Comanda.
Prova Comanda
Privacitat

Com tractem les dades.

Last updated · 2026-04-19

This is a plain-English description of what data Comanda collects, why, and what we do with it. The legal GDPR wording — subject rights, basis for processing, international transfers — lives on the GDPR page.

1. Two kinds of "customer"

Operators are the cafés paying for Comanda — you, the café owner. We process your billing data and the contents of your tenant (menu, staff, orders).

End customers are the people who eat at your café — they scan a QR, order, pay, leave a review. We process their data on your behalf under a Data Processing Agreement (the GDPR page has the DPA).

2. What we collect

From operators: business name + address, contact email, phone, staff login phone numbers, subscription billing (via Mollie — we never see card numbers).

From end customers:

  • For in-house ordering: an anonymous QR session token. No personal data.
  • For takeaway: phone number (for OTP sign-in and pickup notifications), name if given, push subscription tokens for PWA notifications.
  • For reviews: rating + tags + optional body text. Links to their check, which means the café operator can see which table/order the review came from.

3. What we use it for

  • Running the service: routing orders, showing menus, sending payment flows and pickup alerts.
  • Aggregate analytics: counts of orders, revenue totals, popular items — always per-tenant, never cross-tenant.
  • Legitimate business operations: replying to support emails, billing, fraud checks.

We don't sell data to anyone. We don't serve ads. We don't use your data to train AI. If this ever changes, we'll tell you 30 days ahead and give you a clean export path.

4. Where it lives

All production data lives on Supabase's EU infrastructure (Frankfurt and Paris regions). Static assets are on Vercel's EU CDN. Email goes through a SendGrid EU sub-account. Transactional push uses Google/Apple APIs — tokens only, no message bodies stored beyond delivery.

5. Who has access

  • Coverso employees with a need-to-know, authenticated via individual accounts + 2FA.
  • Supabase + Vercel operations staff under their own infrastructure contracts.
  • Mollie sees payment metadata (amount, description, method) — no menu items or personal data beyond what you put in the description field.

6. How long we keep things

  • Active tenants: forever, while paying.
  • Cancelled tenants: 60 days, then deleted. You can request immediate deletion earlier.
  • Takeaway customer records: deleted automatically 18 months after their last order, unless they sign in again.
  • Reviews: retained with the cafe. If the café cancels, reviews go with it.
  • Support emails: 3 years after last reply.

7. Your rights

Access, rectification, erasure, portability, objection, restriction — all supported. Email hola@comanda.menu and we'll respond within 30 days (usually much faster).

8. Cookies + storage

Comanda uses browser localStorage for session tokens and preferences — no third-party tracking cookies, no analytics SDKs, no Facebook pixel, no Google tag manager. The only thing a privacy-conscious user would find is their own Comanda session data.

9. Contact

hola@comanda.menu reaches the operator (justin@luna-paint.com). You can also complain to the Spanish DPA (AEPD, aepd.es) if you're unhappy with how we handle your data.