Privacy Policy
Last updated: 21 June 2026This Privacy Policy explains what personal data Maïdé collects, why, how we use and share it, how long we keep it, and the rights you have over it. Questions: privacy@maide.lb.
What we collect
Account & contact data (name, email, phone, language, Apple/Google sign-in identifiers); diner preferences (allergens, diet, occasions, favourites, notifications); reservations and visit history; payments and wallet records; critic/professional profiles; anonymous usage analytics; approximate location (only if you opt in); and the minimum device data needed to keep your session secure. We never store full card numbers or CVV.
Why we use it
To provide the service you ask for (accounts, reservations, payments, recommendations); to communicate confirmations, reminders and service notices; to keep the platform safe, accurate and reconciled; to improve the product through anonymous analytics (which you can switch off); and to comply with tax, accounting and dispute-record obligations.
How we share data
We share personal data only as needed to run the service: with the restaurant or venue you book, with the company that pays for a business meal you attend, and with our processors — Suyool (payments and payouts), Resend (email), and Supabase (database and private file storage). We do not sell your personal data. Some processors operate outside Lebanon under contractual data-protection commitments.
How long we keep it
Active-account data is kept until you delete your account. Financial and audit records are retained as required by law (typically up to 10 years), de-identified once your account is deleted. Anonymous analytics are aggregated, and location detail is removed after 30 days.
Your rights
You can export a copy of your data, delete your account, correct your details, and switch off analytics or location at any time — from Profile → Privacy. Account deletion signs you out immediately and schedules an irreversible erasure 30 days later; signing back in before then cancels it. After the grace period we erase your personal data, keep only the legally required financial/audit records (de-identified), and forward your request to processors that hold a copy. For anything not self-service, email privacy@maide.lb. You may also complain to your local data-protection authority.
Children
Maïdé is not intended for children under 16, and we do not knowingly collect their data.
Changes
We update this policy as the service evolves and record acceptance of the current version when you sign in. Material changes are highlighted in-app.