SandoClubSandoClub
Back to Home

Privacy Policy

Last updated: February 19, 2026

SandoClub ("we", "us", or "our") operates the SandoClub platform. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our website and services.

1. Information We Collect

1.1 Information You Provide

  • Account Information: When you create an account, we collect your name and email address.
  • Restaurant Partner Information: If you register as a Restaurant Partner, we also collect your restaurant name, address, phone number, website URL, and business details needed for onboarding.
  • Payment Information: Payment details are collected and processed by Stripe. We do not store your full credit card number, CVV, or other sensitive payment credentials on our servers.
  • Communications: If you contact us for support, we collect the information you provide in those communications.

1.2 Information Collected Automatically

  • Usage Data: We may collect information about how you interact with the platform, including pages visited, features used, and actions taken.
  • Device Information: We may collect information about the device and browser you use to access the platform, including IP address, browser type, and operating system.
  • Analytics: We use Vercel Analytics to collect anonymous usage data to improve the platform experience.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the SandoClub platform
  • Process subscriptions and payments
  • Send transactional emails (account verification, subscription confirmations, billing notices)
  • Provide customer support
  • Detect, prevent, and address fraud or security issues
  • Comply with legal obligations

We do not sell your personal information. We do not send marketing emails unless you have opted in to receive them.

3. How We Share Your Information

We may share your information with:

  • Restaurant Partners: When you subscribe to a restaurant's offer, the Restaurant Partner can see your name and subscription status so they can fulfill your perks. They do not receive your email address, payment details, or other account information.
  • Stripe: We use Stripe to process payments. Stripe's collection and use of your information is governed by Stripe's Privacy Policy.
  • Service Providers: We may share information with third-party service providers that help us operate the platform (hosting, email delivery, analytics), subject to confidentiality obligations.
  • Legal Requirements: We may disclose your information if required by law, regulation, legal process, or governmental request.

4. Data Storage and Security

Your data is stored on Supabase (hosted on AWS) and Vercel infrastructure. We implement industry-standard security measures including encryption in transit (TLS), row-level security policies on our database, and secure authentication practices. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. If you delete your account, we will delete or anonymize your personal information within a reasonable timeframe, except where we are required to retain it for legal, accounting, or security purposes.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your personal information
  • Object to or restrict certain processing of your information
  • Request a portable copy of your information

To exercise any of these rights, please . We will respond to your request within 30 days.

7. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect and how it is used, the right to request deletion, and the right to opt out of the sale of personal information. As stated above, we do not sell personal information.

8. Cookies and Tracking

We use essential cookies to maintain your authentication session and ensure the platform functions correctly. We use Vercel Analytics for anonymous usage data. We do not use third-party advertising cookies or tracking pixels.

9. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child under 18, we will take steps to delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or through a notice on the platform. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please .