Privacy Policy
1. Information We Collect
We collect the following information when you use the App:
- Account information: email address, username, and password (stored as a secure hash)
- Structured ratings: metric-based inputs you submit for restaurants when signed in (e.g., taste, service, value)
- Saved restaurants and filter bookmarks: restaurants you save and search filters you bookmark (for signed-in users, synced to our servers)
- Support and contact submissions: name, email, issue type, and message when you contact us
- Restaurant reports: optional reason text when you report a listing; if you are signed in, we may associate the report with your account
- Device identifiers: a pseudonymous client identifier stored on your device for local caching of signed-in review state
- Location data: precise location if you grant permission (see Section 3)
- Technical data: IP address, browser or device type, user-agent, request logs, and error reports
We do NOT collect:
- Free-form written reviews
- Sensitive personal data (such as biometric, health, or financial information)
2. How We Use Information
We use collected data to:
- Create and manage user accounts and password resets
- Display and aggregate restaurant ratings
- Rank and sort restaurants based on user input
- Provide location-based results (e.g., nearby restaurants)
- Save your preferences, bookmarks, and review history
- Respond to support requests and review reported listings
- Maintain system integrity, prevent abuse, and diagnose errors
3. Location Data
If you grant location permissions, the App may access your device’s location to center the map and show nearby restaurants.
- Location is used to deliver map functionality in real time
- We do not send your precise GPS coordinates to our servers; map data requests use map viewport bounds instead
- Your browser or device may store your last known location locally to improve the experience on return visits
- Third-party map and geocoding providers may receive map tile requests or address search queries that reflect the area you are viewing or searching
- Location access can be controlled through your device or browser settings
4. Device and Browser Storage
The App stores data locally on your device using browser storage (such as localStorage) and, where supported, a service worker cache. This may include:
- Authentication tokens and basic account info (username, role)
- Your pseudonymous rating client identifier
- Cached ratings, saved restaurants, filter bookmarks, and last known location
- Static app assets for offline or faster loading
You can clear this data by clearing your browser or app storage, or by deleting your account (for server-synced data).
5. Third-Party Services
We use third-party services that may collect or process data on our behalf:
- Google reCAPTCHA: Spam prevention during sign-up and certain forms. Google processes the reCAPTCHA response and may receive your IP address. See Google's Privacy Policy.
- Stadia Maps, CARTO, and OpenStreetMap: Map tiles and restaurant location display. Requests may include map viewport area and IP address. See Stadia Maps Privacy and OpenStreetMap Privacy.
- Nominatim (OpenStreetMap): Address search and geocoding. Your search query is sent to Nominatim when you search for an address.
- Google Fonts: Typography. Google may receive standard web request data. See Google's Privacy Policy.
- unpkg CDN: Delivery of map libraries and related assets. Standard CDN access logs may apply.
- Email provider (e.g., Mailgun): Delivery of password-reset emails to your email address.
- Sentry (if enabled): Error monitoring for the App. May receive error details, device/browser info, and limited request metadata.
- Hosting provider (e.g., Render): Application hosting and server logs (IP address, request details).
6. Sharing of Information
We do not sell personal data. We do not share personal information for cross-context behavioral advertising.
We may share information:
- With service providers that help us operate the App (hosting, email, maps, spam prevention, error monitoring)
- If required by law, legal process, or to protect rights and safety
Aggregated and pseudonymous rating data may be publicly displayed as part of restaurant rankings. Individual ratings are not published with your username or email.
7. Data Retention
We retain data as long as necessary to operate the App or comply with legal obligations:
- Account data and signed-in ratings: retained until you delete your account
- Legacy anonymous ratings: older ratings submitted before sign-in was required may remain under a pseudonymous identifier until removed by moderation
- Support tickets and restaurant reports: retained until resolved and deleted by our team, or deleted when you delete your account if associated with your account
- Server logs and error reports: retained for a limited period for security and debugging
8. Data Security
We implement reasonable security measures to protect user data, including hashed passwords and authenticated API access. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
9. Your Rights and Choices
Depending on where you live, you may have the right to:
- Access the personal information we hold about you
- Correct inaccurate account information
- Delete your account and associated data using the in-app "Delete Account & Data" option, or by contacting us
- Withdraw consent for optional features such as location by changing your device settings
When you delete your account, we delete your profile, sessions, ratings, saved restaurants, bookmarks, and associated support tickets and reports.
To exercise your rights, contact us at cli@trouver.co. We will respond within a reasonable timeframe.
California residents: We do not sell or share personal information as defined under the California Consumer Privacy Act (CCPA/CPRA). You may request access to or deletion of your personal information using the contact information below.
10. Children's Privacy
The App is not intended for children under 13, and we do not knowingly collect personal data from them. If you believe a child under 13 has provided us personal data, contact us and we will delete it.
11. International Users
If you access the App from outside the United States, your data may be processed and stored in the United States, where privacy laws may differ from those in your jurisdiction.
12. Illinois Residents
Under the Illinois Online Privacy Protection Act (815 ILCS 504) and Illinois Biometric Information Privacy Act (740 ILCS 14), you have specific privacy rights. We do not collect biometric data. If you believe your privacy rights have been violated, contact us at the email address below.
13. Changes to This Policy
We may update this policy periodically. We will revise the effective date when we do. Continued use of the App after changes indicates acceptance of the updated policy.
14. Contact Information
Trouver
cli@trouver.co