Privacy Policy

1. Information We Collect

When you use BizDin, we collect information you provide directly:

• Account information (name, email address, phone number)
• Dining preferences (dietary restrictions, cuisine preferences, accessibility needs)
• Dining event details (dates, locations, guest lists)
• Feedback and communications you submit

When you connect third-party services (Google Calendar, Microsoft Outlook), we access only the data necessary to sync your dining events. We do not read or store unrelated calendar entries.

2. How We Use Your Information

• Coordinate dining events and deliver invitations
• Generate AI-powered restaurant recommendations based on group preferences
• Sync events to your connected calendars
• Send notifications via email or SMS (with your consent)
• Improve the product based on aggregated usage patterns

3. Third-Party Services

BizDin integrates with the following services to provide its features:

• Supabase — authentication and database hosting
• OpenAI / Azure OpenAI — AI-powered restaurant recommendations
• Google APIs — calendar sync, contacts, and restaurant search
• Microsoft Graph — Outlook calendar and contacts sync
• Twilio — SMS notifications
• Resend — email notifications
• Vercel — application hosting

Each service processes data according to their own privacy policies. We share only the minimum data required for each integration to function.

4. Google API Disclosure

BizDin's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• We only access Google Calendar data to create and sync your dining events
• We only access Google Contacts data to help you find connections and invite guests
• We do not use Google data for advertising purposes
• We do not sell Google user data to third parties
• We do not use Google data for purposes unrelated to dining event coordination

5. Data Storage & Security

Your data is stored in a secured Supabase database with row-level security policies. OAuth tokens for calendar integrations are encrypted at rest. We use HTTPS for all data transmission. We do not sell, rent, or share your personal information with third parties for marketing purposes.

6. Data Retention & Deletion

We retain your data for as long as your account is active. You can disconnect third-party integrations at any time through Settings, which revokes our access and deletes stored tokens. To delete your account and all associated data, contact us at the email below.

7. SMS Communications

If you opt in to SMS notifications, we send event-related messages to your phone number. Message and data rates may apply. You can opt out at any time by replying STOP or updating your settings. See our SMS Policy for full details.

8. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised date.