Privacy Policy of CreActive Digital LLC
1. Data Controller
The data controller of personal data collected on the website menuinapp.com (the “Site”) is:
CreActive Digital LLC
- Registered Address: 30 N Gould St Ste R, Sheridan, WY 82801, USA
- Office Address: 166 Geary St STE 1500 #1341, San Francisco, CA 94108, USA
- EIN: 30-1362338
- Email: info@menuinapp.com
2. Data Protection Officer (DPO)
CreActive Digital LLC has not designated a formal DPO. For any questions regarding your personal data, please contact us at info@menuinapp.com.
3. Location of Processing
Personal data are processed at CreActive Digital LLC’s offices and by authorized personnel. Some processing may occur on:
- Oracle Hospitality Cloud servers (for restaurant order & menu management)
- Amazon Web Services (AWS) infrastructure (hosting, backup, analytics)
4. Types of Data Collected
- Browsing Data: IP address, pages visited, timestamps, via technical cookies and server logs.
- Volunteered Data: Name, email, phone number, address when registering, subscribing to newsletters, placing orders or contacting support.
- Payment Data: Processed through secure gateways (Stripe, PayPal, etc.); full card details are never stored on our servers.
- Order & Reservation Data: Order details, history of purchases, customer preferences.
5. Purposes of Processing & Legal Basis
| Purpose | Legal Basis (GDPR Art. 6) |
|---|---|
| Fulfill contracts and orders | 6(c)(1)(b) – Performance of contract |
| Accounting and tax compliance | 6(c)(1)(c) – Legal obligation |
| Sending newsletters and promotional communications | 6(c)(1)(a) – Consent |
| Site security and abuse prevention | 6(c)(1)(f) – Legitimate interest |
| Anonymous analytics (Google Analytics, AWS CloudWatch) | 6(c)(1)(a) – Consent |
6. Methods of Processing
Data are processed with IT systems and manual tools, adopting organizational and technical measures to ensure confidentiality and security. Key technologies in use include:
- Oracle Hospitality Cloud for real-time order and menu data
- AWS for hosting, disaster recovery, and log analysis
- WooCommerce (WordPress) for e-commerce functionality
7. Data Retention
- Browsing data: up to 24 months
- Contractual and tax data: 10 years (U.S. & Italian legal requirements)
- Marketing data: until consent is withdrawn
8. Disclosure of Data
Personal data may be disclosed to:
- Third-party service providers (hosting, mailing, analytics)
- Law enforcement or judicial authorities if required by law
Data will not be sold or otherwise made available to unauthorized parties.
9. International Transfers
Data may be transferred to AWS servers in the U.S. such transfers are governed by the EU–U.S. Standard Contractual Clauses or other approved mechanisms to ensure adequate protection.
10. Data Subject Rights
Under Articles 15–22 GDPR, you have the right to:
- Access, rectify, erase, or restrict processing of your data
- Data portability
- Object to processing based on legitimate interest
To exercise any right, contact info@menuinapp.com or write to our registered address.
11. Cookies & Tracking
- Technical cookies: essential for site functionality (e.g., cart, login).
- Analytical cookies: Google Analytics and AWS CloudWatch (data anonymized).
- Profiling cookies: Facebook Pixel and other marketing tools—only with explicit consent.
Manage or withdraw consent via the Cookie Banner or your browser settings.
12. Changes to This Policy
We may update this Policy periodically; changes will be published here with the “Last Updated” date.
Last Updated: June 7, 2025
If you have questions or wish to exercise your GDPR rights, please contact info@menuinapp.com.