Privacy Policy

FINER APPS SRL (hereinafter referred to as "Finer", "we" or "the company"), registered under CUI 49982161 and Trade Registry No. J03/968/2024, is the controller of your personal data.

This privacy policy describes how we collect, use, store and protect the personal data of users of our platform, in accordance with the General Data Protection Regulation (GDPR - EU Regulation 2016/679) and applicable national legislation.

We collect the following categories of personal data:

• Identification data: name, surname, email address, phone number
• Account data: authentication information, account preferences, usage history
• Restaurant data: name, address, tax ID, menu and pricing information
• Transaction data: information about reservations, orders, payments and invoicing
• Technical data: IP address, browser type, operating system, login data
• Usage data: platform interactions, pages visited, features used

Personal data is processed for the following purposes:

• Service provision: creating and managing accounts, processing reservations, generating digital menus
• Communication: sending notifications, reservation confirmations, technical support
• Service improvement: statistical analysis, platform optimization, development of new features
• Legal obligations: compliance with tax and reporting requirements
• Marketing: with explicit consent, sending offers and news (with the option to unsubscribe at any time)

We process your personal data on the following legal grounds:

• Contract performance: processing is necessary for providing the requested services (Art. 6(1)(b) GDPR)
• Consent: for direct marketing activities and non-essential cookies (Art. 6(1)(a) GDPR)
• Legal obligation: for compliance with legal and tax requirements (Art. 6(1)(c) GDPR)
• Legitimate interest: for service improvement and platform security (Art. 6(1)(f) GDPR)

We store personal data only for the period necessary to fulfill the purposes for which they were collected:

• Account data: for the duration of the account and 30 days after deletion
• Transaction data: according to legal archiving requirements (10 years for fiscal documents)
• Marketing data: until consent is withdrawn
• Technical and log data: maximum 12 months

As a data subject, you have the following rights under GDPR:

• Right of access: you can request a copy of the personal data we hold
• Right to rectification: you can correct inaccurate or incomplete data
• Right to erasure: you can request deletion of personal data ("right to be forgotten")
• Right to restriction of processing: you can limit how we use your data
• Right to data portability: you can receive your data in a structured format
• Right to object: you can refuse data processing in certain situations
• Right not to be subject to automated decisions: including profiling

To exercise these rights, you can contact us at contact@finer.business. We will respond within 30 days of receiving the request.

We implement appropriate technical and organizational measures to protect personal data:

• Data encryption in transit (SSL/TLS) and at rest
• Role-based access control
• Monitoring and auditing data access
• Regular backups and recovery plans
• Employee training on data protection

We may share personal data with:

• Service providers: hosting, payment processing, email services (based on data processing agreements)
• Public authorities: when required by law
• Business partners: only with your explicit consent

We do not sell or rent personal data to third parties. All data transfers outside the European Economic Area are made with appropriate safeguards (standard contractual clauses).

For any questions or requests regarding your personal data:

• Email: contact@finer.business
• Company: FINER APPS SRL, CUI 49982161

If you believe that data processing violates your rights, you have the right to file a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP) — www.dataprotection.ro.