Skip to content
Start free
Menu
← Home

Privacy Policy

Last updated · 2026-04-16

What data DineRoute collects, why we collect it, and how customers can exercise their rights under GDPR, CCPA, and other applicable laws.

1. Summary

DineRoute provides branded routing pages and attribution infrastructure for restaurant ad campaigns. We process limited personal data necessary for advertising analytics on behalf of our restaurant customers, who are the data controllers of end-customer data.

2. Data we collect

  • Account data: name, work email, company, role — collected at signup.
  • Billing data: processed by Stripe; we store only customer IDs and invoice metadata.
  • End-customer event data: IP address, user agent, Facebook Click ID (fbc), Facebook Browser ID (fbp), page URL, tapped platform, device fingerprint hash.
  • Optional: email or phone if the restaurant collects those fields on their routing page.

3. Why we process it

  • Fire accurate ad-platform events (Meta CAPI, Google Ads, TikTok Events API) so our customers can optimize their campaigns.
  • Provide aggregated reporting in the DineRoute dashboard.
  • Detect click fraud and bot traffic.
  • Operate the service (billing, support, security).

4. Legal bases (GDPR)

  • Contract: account and billing data.
  • Legitimate interest: fraud prevention, security, product analytics.
  • Consent: end-customer tracking where required by local law. Restaurants are responsible for obtaining consent before placing DineRoute routing pages in consent-region markets.

5. Retention

  • Event payloads: 90 days.
  • Match artifacts (event_id, platform, timestamp, value): 25 months to support Meta's attribution windows.
  • Account and billing records: as long as the account is active, plus seven years for tax purposes.

6. Subprocessors

Material subprocessors include: AWS (hosting), Stripe (billing), Resend (transactional email), Meta, Google, TikTok, and Pinterest (receiving our server-side events). A current list is available on request or in our DPA.

7. Your rights

You may request access, correction, deletion, or portability of your data by emailing privacy@dineroute.com. End-customers of our restaurant customers should route requests through the restaurant directly; we will assist.

8. Contact

privacy@dineroute.com