Privacy Policy

Last updated: 22 March 2026

1. Who We Are

DINR.AI Ltd ("we", "us", "our") is a company registered in England and Wales (Company No. 16913295). We operate the DINR.ai mobile application (the "App").

The App helps you discover restaurant dishes that match your dietary preferences. You search for a restaurant, tell us what matters to you (high protein, low calorie, and so on), and we analyse the menu to recommend dishes.

Data controller: DINR.AI Ltd
Contact: yuvi@dinrai.com

2. What Data We Collect

2.1 Information You Provide

• Account information: Your name and email address when you create an account.
• Dietary preferences: Any preferences you set in the App (such as high protein, low calorie, vegan, allergen-free, etc.). These are voluntary choices you make — we do not collect or process health data.
• Search history: Restaurants you search for within the App.
• Order history: If you are a premium subscriber, we may store dishes you have previously selected or ordered to improve future recommendations.

2.2 Information We Collect Automatically

• Usage data: How you interact with the App, including features used, screens visited, and session duration.
• Device information: Device type, operating system, app version, and a unique device identifier.
• Location data: We do not collect your precise location unless you explicitly grant permission. If you do, we use it solely to show nearby restaurants. You can revoke location permission at any time in your device settings.

2.3 Information We Do Not Collect

We do not collect payment or financial data. All payments for premium subscriptions are processed by Apple through In-App Purchase. Apple's privacy policy governs that data.

We do not collect special category (sensitive) data as defined under UK GDPR. Dietary preferences are voluntary lifestyle choices, not health data.

3. How We Use Your Data

We use your data for the following purposes:

• To provide the service: Analysing menus and recommending dishes based on your preferences. Legal basis: performance of a contract (Article 6(1)(b) UK GDPR).
• To manage your account: Creating and maintaining your account, authenticating your access, and managing your subscription. Legal basis: performance of a contract.
• To improve the App: Understanding how the App is used, identifying bugs, and improving features. Legal basis: our legitimate interests in improving our product (Article 6(1)(f) UK GDPR).
• To communicate with you: Sending service-related messages (such as changes to the App or this policy). Legal basis: our legitimate interests in keeping you informed.
• To show nearby restaurants: If you grant location permission. Legal basis: your consent (Article 6(1)(a) UK GDPR). You can withdraw consent at any time via your device settings.

We do not use your data for automated decision-making that produces legal or similarly significant effects.

4. Who We Share Your Data With

We do not sell your personal data to anyone. We share data only with the following categories of third parties, and only to the extent necessary:

• Analytics provider: We use an analytics service to understand App usage patterns. This provider receives anonymised or pseudonymised usage and device data. We will update this policy with the specific provider once confirmed.
• Apple: Apple processes your payment data for premium subscriptions via In-App Purchase. We receive confirmation of your subscription status but not your payment details.
• Restaurant menu data providers: We send search queries (restaurant names) to third-party menu database APIs to retrieve menu information. We do not send your personal data (such as your name, email, or dietary preferences) to these providers.
• Hosting and infrastructure providers: Our servers and databases are hosted by third-party cloud providers who process data on our behalf under appropriate data processing agreements.

All third-party processors are bound by data processing agreements that require them to handle your data in accordance with UK GDPR.

5. International Data Transfers

Some of our third-party service providers may be based outside the United Kingdom. Where we transfer personal data outside the UK, we ensure appropriate safeguards are in place, such as:

• UK International Data Transfer Agreements (IDTAs) or the UK Addendum to Standard Contractual Clauses
• Transfers to countries that the UK Secretary of State has determined provide an adequate level of data protection

If you would like more information about the safeguards we use, please contact us at yuvi@dinrai.com.

6. How Long We Keep Your Data

We keep your personal data only for as long as necessary for the purposes set out in this policy:

• Account data: Retained for as long as your account is active, and deleted within 90 days of account deletion.
• Dietary preferences and search history: Retained for as long as your account is active. Deleted when you delete your account or clear your preferences.
• Order history (premium): Retained for as long as your premium subscription is active. Deleted within 90 days of account deletion.
• Usage and analytics data: Retained in anonymised or aggregated form. Identifiable analytics data is deleted within 26 months of collection.

We may retain certain data for longer where required by law (for example, for tax or accounting obligations).

7. How We Protect Your Data

We implement appropriate technical and organisational measures to protect your personal data, including:

• Encryption of data in transit (TLS/HTTPS) and at rest
• Access controls limiting who within our organisation can access personal data
• Regular review of our security practices

No system is completely secure. If you become aware of any security issue, please contact us immediately at yuvi@dinrai.com.

8. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

• Access: You can request a copy of the personal data we hold about you.
• Rectification: You can ask us to correct inaccurate or incomplete data.
• Erasure: You can ask us to delete your personal data (the "right to be forgotten").
• Restriction: You can ask us to restrict how we process your data in certain circumstances.
• Data portability: You can request your data in a structured, commonly used, machine-readable format.
• Objection: You can object to processing based on legitimate interests.
• Withdraw consent: Where processing is based on consent (such as location data), you can withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at yuvi@dinrai.com. We will respond within one month.

If you are not satisfied with how we handle your request, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Website: ico.org.uk
Telephone: 0303 123 1113

9. Children's Privacy

The App is not intended for children under the age of 13. We do not knowingly collect personal data from children under 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at yuvi@dinrai.com and we will delete it promptly.

Users aged 13 to 17 should review this policy with a parent or guardian before using the App.

10. Changes to This Policy

We may update this privacy policy from time to time. When we make material changes, we will notify you through the App or by email (if you have an account). The "Last updated" date at the top of this policy indicates when it was last revised.

11. Contact Us

If you have any questions about this privacy policy or how we handle your data, please contact us:

DINR.AI Ltd
Company No. 16913295
Email: yuvi@dinrai.com

Informational analysis, not formal legal advice.