Privacy policy
2026-05-30
MYCHEFS (operated by VARCAVIA) respects your privacy. This policy describes what we collect, how we use it, and your rights under GDPR and Florida (US) law.
1. Data we collect
Email, full name, phone (optional), avatar (optional). Operational data: shifts, tips closures, inventory counts, chat messages. All within the restaurant scope you create.
2. How we use data
Solely to deliver the service. No advertising, no third-party sharing, no analytics tracking. We use Cloudflare for DNS and Vercel for static hosting.
3. Legal basis (GDPR)
Consent (account creation) + contractual necessity (delivering the service).
4. Data retention
Account data: until you delete it. Encrypted backups: 7d daily / 4w weekly / 6mo monthly on Cloudflare R2 (EU region available on request).
5. Your rights
Access, rectify, delete, port. Email hello@mychefs.app or use the in-app Delete Restaurant button (Settings → manager only).
6. Cookies
We only use essential session cookies (JWT auth). No tracking cookies. Privacy-friendly analytics: Cloudflare Web Analytics (no cookies, aggregate). Fonts self-hosted (no Google Fonts CDN).
7. Children
Service is not intended for users under 16. Restaurant staff context only.
8. Changes
We may update this policy. Material changes notified via email + in-app banner.
10. Sub-processors
To provide the service we rely on: Cloudflare (CDN, DNS, edge, Web Analytics, R2 backup); Vercel (PWA app hosting); Supabase (PostgreSQL database + auth, self-hosted Docker in production); Resend (transactional email). All sub-processors are GDPR-compliant.
11. Right to lodge a complaint
You have the right to file a complaint with a supervisory authority (Italian Garante Privacy: www.garanteprivacy.it) or with the supervisory authority of your EU country of residence.
12. Contact
Data controller: VARCAVIA. Contact hello@mychefs.app for privacy questions.