Privacy Policy

Last updated: 21 May 2026 (placeholder — review before production)

Dam Bites ("we", "us") operates the Dam Bites mobile application and related services for discovering restaurants and loyalty rewards in Hartbeespoort, South Africa. This policy explains how we process personal information under the Protection of Personal Information Act, 2013 (POPIA) and applicable regulations.

Information we collect

• Account data: name, phone number, email address, and profile photo when you register via our authentication provider.
• Loyalty data: Harties Points balance, tier, visit history, vouchers, and QR check-ins at participating venues.
• Device data: push notification tokens and notification preferences you set in the app.
• User content: photos or gallery items you choose to upload.
• Technical data: app version, API requests, and security logs needed to operate the service.

How we use information

We use personal information to:

• Provide restaurant discovery, menus, events, and loyalty features;
• Send notifications you have opted into;
• Prevent fraud and secure our API;
• Comply with law and respond to lawful requests.

Location and proximity

Proximity-based alerts are not active in the current app release. If we enable location features in future, we will update this policy and request consent where required.

WhatsApp and third parties

Many bookings and takeaway orders are completed via WhatsApp with the restaurant directly. Messages sent on WhatsApp are processed by Meta and the venue, not stored as chat history inside Dam Bites unless you use in-app booking features we add later.

We use Clerk for authentication, Cloudflare for hosting, and Railway (or equivalent) for application databases. Each provider processes data under their own terms as processors or operators.

Retention and deletion

You may delete your account in the app under Profile → Legal & account → Delete account. This removes your profile, loyalty data, vouchers, notification settings, and related app records. Anonymised booking metadata may remain where required for venue operations.

Your rights (POPIA)

You may request access, correction, or deletion of personal information, object to certain processing, or lodge a complaint with the Information Regulator (South Africa). Contact us at privacy@dambites.app (update before go-live).

Children

The service is not directed at children under 18. Menus may list alcohol; venues are responsible for on-premise age verification.

Changes

We may update this policy and will post the new version on this page with a revised date.