Privacy Policy
Last updated: July 9, 2026
This Privacy Policy applies to the MuffinMenu online ordering services and the MuffinMenu Kitchen Display System (“KDS”) mobile application operated by Add4x Inc. It explains how information is collected, used, stored, and shared across the customer ordering and restaurant operations portions of the service.
1. Information We Collect
We collect information you provide directly to us, information needed to operate a restaurant account and paired KDS device, and technical information generated when our services are used.
- Personal information: name, email address, phone number, delivery address
- Payment transaction information. Payment card details are entered directly into Stripe and are not stored by MuffinMenu.
- Order history, preferences, table information, and order status
- Order content used by the KDS, such as customer or guest name, items, modifiers, preparation notes, special instructions, and allergy alerts
- Restaurant operations information, including tenant, restaurant, location, station, and paired-device identifiers
- Technical and usage information, including app lifecycle events, feature actions, connectivity events, print outcomes, crash reports, and performance diagnostics
- Communications between you and us
2. How We Use Your Information
We use the information we collect to:
- Process and deliver your orders
- Send order confirmations and updates
- Respond to your comments, questions, and requests
- Send you marketing communications (with your consent)
- Pair and authenticate restaurant KDS devices
- Display, update, and print kitchen order tickets
- Diagnose crashes, connectivity failures, and printer problems
- Improve our services and develop new features
- Prevent fraud and enhance security
3. Information Sharing and Service Providers
We do not sell personal information or share it for cross-context behavioral advertising. We disclose information to service providers only as needed to operate, secure, and improve our services, including:
- Stripe for payment processing on the ordering website
- Sentry for application crash reports and performance diagnostics
- PostHog for consent-based website analytics and KDS operational analytics
- Cloud hosting, database, communications, and delivery providers that support the service
- To comply with legal obligations or respond to lawful requests
- To protect our rights, privacy, safety, or property
- With your consent or at your direction
We require service providers to protect personal information consistently with this policy and to use it only to provide their contracted services.
4. KDS App, Local Storage, and Device Permissions
The KDS is a restaurant staff application used on a shared, paired tablet. It stores authentication tokens in operating-system secure storage. It may cache active order tickets and pending operational actions on the tablet so kitchen workflows can continue during temporary connectivity problems. Pending print jobs may also include the ticket content needed to print an order.
The KDS uses Bluetooth and the local network to discover and connect to supported kitchen printers. Printer identifiers, model information, connection type, and printer settings may be stored locally. The KDS does not request GPS location, contacts, camera access, microphone recording, or advertising tracking permission.
Locally cached records are replaced as orders refresh, removed when print jobs complete or are cleared, or removed when application data is erased or the app is uninstalled. Unpairing a device removes its authentication credentials. Restaurant operators should clear application data before transferring or disposing of a KDS tablet.
5. Website Cookies and Analytics
We use cookies and similar tracking technologies to track activity on our website and hold certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.
Cookies and storage we always use
These are required for the site to work. They cannot be turned off because the site would not function without them.
- Tenant routing identifies which restaurant storefront to show.
- Cart and checkout storage remembers what you have added so it is still there when you reach checkout.
- Table service storage remembers your table when you scan a QR code at the restaurant.
- Stripe may set cookies during checkout to process your payment securely.
- Sentry captures technical errors so we can fix bugs that affect orders. We rely on legitimate interest for this operational monitoring.
Cookies we use only with your consent
Product analytics from PostHog records usage events associated with a browser-generated identifier, such as page views, menu interactions, and checkout flow events, so we can understand what works and what does not. These website analytics are enabled only after you consent.
You have not made a choice yet. We are not using product analytics cookies.
6. KDS Operational Analytics and Diagnostics
When operational analytics are enabled for a KDS deployment, PostHog receives a paired-device identifier together with restaurant tenant, location, and station identifiers. It also receives limited events about confirmed kitchen actions, connectivity, offline synchronization, and printing. These events are pseudonymous and linked to the restaurant device and account; they are not described as anonymous.
KDS screen contents, touch contents, and session replay are not captured. Sentry may receive crash reports, performance traces, and the same device and restaurant context so we can diagnose reliability problems. We use this information for application functionality, security, diagnostics, and product analytics. We do not use it for advertising or cross-app tracking.
7. Data Retention and Deletion
We retain information only for as long as reasonably necessary to provide the services, maintain restaurant and transaction records, resolve disputes, prevent fraud, meet legal obligations, and support security and reliability. Retention periods vary by data type and the requirements of the restaurant using the service.
Crash reports, performance diagnostics, and analytics events are retained according to our configured service-provider retention settings and are deleted or anonymized when no longer needed. You may request access, correction, or deletion by contacting us. For information controlled by a particular restaurant, we may direct the request to that restaurant.
8. Data Security
We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet is 100% secure.
9. Your Rights and Choices
Depending on where you live, you may have the right to:
- Access and receive a copy of your personal information
- Update or correct your personal information
- Delete your account and personal information
- Opt out of marketing communications
- Withdraw website analytics consent using the controls above
- Object to or restrict certain processing of your personal information
10. Children's Privacy
Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.
12. Contact Us
If you have questions about this Privacy Policy or want to exercise a privacy right, contact Add4x Inc., operator of MuffinMenu, at:
Email: developer@muffinmenu.com