Privacy Policy

Effective Date: February 18, 2026 | Last Updated: February 18, 2026

1. Introduction

BiteMark (“BiteMark,” “we,” “us,” or “our”) operates the BiteMark mobile application and website (the “Service”). This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our Service.

By using the Service, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree, please do not use the Service.

2. Information We Collect

Information You Provide

When you create an account and use the Service, you may provide:

  • Name, email address, and password (for account creation)
  • Username (unique public identifier)
  • Avatar photo, bio, city, Instagram handle, website URL
  • Cuisine and dietary preferences
  • Ratings, reviews, notes, photos, restaurant lists, and social connections

Information Collected Automatically

  • Location data: If you grant permission, we collect your precise geolocation once during onboarding to detect your city. We do not continuously track your location.
  • Authentication tokens: Managed by our infrastructure provider (Supabase) and stored securely on your device.

Information We Do NOT Collect

We do not collect device identifiers, analytics or telemetry data, crash reports, browsing history, contacts, phone numbers, payment information, cookies, or push notification tokens.

3. How We Use Your Information

  • Provide the Service: Display restaurants, show your reviews and ratings, manage your lists, and enable social features
  • Personalize your experience: Recommend restaurants based on your preferences, city, and dining history
  • Communicate with you: Send password reset emails and critical service updates (we do not send marketing emails)
  • Enforce our Terms of Service: Prevent abuse, investigate violations, and maintain integrity
  • Improve the Service: Analyze aggregate, anonymized usage patterns

We do not use your information for advertising, profiling, or automated decision-making.

4. How We Share Your Information

Information Visible to Other Users

Your username, name, avatar, bio, and city are visible on your profile. Ratings, reviews, photos, and lists you mark as “public” are visible to other users. You control visibility through public/private settings.

Service Providers

  • Supabase: Database hosting, authentication, and file storage (US data centers)
  • Google Places API: Restaurant information (we do not send your personal information to Google)
  • Apple and Google (OAuth): Sign-in authentication only

We Do NOT Share Your Data With

Advertising networks, data brokers, analytics companies, restaurants, or any third parties for marketing purposes.

5. Data Retention

We retain your personal information for as long as your account is active. When you delete your account, we permanently delete all of your data within 30 days, including your profile, ratings, reviews, photos, lists, and social connections. No personal data is retained after account deletion except as required by applicable law.

6. Data Security

  • Authentication tokens stored in your device's secure enclave
  • Database access controlled by row-level security policies
  • All data transmitted over HTTPS/TLS encryption
  • Passwords hashed using bcrypt (never stored in plaintext)

7. Your Rights and Choices

You have the right to access, correct, and delete your personal information through your profile and settings. You can control the visibility of your content and revoke location permission at any time.

California Residents (CCPA/CPRA)

California residents have additional rights including the right to know, delete, and opt-out. BiteMark does not sell your personal information or share it for cross-context behavioral advertising. To exercise your rights, email support@bitemark.app. We will respond within 45 days. We extend the same privacy rights to residents of all US states.

8. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, contact us at support@bitemark.app.

9. International Users

BiteMark is operated from the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States. For EEA/UK users, we process data based on consent and legitimate interest. Contact support@bitemark.app to exercise your data protection rights.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you before the changes take effect. Your continued use constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy, contact us at support@bitemark.app. For privacy-specific requests, include “Privacy Request” in the subject line.