Privacy Policy

Last updated: April 17, 2026 · Effective: April 17, 2026

Food Run ("we", "our", "us") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our mobile application and website (foodrunpk.com) — collectively "the Service".

1. Information We Collect

We collect the following categories of information:

Account information: Name, mobile number, email address, profile picture.
Location data: Your device's location (with your permission) to provide delivery services and show nearby restaurants/stores.
Order information: Items you order, delivery address, payment method, order history.
Payment information: Processed securely through Stripe. We do NOT store full card numbers on our servers.
Device information: Device model, OS version, app version, push notification tokens (FCM).
Usage data: Interactions with the app (screens visited, features used) for analytics.

2. How We Use Your Information

To process your orders and deliver them to your location.
To send order status updates via push notifications, SMS, or email.
To provide customer support and resolve complaints.
To improve our services through analytics and feedback.
To detect and prevent fraud, abuse, and unauthorized access.
To comply with legal obligations and respond to lawful requests.

3. Information Sharing

We do NOT sell your personal information. We share data only with:

Delivery riders: Your name, delivery address, and phone number to complete the delivery.
Vendors/Restaurants: Order details so they can prepare your items.
Payment processors: Stripe (for card payments) — governed by their own privacy policy.
Service providers: Firebase (analytics, push notifications), Supabase (database hosting), Google Maps (location services).
Legal authorities: When required by law or court order.

4. Data Security

We implement industry-standard security measures:

All data transmission uses HTTPS/TLS encryption.
Passwords are hashed using SHA-256 with salting (we never store raw passwords).
Authentication tokens stored in secure encrypted storage on your device.
Database access protected by Row Level Security (RLS) policies.
Regular security audits and updates.

5. Your Rights

You have the right to:

Access the personal data we hold about you.
Request correction of inaccurate data.
Request deletion of your account and all associated data.
Opt out of marketing communications.
Withdraw consent for location tracking at any time.

To exercise any of these rights, email us at privacy@foodrunpk.com.

6. Data Retention

We retain your personal information for as long as your account is active, or as needed to provide services and comply with legal obligations. When you delete your account, we delete or anonymize your data within 30 days, except where we are legally required to retain it.

7. Children's Privacy

Food Run is not intended for users under 13 years of age. We do not knowingly collect data from children. If you believe we have collected data from a child, please contact us immediately.

8. Third-Party Links

Our Service may contain links to third-party websites (e.g., restaurant menus). We are not responsible for the privacy practices of those websites.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via in-app notification or email. Continued use of the Service after changes constitutes acceptance.

10. Contact Us

For privacy concerns, questions, or to exercise your rights, contact us at: