Privacy Policy
Last updated: April 2026
Introduction
SafeDine ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our website and services at safedine.ai.
Information We Collect
Public Inspection Data: We collect and display publicly available restaurant health inspection data from 14 government sources across 12 states:
- •Florida — Department of Business and Professional Regulation (DBPR)
- •New York — NYC Department of Health (DOHMH) and NY State DOH
- •Illinois — Chicago Department of Public Health (CDPH)
- •Michigan — Detroit Health Department
- •Texas — Dallas DEH and Austin/Travis County TCPH
- •Washington — Seattle/King County Public Health
- •California — San Francisco DPH
- •Delaware — Delaware Division of Public Health (statewide)
- •Georgia — Fulton County (Atlanta area)
- •Pennsylvania — PA Department of Agriculture (statewide)
- •Ohio — Cincinnati Health Department
- •Louisiana — East Baton Rouge Parish
This data includes restaurant names, addresses, inspection dates, violation records, and compliance outcomes.
Restaurant Listings: For states without inspection data, we display restaurant listings sourced from Foursquare and OpenStreetMap. This includes business names, addresses, cuisine categories, and geographic coordinates.
Account Information: When you create a SafeDine account, we collect your email address and password (hashed). If you sign in with Google OAuth, we receive your name and email from Google. Authentication is handled by Supabase Auth.
User-Generated Content: If you submit a community review or food safety incident report, we collect the information you provide (name, rating, comments, visit date, symptoms, etc.). A hashed version of your IP address is stored for rate-limiting purposes.
Contact Information: If you contact us via our contact form, we collect your name, email address, and message content.
Payment Information: If you subscribe to SafeDine Pro, payment processing is handled entirely by Stripe. We do not store your credit card number or bank details. Stripe provides us with your subscription status and billing email.
Usage and Analytics Data: We use Vercel Analytics and Vercel Speed Insights to collect anonymous performance and usage data, including page views, navigation patterns, and web vitals. This data is aggregated and not personally identifiable.
Error Tracking: We use Sentry to capture application errors and crashes. Error reports may include browser type, page URL, and stack traces. They do not include personal information.
How We Use Your Information
- •To provide and maintain restaurant safety scores and inspection data
- •To authenticate your account and manage your subscription
- •To display community reviews and safety incident reports
- •To process payments for SafeDine Pro subscriptions via Stripe
- •To improve and optimize our website using anonymous analytics
- •To respond to your inquiries and support requests
- •To detect and prevent abuse, spam, and fraudulent activity
CAPTCHA and Bot Protection
We use Cloudflare Turnstile to protect our forms (sign-up, login, reviews, incident reports, and contact) from automated abuse. Turnstile may collect interaction data to distinguish humans from bots. This data is processed by Cloudflare under their Privacy Policy.
Rate Limiting
We use Upstash Redis to enforce rate limits on API endpoints. Rate limiting tracks request counts by hashed IP address. No personally identifiable information is stored in the rate limiter.
Third-Party Services
We use the following third-party services that may process your data:
- •Supabase — Database hosting and authentication
- •Vercel — Website hosting, analytics, and speed insights
- •Stripe — Payment processing for Pro subscriptions
- •Cloudflare — Turnstile CAPTCHA bot protection
- •Sentry — Error tracking and monitoring
- •Upstash — Redis-based rate limiting
- •Foursquare / OpenStreetMap — Restaurant listing data
- •Google — OAuth sign-in provider
Cookies and Local Storage
SafeDine uses minimal cookies and browser storage:
- •Supabase Auth Cookies— Essential cookies for maintaining your login session. These are strictly necessary and cannot be disabled.
- •Theme Preference— Your light/dark mode preference is stored in localStorage. This is not a cookie and is never sent to our servers.
We do not use advertising cookies, social media tracking pixels, or third-party marketing cookies.
Data Retention
Inspection Data: Public health inspection data is retained indefinitely as it is part of the public record.
User Accounts: Account data is retained as long as your account is active. You may request deletion of your account by contacting us.
Reviews and Reports: Community reviews and incident reports are retained indefinitely, even if the submitting account is deleted, as they contribute to public safety information.
Analytics: Aggregated analytics data is retained by Vercel according to their retention policies. It is not personally identifiable.
Data Security
We implement industry-standard security measures including encrypted connections (HTTPS/TLS), row-level security on our database, input sanitization, rate limiting, and CAPTCHA verification. Passwords are hashed and never stored in plain text. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.
Your Rights
You have the right to:
- •Request access to the personal data we hold about you
- •Request correction of inaccurate personal data
- •Request deletion of your account and associated personal data
- •Opt out of non-essential data collection by disabling cookies in your browser
To exercise these rights, please contact us.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.
Contact Us
If you have questions about this Privacy Policy, please contact us.