CIRCL Pte. Ltd. — Privacy Policy

This Privacy Policy applies to FoodTrail, a mobile application available on the Apple App Store and Google Play Store, and to the website foodtrail.it, all operated by CIRCL Pte. Ltd. ("CIRCL," "we," "us," or "our").

Last updated: 1 Sep 2025

Quick Summary for Users

This summary highlights key points. Please read the full policy below.

• We collect account info (Google/Apple login), optional profile details, location only while you use the app (no background tracking), device/usage data, your posts, and—for merchants—identity & business registration info for compliance.
  
• FoodTrail is designed as a restaurant marketing platform: content you post may be used for marketing and promotions. If you do not agree, you should not post.
  
• Payments are handled by third‑party processors using tokenization; we do not store raw card numbers.
  
• We use service providers (e.g., hosting, communications, analytics, payments). We do not sell personal data.
  
• AI helps with recommendations and moderation but can be inaccurate.
  
• Content may remain visible if already shared or reposted, even after account deletion.
  
• Contact: support@foodtrail.it for rights requests (access, correction, deletion, etc.).
  

1. Scope

This Policy applies to all users worldwide (consumers and merchants) of the FoodTrail app and foodtrail.it. By using the Service, you consent to the practices described here.

2. Data We Collect

• Identity Data: Name and email from Google/Apple login; optional phone, address, date of birth, gender, social accounts, affiliations, preferences.
  
• Location Data: Accessed only while you actively use the app with location services enabled. We do not collect location in the background.
  
• Payment Data: Processed securely by third‑party payment processors via tokenization; we do not store raw card details.
  
• Device & Usage Data: Device identifiers, IP address, app events, log files, cookies, analytics.
  
• Content Data: Photos, captions, lists, votes, comments, preferences you share.
  
• Compliance / Merchant Data: Identity verification and business registration info collected for legal/regulatory compliance (e.g., merchant onboarding).
  
• Communications Data: Messages you send us (support, feedback) and notification preferences.
  

3. How We Use Data

We and our service providers may use data to:

• Operate, maintain, and improve the Service.
  
• Respond to requests, provide support, and communicate about accounts, rewards, and updates.
  
• Verify identity, process payments, prevent fraud/abuse.
  
• Moderate, classify, and recommend content (AI‑assisted; may be inaccurate).
  
• Conduct analytics, research, and statistical analysis.
  
• Enforce contractual and legal rights/obligations.
  

Marketing Use: Because FoodTrail is a social media and marketing platform, content you post may be used for marketing and promotional purposes. If you do not agree, you should not post content.

4. Sharing of Data

We may share data with:

• Service Providers: Third‑party providers that help us operate the Service (payment processors, hosting, communications, analytics, customer support, etc.).
  
• Merchants & Partners: To fulfill orders, rewards, fraud prevention, compliance, and verification.
  
• Authorities: To comply with legal obligations, lawful requests, or protect safety, rights, or property.
  

5. App Permissions

• Location: Foreground use only, to show nearby venues and personalize results.
  
• Camera: If you capture and upload photos.
  
• Photo Library / Storage: If you upload existing media.
  
• Notifications: To send updates about accounts, rewards, or promotions.
  Permissions require your consent and can be revoked in device settings.
  

6. Cookies & Tracking

We use cookies and similar tech for authentication, session maintenance, analytics, and personalization. Third‑party analytics may collect aggregated usage data.

7. Third‑Party Content & Links

We are not responsible for the privacy practices or content of external sites. Use of those services is at your own risk.

8. Data for Advertising & Analytics

We may use aggregated or de‑identified data for analytics, research, and advertising. We do not sell personal data.

9. International Transfers & Safeguards

We may process your data in countries outside your own. We take steps to ensure adequate protection, including contracts and industry‑standard safeguards, consistent with applicable law.

10. Retention of Data & Content

We retain personal data as long as needed for the Service and to meet legal obligations. Transaction records may be retained as required by law. Content you share may remain visible if reposted or cached by others, even after your account is deleted.

11. Law Enforcement & Safety

We may disclose information to comply with legal obligations, lawful requests, and to protect the safety, rights, or property of CIRCL, users, or the public.

12. AI Disclaimer

Moderation, tagging, and recommendations are AI‑assisted and may be inaccurate. CIRCL disclaims liability for reliance on AI outputs.

13. Payment Services & Compliance

We process payment‑related information for fraud monitoring, risk, and compliance. We may share necessary data with payment processors, financial institutions, card networks, compliance vendors, and regulators as required by law. We do not store raw card numbers.

14. Legal Bases for Processing (GDPR)

If you are in the EU/EEA, we process personal data where:

• Necessary to perform our contract with you (to provide the Service).
  
• Necessary to comply with legal obligations.
  
• Necessary for our legitimate interests (to operate, secure, and improve the Service).
  
• You have given consent (e.g., app permissions).
  

15. Your Rights

Depending on your location, you may have rights under data protection laws (including GDPR and CCPA/CPRA):

• Access your personal data.
  
• Correct inaccurate data.
  
• Request deletion of your data.
  
• Request a copy of your data (portability).
  
• Restrict or object to processing in certain cases.
  

You can exercise rights by contacting support@foodtrail.it. We may limit or decline requests where legally permitted. We will not discriminate against you for exercising your rights.

16. Children & Minors

The Service is intended for users aged 13+. We do not knowingly collect data from children under 13. Parents/guardians may contact us to request deletion of a child’s data.

17. Security & Breach Notification

We use safeguards such as restricted access, encryption, monitoring, and secure destruction when data is no longer needed. Payments use tokenization via third‑party processors. No system is 100% secure. We will notify users of data breaches where required by law.

18. Rights to Disclose

We may disclose personal data to legal, regulatory, governmental, tax, or law enforcement authorities, or rights owners, where we have reasonable grounds to believe disclosure is necessary to meet obligations or comply with investigations.

19. Changes to this Policy

We may update this Privacy Policy from time to time. Updates will be posted at foodtrail.it. Continued use of the Service after changes constitutes acceptance.

20. Contact Us

CIRCL Pte. Ltd.
Email: support@foodtrail.it

By using FoodTrail, you agree to the terms of this Privacy Policy.