Legal

Privacy Policy

Last Updated: March 29, 2026

This Privacy Policy explains how Plait ("Plait," "we," "us," or "our") collects, uses, and shares your information when you use the Plait app. Plait is a dining experience platform that connects customers and restaurants through live meal sessions, in-app ordering, payments, and reviews.

We're based in Phoenix, Arizona. If you have questions about this policy, reach us at hello@plait.app.

1. What We Collect

Account Information

When you create a Plait account, we collect your name, email address, phone number, and optionally a profile photo. Restaurant staff and owners also provide information about their establishment.

Location Data

Plait uses your device's GPS to auto-detect when you arrive at a restaurant, enable proximity-based features, and send reservation arrival alerts. Location is only accessed while the app is active — we don't track you in the background unless you've explicitly enabled arrival alerts for an upcoming reservation.

Payment Information

All payments are processed through Stripe. We do not store your credit card numbers, CVV codes, or raw banking information on our servers. We receive transaction confirmations and billing records from Stripe. See Stripe's Privacy Policy for details on how they handle payment data.

Dining Data

Plait stores your meal history: the restaurants you've visited, items you've ordered, reviews you've written, photos you've taken, and ratings you've given. This is core to the Plait experience — your Food Critic profile, leaderboard status, and reputation score are all built from this data.

Device Information

We collect your device type, operating system version, and push notification tokens (FCM) to send you alerts like food delivery confirmations, reservation reminders, and check requests.

Usage Data

We collect information about how you use the app — screens visited, search queries, features tapped, preferences set. This helps us understand what's working and what isn't.

2. How We Use Your Data

  • To power the dining experience. Your account and dining data are used to run meal sessions, process orders, handle payments, enable bill splitting, and surface your reviews and photos on restaurant pages.
  • For location features. Your GPS coordinates are used to detect which restaurant you're at when you scan a QR code to join a Meal, and to send you an alert when you're approaching a reservation.
  • For personalization. Your dietary preferences, ordering style, and dining history are used to give you a more relevant experience — from menu filtering to service recommendations.
  • For public profiles and leaderboards. Your Food Critic level, dining stats, reviews, and photos may appear publicly on your profile and on Plait's leaderboards. You can control visibility in your privacy settings.
  • For restaurant analytics. Restaurants receive anonymized, aggregated insights about their dining patterns. They do not receive personally identifiable analytics tied to you by name.
  • For push notifications. We send you notifications when your food is delivered, when your check is ready, when a reservation is confirmed or coming up, and other meal-related events.
  • To improve Plait. We analyze usage data and feedback to fix bugs, prioritize features, and make the app better over time.

3. What We Share — and What We Don't

With Restaurant Owners

When you dine at a restaurant on Plait, the restaurant owner can see your dining preferences (dietary restrictions, service style preference), your order history at their restaurant, your customer reputation score, and whether you hold an age verification badge. Restaurant owners cannot see which specific customer left an anonymous review or rating.

With Other Plait Users

Your public profile is visible to other users. This includes your display name (or username if you've chosen to keep your real name private), your Food Critic level and badge, the reviews you've written, and photos you've posted publicly.

With Stripe

We share necessary transaction data with Stripe to process payments. Restaurant owners using Plait's payment processing connect via Stripe Connect.

With Firebase / Google

Plait is built on Google Firebase, which powers our database, authentication, file storage, and push notifications. Your data is stored in Firebase infrastructure subject to Google's Privacy Policy.

We Never Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing or advertising purposes. Period.

4. The Anonymous Review System

Plait uses a fully anonymous, three-way review system:

  • You → Restaurant:Your restaurant review is attributed to your public profile (unless you've made your profile private).
  • You → Waiter:Your rating of your waiter is anonymous. The waiter never sees who submitted it.
  • Waiter → You:The waiter's rating of you as a customer is anonymous. You never see it.

Anonymous reviews must still comply with our content guidelines. Anonymity is not a license to harass or defame.

5. Photos

When you take or upload a photo during a Meal, it is stored on Plait's servers. If you attach it to a public review or post it to your profile, it becomes publicly visible. If a restaurant owner adopts your photo for their menu, you retain ownership but grant Plait and the restaurant a non-exclusive license to display it on the platform.

6. Age Verification

Age verification is optional. If you choose to verify, Plait receives and stores only your verification status ("Verified 21+") — not your ID documents or raw identity data. You can request removal of your verification status at any time by contacting us.

7. Your Rights

You can:

  • Access your data — request a summary of what we hold about you
  • Export your data — request a machine-readable copy of your account data
  • Delete your account — request full deletion of your account and all associated personal data
  • Opt out of location tracking — disable location access in your device settings
  • Make your profile private — control what's visible in your app privacy settings
  • Opt out of personalized recommendations — available in app settings

To submit any data rights request, email hello@plait.app with the subject line "Data Request." We will respond within 30 days. California residents have additional rights under the CCPA; EU/EEA residents have rights under the GDPR.

8. Data Retention

  • Active account data is retained as long as your account is open.
  • Deleted accounts: When you delete your account, we remove your personal data within 30 days. Anonymized review content may remain on restaurant pages.
  • Anonymized analytics: Aggregated, de-identified usage data may be retained indefinitely for platform improvement.
  • Payment records: Transaction records may be retained for up to 7 years for legal and accounting compliance.

9. Children

Plait is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that a child under 13 has created an account, we will delete it promptly. If you believe a child has provided us with their information, please contact us at hello@plait.app.

10. Security

We take security seriously:

  • All data in transit is encrypted via HTTPS/TLS.
  • Data at rest is encrypted in Firebase infrastructure.
  • Payments are handled by Stripe, which is PCI-DSS Level 1 compliant.
  • Anonymous review data is structured so that author identity is never exposed to client applications.
  • Meal QR codes rotate every 30 seconds to prevent unauthorized access.

No system is 100% secure. If you discover a security vulnerability, please report it to hello@plait.app.

11. Changes to This Policy

We may update this Privacy Policy as Plait evolves. If we make material changes, we'll notify you by email and/or with an in-app notification before the changes take effect. The "Last Updated" date at the top of this page reflects the most recent revision.

12. Contact Us

Questions, concerns, or requests?

Plait

Phoenix, Arizona

hello@plait.app
Terms of Service →← Back to Plait