PRIVACY POLICY

Who we are

Firestone Country Smokehouse (“we,” “us,” or “our”) operates the online ordering platform at this website. This Privacy Policy explains what personal information we collect when you use our Service, how we use it, and your rights regarding that information.

Information we collect

When you place an order (guest checkout)

• — Your name and phone number (required to prepare and hand off your order)
• — Your order items, quantities, and total
• — A device identifier stored in your browser to let you reopen your order receipt
• — Payment transaction data processed by Pesapal (we never see or store your card details)

When you create an account

• — Your email address
• — Your full name (if provided during sign-up or from your Google profile)
• — An authentication record managed by Supabase Auth

When you sign in with Google

If you choose to sign in with Google, we receive your Google account email address and display name via OAuth 2.0. We do not receive your Google password, contacts, files, or any other Google account data. We use only what is necessary to create and identify your Smokehouse account.

Automatically collected data

• — Standard web server logs (IP address, browser type, pages visited) collected by Vercel, our hosting provider
• — Anonymised page-view analytics collected by Vercel Analytics
• — Browser push notification subscription tokens, stored only if you opt in to pickup-ready alerts

How we use your information

• — To fulfil your order: we use your name, phone, and order details to prepare your food and hand it off at the counter.
• — To process payment: your order total and a reference number are sent to Pesapal to initiate and verify payment.
• — To send pickup notifications: if you opt in, we send a browser push notification when your order is ready.
• — To operate your account: if you have an account, we use your email to authenticate you and associate your order history.
• — To improve the Service: aggregated, anonymised analytics help us understand which menu items are popular and how the app performs.

We do not use your data for advertising, and we do not sell or rent your personal information to any third party.

Third-party services

We rely on the following trusted third-party services to operate:

Data retention

Guest order records are retained for operational and legal purposes (tax records, dispute resolution). Account information is retained for as long as your account is active. Push notification subscription tokens are removed when they expire or become invalid. You can request deletion of your account and associated data at any time by contacting us.

Cookies and local storage

We use browser cookies to maintain your authenticated session (if you have an account). We uselocalStorage to remember your active guest order token and theme preference on your device. We do not use advertising cookies or third-party tracking cookies.

Your rights

You have the right to:

• — Access the personal data we hold about you
• — Correct inaccurate information in your account
• — Delete your account and associated personal data
• — Withdraw consent for push notifications at any time through your browser settings
• — Revoke Google access via your Google Account settings at myaccount.google.com/permissions

To exercise any of these rights, contact us via the Contact page.

Children's privacy

Our Service is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

Changes to this policy

We may update this policy as the Service evolves. Material changes will be reflected in the “Last updated” date above. Continued use of the Service after changes constitutes acceptance of the revised policy.

Contact us

For privacy questions or data requests, reach us via the Contact page. You can also review our Terms of Service.