Privacy Policy

Last updated: May 21, 2026

This Privacy Policy explains how Cafe Bartique (“we,” “us,” or “our”) collects, uses, shares, and protects your personal information when you use the Cafe Bartique mobile application (“App”). By using the App, you agree to the practices described in this policy.

1. Information We Collect

Information You Provide Directly

When you create an account, use ordering links or ordering features, submit a catering inquiry, or contact us, you may provide:

• Full name

• Email address

• Account password (handled and stored by Firebase Authentication; Cafe Bartique never stores or sees your password)

• Profile information shared by your chosen sign-in provider when you sign in with Google, Apple, or Facebook (typically name, email address, and a provider-issued user identifier; Apple may relay a private email address)

• A Firebase user ID (UID) generated when your account is created — used to associate your account with app data such as event RSVPs and saved items

• Phone number

• Company or organization name (for catering inquiries)

• Event details including date, time, type, and estimated guest count (for catering inquiries)

• Catering menu preferences, special dietary requests, and any free-text notes you include

• Event location or delivery address (optional, provided voluntarily)

• Preferred contact method

• Event RSVPs and saved/favorited events (linked to your Firebase user ID when you are signed in; stored only on your device when you are not)

• Order-related information only if made available to Cafe Bartique by Toast or voluntarily provided by you

Device Identifiers and Usage Data

When you use the App, we and our third-party service providers may automatically collect:

• Device type, model, and operating system version

• App version and usage interactions

• IP address and general network information

• Crash reports and performance diagnostics

• Push notification token / device-installation identifier — issued by Expo Push, Apple Push Notification service (APNs), Google Firebase Cloud Messaging (FCM), or Firebase. Only collected if you grant notification permission. Used solely so the App can deliver Cafe Bartique events, announcements, promotions, menu updates, and other app-related messages to your device. This identifier is used for app functionality and developer communications. It is not used for advertising tracking and is not shared with advertising networks.

• A Firebase installation identifier created by the Firebase SDK so that authentication and push delivery work reliably on your device. Not used for advertising.

These device identifiers are required to operate core app features including authentication and push notification delivery. They are never used to build advertising profiles or shared with ad networks.

Payment Information

The Cafe Bartique App does not collect, process, or store any payment card or banking information. Food and beverage payments are handled entirely by Toast through Toast’s own ordering experience and are subject to Toast’s privacy policy. Catering payments are arranged directly between Cafe Bartique and the customer outside the App after an inquiry is confirmed. The App may retain non-financial transaction references such as a quoted amount and inquiry status for fulfillment, customer support, and recordkeeping purposes.

Toast Ordering

Food and beverage ordering and checkout open through Toast’s ordering experience. Any information you enter on the Toast site (including payment information) is collected and handled by Toast under Toast’s own privacy policy, not by the Cafe Bartique App. Cafe Bartique may receive order details from Toast as part of normal restaurant operations, but the App itself does not process Toast checkout or payment.

Location Information

We do not collect or request your device’s precise GPS location. If you voluntarily provide a delivery or event address as part of a catering inquiry, that address is used solely to fulfill or respond to your request.

Instagram and Social Media Content

The App displays publicly available photos from Cafe Bartique’s own official Instagram account. These photos are loaded through the Instagram Graph API (and/or a social media aggregation service such as Curator.io) using only Cafe Bartique’s own access credentials. We do not collect, request, or access your personal Instagram account, your Instagram login, or any private Instagram data.

Data We Do Not Collect

The App does not collect any of the following:

• Precise device location (GPS)

• Camera, photos, videos, or other media from your device library

• Microphone or audio recordings

• Your device contacts or address book

• Face ID, Touch ID, or other biometric templates (Apple Sign In may use Face ID/Touch ID at the operating-system level, but the biometric data stays on your device and is never sent to Cafe Bartique)

• Advertising identifiers (IDFA on iOS or Google Advertising ID on Android)

2. How We Use Your Information

We use the information we collect to:

• Create and manage your account

• Facilitate food and beverage ordering through Toast POS, which handles its own ordering experience, checkout, payment, and fulfillment

• Process catering inquiries and follow up with customized quotes

• Send push notifications for Cafe Bartique events, announcements, promotions, menu updates, and app-related messages (with your permission)

• Display upcoming events and promotions relevant to you

• Respond to customer support inquiries

• Improve the App’s performance, design, and features

• Send promotional communications, only with your explicit consent

• Comply with applicable legal obligations

We do not use your information for automated decision-making or profiling that produces legal effects.

3. How We Share Your Information

We do not sell, rent, or trade your personal information.

We share your information only with the following trusted service providers, each bound by their own privacy policies:

• Firebase Authentication and Firestore (Google) — account authentication, password handling, user management, and event/RSVP data storage

• Google Sign-In — optional sign-in provider

• Apple Sign-In — optional sign-in provider

• Facebook Login — optional sign-in provider

• Expo Push Notifications — delivery infrastructure that routes notifications from Cafe Bartique to your device

• Apple Push Notification service (APNs) — Apple’s system that actually delivers push notifications to iOS devices

• Google Firebase Cloud Messaging (FCM) — Google’s system that actually delivers push notifications to Android devices

• Toast POS — restaurant point-of-sale and online ordering system that independently manages food ordering, checkout, payment, and order fulfillment

• Instagram Graph API and/or Curator.io — public photo display from Cafe Bartique’s own Instagram account

• Email / SMTP provider — used to deliver catering inquiry and customer support messages to Cafe Bartique staff

• Legal authorities — when required by applicable law, regulation, or valid legal process

Data is shared only as needed to provide app functionality, authentication, push notification delivery, ordering and payment handoff, catering support, customer support, security, fraud prevention, and legal compliance. Cafe Bartique does not sell your personal data and does not use your data for cross-app advertising tracking.

We may also disclose your information if we reasonably believe disclosure is necessary to protect the safety, rights, or property of Cafe Bartique, our users, or the public.

4. App Permissions

The App may request the following device permissions:

Push Notifications

We may request permission to send you push notifications for Cafe Bartique events, announcements, promotions, menu updates, and other app-related messages. This permission is entirely optional — you can enable or disable it in the app (Settings → Push Notifications) or at any time in your device’s Settings app. Denying this permission does not affect any core App functionality.

Internet Access

The App requires internet access to load the menu, process orders, display events and photos, and submit catering inquiries. No other device permissions are requested.

5. Data Linked to You

The following categories of data may be collected and linked to your identity:

• Contact info (name, email, phone)

• Order-related information, only if made available to Cafe Bartique by Toast or voluntarily provided by you

• Catering inquiry details

• User account identifiers

• Device or other identifiers (push notification token, Android ID, iOS IDFV) — used for authentication, push notification delivery, and crash analytics

The following data is collected but is not linked to your identity:

• Crash and diagnostic data

• General app usage and performance data

Tracking

We do not track you across third-party apps or websites for advertising purposes. No data collected in this App is used to build advertising profiles or shared with advertising networks.

6. Data Retention

We retain your personal information only as long as necessary to provide our services, fulfill the purposes in this policy, or as required by applicable law. Specifically:

• Account information is retained until you request deletion

• Order-related records that Cafe Bartique receives or maintains may be retained for up to 3 years for business, tax, legal, and dispute-resolution purposes.

• Catering inquiry records are retained for up to 2 years

• Push notification tokens are removed when you uninstall the App or revoke permission

7. Account and Data Deletion

You have the right to delete your account and associated personal data at any time, directly within the App.

Delete from within the App (primary method)

1. Open the App and go to your Profile

2. Tap Settings (gear icon or bottom of profile)

3. Under Account, tap “Delete Account”

4. Confirm twice to permanently delete your account

Deleting your account removes your Cafe Bartique app account and associated app data from our active systems, including locally stored app data and push notification tokens where applicable. Some records may be retained where required or permitted for legal, tax, fraud prevention, dispute resolution, completed transaction, or business record-keeping purposes. Deleting your Cafe Bartique app account does not automatically delete records held independently by third-party services such as Toast, Firebase, Expo, or Curator.io.

Request via email (if you cannot access the App)

If you are unable to access the App, email us at admin@cafebartique.com with the subject line “Account Deletion Request” and include the name and email address associated with your account. We will process your request within 30 days.

Note: certain records may be retained as required by law (such as transaction records for tax purposes) even after your account is deleted.

8. Your Rights and Choices

You may at any time:

• Access or correct your account information within the App

• Opt out of marketing and promotional messages by contacting us

• Withdraw push notification permission in your device settings

• Request a copy of the personal data we hold about you

• Request deletion of your account and personal data (see Section 7)

To exercise any of these rights, contact us at admin@cafebartique.com.

9. Data Security

We use industry-standard safeguards to protect your information. Account authentication is managed by Firebase, which uses secure, encrypted authentication. The App itself does not process or store payment card data — food and beverage payments are handled by Toast under Toast’s own PCI-DSS compliant systems. All data transmitted between the App and our servers uses HTTPS encryption. While we take reasonable precautions, no system is completely secure and we cannot guarantee absolute security of your data.

10. Children’s Privacy

The App is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has created an account or submitted personal information without parental consent, we will promptly delete it. If you believe a child has provided us with their information, please contact us at admin@cafebartique.com.

11. Third-Party Services and Links

The App integrates with the following third-party services, each governed by their own privacy policies:

• Firebase Authentication and Firestore / Google Sign-In / Firebase Cloud Messaging — policies.google.com/privacy

• Apple Sign-In and Apple Push Notification service — apple.com/legal/privacy

• Facebook Login (Meta) — facebook.com/privacy/policy

• Expo Push Notifications — expo.dev/privacy

• Toast POS — pos.toasttab.com/privacy

• Instagram Graph API (Meta) — facebook.com/privacy/policy

• Curator.io — curator.io/privacy-policy

• Email / SMTP provider used to deliver catering and customer support messages — handled under the provider’s own privacy policy

We are not responsible for the privacy practices of these third parties. We encourage you to review their respective policies.

12. California Residents — CCPA / CPRA

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to:

• Know what personal information we collect, use, and disclose about you

• Access a copy of your personal information

• Request correction of inaccurate personal information

• Request deletion of your personal information

• Opt out of the sale or sharing of personal information

• Non-discrimination for exercising your privacy rights

We do not sell or share your personal information for cross-context behavioral advertising. To exercise your California privacy rights, contact us at admin@cafebartique.com.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the date at the top of this page and, where appropriate, notify you within the App. Your continued use of the App after changes are posted constitutes acceptance of the updated policy.

14. Governing Law

This Privacy Policy is governed by the laws of the State of Georgia, United States, without regard to its conflict of law provisions.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Cafe Bartique

2315 Cascade Road Atlanta, GA 30311, USA

Phone: (404) 343-1780

admin@cafebartique.com