Privacy Policy for Popcorn

Last updated: March 15, 2026 · Version 1.1

This policy explains how InsightsHub ("we") collects, uses, and protects personal data in connection with the Popcorn service.

1. Data Controller

For restaurant owner data (account, contact info): InsightsHub is the Data Controller.
For guest feedback: The restaurant is the Data Controller, InsightsHub is the Data Processor (see DPA in Terms of Service).

2. What Data We Collect

Restaurant owners (account holders):

Data	Purpose	Legal Basis
Name	Identification, communication	Contract
Email address	Login (Magic Link), communication	Contract
Business name and type	Providing the service	Contract
City/country	Adapting the service (language, currency)	Contract
IP address at registration	Security, abuse prevention	Legitimate interest

Guests (feedback providers):

Data	Purpose	Legal Basis
Feedback responses (rating, choices, free text)	Providing the service	Legitimate interest (restaurant's)
Language setting	Display form in correct language	Legitimate interest
IP address	Security, rate limiting	Legitimate interest
Device type (user-agent)	Technical troubleshooting	Legitimate interest

Important: Guest feedback is collected anonymously. We do not request names, email addresses, or other directly identifying information from guests in the standard flow. IP addresses are stored temporarily for security purposes.

3. How We Use the Data

Provide and maintain the Popcorn service
Send transactional messages (login codes, welcome emails)
Protect against abuse and spam
Create anonymized industry insights (aggregated data where no individual can be identified)
Improve service features and AI models

We never sell personal data to third parties.

4. Sub-processors

We use the following services to provide Popcorn:

Service	Purpose	Location
Railway	Web hosting, database (PostgreSQL)	EU (Amsterdam)
Cloudflare R2	File storage (image uploads)	EU
Resend	Transactional email	EU/US
Google Places API	Restaurant search (autocomplete)	EU/US
Upstash	Redis (rate limiting, sessions)	EU
Sentry	Error tracking, performance monitoring (PII scrubbed)	EU/US
Anthropic (Claude)	AI assistant for venue insights (Copilot)	US (SCC)

All sub-processors are bound by agreements ensuring at least the same level of protection as this policy.

5. Storage and Deletion

Account data: Stored as long as the account is active. Upon termination, data is deleted within 30 days.
Guest feedback: Stored as long as the restaurant's account is active. Anonymized, aggregated data may be retained after deletion.
IP addresses: Stored temporarily (max 90 days) for security purposes.

6. Your Rights (GDPR)

As a data subject, you have the right to:

Access your personal data (Art. 15)
Rectify inaccurate data (Art. 16)
Request deletion ("right to be forgotten") (Art. 17)
Restrict processing (Art. 18)
Receive your data in machine-readable format (data portability, Art. 20)
Object to processing based on legitimate interest (Art. 21)
Lodge a complaint with the supervisory authority (Datatilsynet, datatilsynet.no) if you believe your rights are not being respected (Art. 77, Art. 13(2)(d))

7. Security

We protect your data through:

Encryption in transit (TLS/HTTPS)
Encryption at rest (database storage)
Role-based access control
Rate limiting and abuse prevention
Regular security review of the codebase

8. Cookies and Tracking

Popcorn does not use third-party cookies or tracking services. We use technically necessary cookies (session cookies) to authenticate logged-in users.

9. Changes to This Policy

We may update this policy. Material changes are communicated via email at least 30 days in advance.

10. Contact

InsightsHub
Privacy inquiries: privacy@popcornfeedback.com
General support: support@popcornfeedback.com