Privacy Policy

Last Updated: April 2, 2026

Introduction

Dining Buddy is a restaurant discovery service for the Greater Toronto Area, operated by Dining Buddy Inc. This Privacy Policy explains how we collect, use, and protect your information when you use our service. We are committed to transparency about our data practices while maintaining a simple, user-friendly experience. If you have any questions about this policy, please contact us at contact@diningbuddy.ca.

Information We Collect

We collect the following categories of information to provide and improve our restaurant discovery service:

Waitlist and Admission Information

When you join our waitlist, we collect and store:

Email address — stored in encrypted form and as a one-way hash for verification. Your email is never stored in plain text in our database.
Dining intent (optional) — what you are looking for in a restaurant discovery tool.
Consent records — whether you opted into marketing communications, the consent text shown to you, your IP address at the time of consent, and the form version. These records are retained for legal compliance.
Admission status — your position in the waitlist lifecycle (waitlisted, admitted, or paused).
Referral source — how you found the waitlist (e.g., homepage).
Browser visitor identifier — an anonymous identifier from your browser, used to attribute your signup to a referral source (e.g., a link you followed to reach the waitlist).

Conversations and Search Data

When you use our AI-powered restaurant search:

Search queries and chat messages are stored with a pseudonymous visitor identifier (not linked to your name or email).
Conversation history — your messages and AI responses are retained to provide context within a session and to improve search quality over time.
Query analytics — parsed search intent, filter criteria, and result sets are recorded to measure and improve recommendation accuracy.
Feedback votes — upvotes and downvotes on messages and restaurant suggestions.

Visitor Identifiers

We assign a randomly generated anonymous identifier (visitor ID) that is stored in your browser's local storage. This identifier:

Is not linked to your name, email, or any account
Allows us to associate your conversations and analytics within a single browser
Captures first-touch referral information (UTM source, medium, and campaign) to understand how visitors find our service

Analytics and Technical Data

Website analytics — We use Google Analytics 4 (GA4) to understand how visitors use our service, including page views, search events, and interaction patterns. GA4 uses cookies to collect usage data. See the Analytics section below for details and opt-out options.
IP addresses — Used for rate limiting to prevent abuse. IP addresses are transient (held in memory during your session) except where stored as part of a consent record (e.g., the IP address recorded when you submit the waitlist signup form).
API cost tracking — We record internal cost metrics for AI and search API calls to maintain service sustainability. These records are associated with conversation identifiers, not personal information.

Browser-Stored Preferences

Your theme preference (light or dark mode) is stored locally in your browser and never sent to our servers.

Dining Buddy does not maintain traditional user accounts with passwords or profile information. Access to the chat feature is controlled through a waitlist admission process that uses a secure browser cookie — this is not a full account system and does not create a persistent user profile.

How We Use Your Information

We use the information we collect for the following purposes:

Providing personalized restaurant recommendations based on your search criteria and location
Processing waitlist signups and managing admission to the beta
Sending transactional emails (waitlist confirmation, admission notification) and, if you opted in, marketing communications
Improving search quality and AI response accuracy through query analytics and feedback
Preventing abuse through rate limiting
Tracking internal API costs to maintain service sustainability
Understanding how visitors find and use our service through analytics

Cookies and Local Storage

Cookies

Admission cookie (admission_token) — When you are admitted to the beta and verify your email, we set a secure, HTTP-only cookie to confirm your admission status on subsequent visits. This cookie contains a signed token and expires after 90 days. It is a functional cookie necessary to access the chat feature; no separate consent is required under PIPEDA for functional cookies.
Google Analytics cookies — GA4 sets cookies to distinguish unique visitors and track sessions. These cookies are only set after you accept analytics tracking via the consent banner. You can withdraw consent at any time using the Cookie Preferences link in the site footer, or opt out permanently by installing the Google Analytics Opt-out Browser Add-on.

Local Storage

We store the following in your browser's local storage:

Visitor identifier (db_visitor_id) — A randomly generated identifier used to associate your conversations and analytics within a single browser.
Referral data (db_visitor_utm_source, db_visitor_utm_medium, db_visitor_utm_campaign) — First-touch referral information captured when you first visit our site.
Analytics consent (db_analytics_consent) — Your choice to accept or decline Google Analytics tracking. Stores granted or denied. Absent means no decision has been recorded and the consent banner will reappear on your next eligible visit to the homepage, privacy page, or terms page.
Theme preference — Your light or dark mode setting (never sent to our servers).

You can clear local storage at any time through your browser settings. Doing so will generate a new visitor identifier on your next visit and will not affect your admission status (which is stored in a cookie).

Third-Party Services

To provide our service, we use the following third-party providers. Your data may be processed in the locations indicated:

Supabase — Database hosting and backend services (Canada/United States)
Vercel — Web application hosting and content delivery (United States)
Anthropic — Primary AI language model for restaurant search conversations (United States)
OpenAI — Search embeddings and supplementary AI processing (United States)
Perplexity — Web search augmentation for restaurant information discovery (United States)
Resend — Email delivery for waitlist and admission notifications (United States)
Google Analytics — Website usage analytics (United States)
Google Maps Platform — Location geocoding to resolve neighborhood and area references in search queries (United States)

Conversation queries are routed through a self-hosted AI orchestration layer operated by Dining Buddy Inc. in Canada before reaching the AI providers listed above.

Each provider listed above operates under its own privacy policy. We encourage you to review those policies for details on how your data may be handled by each provider.

AI-Powered Features

Dining Buddy uses artificial intelligence to process your restaurant search queries and generate recommendations. Your conversation messages are sent to third-party AI providers (currently Anthropic and OpenAI) for processing.

Your conversations and search queries are not used to train AI models. The AI providers we use process your queries to generate responses and do not retain your data for model training purposes. This is consistent with our Terms of Service.

Analytics

We use Google Analytics 4 (GA4) to understand how visitors use our service. GA4 collects usage data including page views, search events, interaction patterns, and approximate geographic location. GA4 uses cookies and may collect device and browser information.

Your consent is required before GA4 uses analytics cookies or persistent analytics storage. When you first visit the Dining Buddy homepage, privacy page, or terms page, a banner asks whether you accept or decline analytics tracking. We implement Google Consent Mode v2, which keeps analytics storage disabled by default. If you decline, Google may still receive cookieless pings such as page path, device type, browser, and country for aggregate reporting, but analytics cookies and persistent analytics storage remain disabled until you explicitly accept.

You can change your analytics preference at any time using the Cookie Preferences link in the site footer on those pages. Clicking it clears your stored choice and re-shows the consent banner. You can also opt out by installing the Google Analytics Opt-out Browser Add-on.

Data Retention

Conversation data, query analytics, and feedback are retained indefinitely to improve our service. Waitlist records (including consent artifacts) are retained for the duration of the beta program and as required for legal compliance. There is no automatic deletion process at this time.

If you would like your data deleted, please contact us at contact@diningbuddy.ca with your request and we will process it within 30 days.

Your Rights

Under Canadian privacy law (PIPEDA), you have the following rights:

Access: Request a copy of any personal information we hold about you.
Correction: Request correction of inaccurate information.
Deletion: Request deletion of your data.
Withdrawal of consent: You may withdraw your consent for marketing communications at any time by using the unsubscribe link in any marketing email, or by contacting us directly.
Opt-out:You can stop using the service at any time. Clearing your browser's cookies and local storage will remove your admission cookie and visitor identifier.

To exercise any of these rights, contact us at contact@diningbuddy.ca. We will respond to your request within 30 days.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page. Continued use of our service after any changes constitutes acceptance of the updated policy.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: contact@diningbuddy.ca
Mail: Dining Buddy Inc., 313-158 Front St E, Toronto, ON M5A 0K9, Canada