CateringOps

Privacy Policy

Last Updated: March 12th, 2025

Introduction

CateringOps (the "Service") is owned and operated by Blue Kestrel Corp. ("we," "us," or "our"). We value your privacy and are committed to protecting your personal data. This Privacy Policy (the "Policy") describes how we collect, use, disclose, and protect information that identifies or is associated with you ("personal data" or "personal information") when you use our website, our software-as-a-service platform, and any related services (collectively, the "Platform").

Who we are
• Business Name: Blue Kestrel Corp.
• Address: 1407-150 East Liberty St., Toronto, ON M6K 3R5, Canada
• Email: info@cateringops.com

For the purposes of data protection law, Blue Kestrel Corp. is the "data controller" of your personal data, unless otherwise noted or where our role is that of a "data processor" acting on behalf of our customers.

Scope of This Policy

This Policy applies to any personal data we collect from you when you:

  • Visit our website or sign up for a CateringOps account.
  • Use our Platform—including our AI-powered features—to manage your catering business, menus, orders, or other business operations.
  • Communicate with us in any manner (e.g., via email, customer support, or in-platform messaging).

By using our Platform, you acknowledge that you have read and understood this Policy. If you do not agree, please discontinue your use of our Platform.

Information We Collect

CateringOps can store a variety of information to help you manage and document your catering business. Below is an overview of the types of data we might collect or store on your behalf.

1. Account & Profile Data

  • Name and Contact Info: Such as first name, last name, email address, phone number, and company details.
  • User Credentials: Username, password, or other authentication details (collected through our authentication provider).
  • Company Information: Legal business name, industry, subscription tier, or payment-related IDs.

2. Business Operations Data

  • Menu Information: Menu items, descriptions, prices, categories, and dietary information.
  • Order Data: Customer orders, preferences, special requests, delivery details, and order history.
  • Customer Information: Customer names, contact details, preferences, and order history.

3. Financial & Subscription Data

  • Subscription Tiers: Information on permissible user counts, products, and other feature limits.
  • Payment Data: References to payment processors or subscription management systems (e.g., a customer ID), though full payment card details are not stored by CateringOps.

4. Communications

  • Customer Support & Feedback: Details you submit when contacting us, reporting issues, or requesting assistance.

Use of AI and Automated Decision-Making

1. Data Processed by AI

  • Input Data: When you use our AI Features, relevant data (e.g., menu items, customer preferences, order patterns) may be processed by our models.
  • Purpose: The AI processes this information to generate insights, recommendations, or other automated outputs intended to help streamline your catering operations.

2. Third-Party AI Providers

  • We may rely on third-party AI service providers or cloud-based platforms to process data on our behalf.
  • We share only the minimum data necessary to perform AI-related tasks.
  • Data may be transferred to countries outside your place of residence, subject to appropriate safeguards under applicable data protection laws.

3. Data Retention & Security in AI

  • Retention: Unless a longer retention is required by law, data used for AI processing is typically kept only as long as necessary to generate the requested output or improve our models.
  • Security Measures: We use technical and organizational measures to protect data processed by our AI Features, including encryption in transit and, where possible, pseudonymization or anonymization.

4. Automated Decision-Making

  • Our AI Features may offer recommendations or automated analyses. However, final decisions remain at your discretion. AI-generated outputs should not be treated as professional advice.
  • If you believe an AI output significantly impacts your rights, you may have the right to request human review or object to automated decision-making, depending on your jurisdiction.

How We Use Your Information

We use personal data for the following purposes:

1. Service Provision

  • To operate and maintain our Platform and its AI-driven features, manage user accounts, authenticate logins, and provide customer support.

2. Business Operations

  • To store, organize, and display the data you input (e.g., menu items, customer orders, catering events), and to run analytics or process documentation for your business operations.

3. Payment Processing

  • To manage billing and subscription renewals, if applicable.

4. Communications

  • To send you administrative or account-related messages (e.g., service updates, policy changes).
  • To respond to your inquiries and provide customer service.

5. Analytics & Improvements

  • To analyze usage trends, troubleshoot errors, and enhance the functionality, security, and performance of our Platform, including our AI Features.
  • To develop new features or services.

6. Legal Compliance & Security

  • To comply with applicable laws and regulations, respond to legal requests, and protect our rights and the safety of our users.
  • To detect and prevent fraud, abuse, or security issues.

Legal Bases for Processing (If Applicable)

For users in jurisdictions requiring a legal basis for data processing (e.g., GDPR in the European Union):

  1. Consent: Where you have given explicit consent (e.g., for marketing emails or specific AI processing).
  2. Contract: Where processing is necessary for the performance of our contractual obligations to you.
  3. Legitimate Interests: Where it is in our legitimate interests to improve our services, provided your rights and interests do not override these interests.
  4. Legal Obligations: Where processing is required to comply with legal or regulatory requirements.

How We Share Your Information

Our goal is to provide a secure, feature-rich platform for managing your catering business. As part of delivering these services, we rely on trusted vendors and partners to help with everything from infrastructure support to compliance assistance. In certain limited circumstances, we may also need to transfer data during corporate transactions or when legally compelled. Finally, and only with safeguards in place, we may share or sell data to selected third parties who can offer relevant solutions that align with your operational goals. Below we outline the main scenarios in which we share information:

1. Service Providers

We work with reputable third-party vendors (e.g., Supabase, Stripe, hosting companies, payment processors, AI service providers) that assist us in maintaining, developing, and improving the CateringOps Platform. These service providers are permitted to access or use your data only as needed to perform their designated functions and must comply with strict privacy obligations.

2. Business Transfers

In the event of a merger, acquisition, financing, or sale of assets, user data (including personal data) may be disclosed or transferred as part of that transaction. We require that any acquiring entity continue to protect user data in a manner consistent with this Policy.

3. Legal Requirements & Protection

We may disclose certain information if we believe it is required by law, regulation, or valid legal process (e.g., a court order or subpoena). Additionally, we may release data if we believe disclosure is necessary to protect our rights, ensure the safety of our users, investigate fraud, or respond to a government request.

4. With Your Consent

Where legally necessary or in specific circumstances, we will seek your explicit permission before sharing your data. This could include instances where you request integrations with third-party tools or services that require data exchange.

5. Business & Marketing Partnerships

  • Relevant Opportunities & Offers: From time to time, we may share or sell certain user data to carefully selected vendors, suppliers, or other strategic partners who offer products or services that may help enhance your catering business. These partners may then contact you directly with tailored proposals or insights.
  • Types of Shared Data: In most cases, this sharing focuses on non-sensitive information such as your company's name, industry type, or other operational characteristics that help partners determine whether their offerings are relevant to you.
  • Your Preferences: Depending on local regulations, you may have the right to opt out of data sharing or selling for marketing purposes. Please see the "Your Rights and Choices" section for information on managing your preferences.

International Data Transfers

Our servers and service providers may be located in countries other than your own. By using our Platform, you consent to the transfer of your personal data to these jurisdictions, which may have different data protection laws than your country of residence. We take steps to ensure any cross-border data transfers comply with applicable regulations (e.g., using Standard Contractual Clauses).

Data Retention

We retain your personal data only as long as necessary to fulfill the purposes outlined in this Policy, including for the duration of your subscription or ongoing relationship with CateringOps. We may retain data to comply with legal obligations, enforce agreements, or resolve disputes. When data is no longer needed, we will securely delete or anonymize it.

Security Measures

We implement administrative, technical, and physical safeguards to help protect the data within our Platform, including:

  • Secure hosting environments and encrypted transfers (HTTPS).
  • Access controls and authentication mechanisms for user accounts.
  • Periodic assessments of system vulnerabilities and staff training on data protection.

No system can be entirely secure, and we cannot guarantee the absolute security of your personal data.

Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal data, such as:

  • Access: Request a copy of the personal data we hold.
  • Rectification: Ask us to correct inaccuracies.
  • Erasure: Request deletion of your personal data in certain circumstances.
  • Restriction: Request that we limit our use of your personal data.
  • Data Portability: Obtain a copy of your personal data in a portable format.
  • Withdraw Consent: If processing is based on consent, you can withdraw it at any time.
  • Opt-Out: You can opt out of marketing or certain data uses by emailing us or adjusting your account preferences.

To exercise these rights, please contact us at info@cateringops.com. We will handle requests in accordance with applicable data protection laws.

Children's Privacy

Our Platform is not directed to individuals under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a minor, please contact us so we can delete it.

Third-Party Links

Our Platform may include links to external websites or services that we do not control. This Policy does not apply to the privacy practices of those third-party sites. We encourage you to review the privacy policies of any external websites you visit.

Updates to This Policy

We may update this Policy from time to time to reflect changes in our practices, technologies, or legal requirements. If we make material changes, we will provide notice via email or through the Platform. Your continued use of the Platform after any update constitutes acceptance of the revised Policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Blue Kestrel Corp. (CateringOps)
1407-150 East Liberty St.
Toronto, ON M6K 3R5, Canada
Email: info@cateringops.com