performance, communicate with you about your account and subscription, and improve the user experience on our platform.

4. Menu Visitor Data

We do not request any personal information from digital menu visitors. They do not need to create an account or log in. We only collect aggregated, non-personal analytics data such as visit counts and session duration.

5. Data Protection

We use SSL/TLS encryption to protect data in transit. Passwords are encrypted and inaccessible. We use trusted hosting services with enterprise-level protection.

6. Data Sharing

We do not sell or share your personal data with third parties. We may share data with service providers necessary for platform operation (such as hosting services), subject to strict data protection agreements.

7. Your Rights

You have the right to access your personal data, correct any inaccurate information, request deletion of your data, and export your data. You can exercise these rights by contacting us at [email protected].

8. Cookies

We use only essential cookies necessary for platform operation. We do not use advertising or tracking cookies.

9. Contact

For any questions about this privacy policy, you can reach us at: [email protected]