How What Can I Eat Here handles your data.

Overview

What Can I Eat Here helps users create diet profiles and receive restaurant menu recommendations. This policy explains what we collect, how we use it, and how users can request or complete account deletion.

Information We Collect

• Account information such as name, email address, password hash, email verification status, plan, and account status.
• Diet profile information such as diet style, calorie target, allergies, foods to avoid, weight goals, and free-form goals entered by the user.
• Restaurant lookup information such as restaurant names, locations or ZIP codes, pasted menu URLs or menu notes, AI usage counts, saved orders, and meal logs.
• Technical and security information such as signup IP address, last login IP address, timestamps, browser/session cookies, rate-limit counters, and admin notes needed for abuse prevention or support.
• Payment/subscription information from PayPal, including subscription ID, plan, payment status, and webhook events. We do not store full card numbers.

How We Use Information

• To create and manage user accounts.
• To personalize restaurant recommendations based on diet goals and restrictions.
• To enforce free and paid usage limits and prevent abuse.
• To process subscriptions and account upgrades.
• To provide admin support, safety review, email verification, account notices, and optional marketing emails.

AI Providers And Menu Analysis

Restaurant, menu, and diet profile information may be sent to OpenAI's API to generate recommendations. Users should not enter sensitive medical information beyond what is needed for restaurant ordering. AI recommendations are informational and should not replace professional medical advice.

Payments

Paid subscriptions are processed through PayPal. PayPal may collect payment, billing, device, and account information under its own privacy policy. What Can I Eat Here stores subscription status and IDs needed to manage access.

Cookies And Sessions

We use cookies and server-side sessions to keep users logged in, protect accounts, and maintain dashboard access. We also store rate-limit and usage records to control API costs and detect abuse.

Advertising And Sponsored Placements

The site may display sponsored restaurant or diet-category placements. We may use account plan, restaurant searches, broad diet categories, and aggregate usage trends to decide where sponsored placements appear. We do not sell password, payment card, or private account credentials.

Data Retention

Account records are kept while the account is active. Saved orders, meal logs, usage records, subscription records, support/admin records, and security logs may be retained as needed for service operation, legal compliance, fraud prevention, accounting, and dispute handling.

Account Deletion

Users can delete their account at /account/delete. Deletion removes the user account, saved orders, meal logs, and usage records from the active account system. A minimal deletion log with hashed identifiers may be retained for security, abuse prevention, compliance, and audit purposes. PayPal subscriptions may also need to be cancelled through PayPal if active.

Children

What Can I Eat Here is not intended for children under 13. Users under the age required by their country or app store rules should not create an account.

Contact

For privacy or account questions, contact: support@whatcanieathere.com.