Legal

Privacy Policy

Last updated: July 14, 2026

1. Introduction

BitePass ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including our website and school meal management services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of the Service.

2. Information We Collect

We may collect the following types of information:

  • Account Information: Name, email address, role (student, parent, staff, administrator), and school affiliation provided during registration.
  • Student Data: Meal selections, attendance records, and QR check-in activity associated with student accounts.
  • Usage Data: Browser type, device information, IP address, pages visited, and interaction patterns within the Service.
  • Communications: Information you provide when contacting us via email or other channels.

3. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the Service
  • Process meal selections and attendance tracking
  • Generate attendance predictions and waste analytics
  • Send administrative notifications (meal reminders, weekly summaries)
  • Improve and personalize the user experience
  • Ensure security and prevent unauthorized access
  • Comply with legal obligations

4. Information Sharing

We do not sell, trade, or rent your personal information to third parties. We may share information in the following limited circumstances:

  • With school administrators who oversee accounts within their institution
  • With parents/guardians regarding their linked children's activity
  • When required by law or to protect our legal rights

5. Data Security

We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, role-based access controls, and regular security audits. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. School administrators may request deletion of their institution's data at any time. Upon account termination, we will delete or anonymize personal data within 30 days, except where retention is required by law.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate data
  • Request deletion of your personal data
  • Object to or restrict processing of your data
  • Data portability — receive your data in a structured, machine-readable format
  • Withdraw consent at any time

To exercise any of these rights, contact us at hello@bitepass.app.

8. Children's Privacy

The Service is designed for use in educational settings and may involve data related to minors. We comply with applicable children's privacy laws including COPPA and FERPA. Student accounts are managed by school administrators, and we collect only the minimum data necessary to operate the Service. We do not use student data for advertising or profiling.

9. International Data Transfers

Your information may be processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses where required by applicable law.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at: