Privacy-first catering & ordering

Privacy Policy

This explains what we collect, why we collect it, and how you can control your information.

Last updated: 03 Oct 2025

Overview

AfroEat Grills (“AfroEat”, “we”, “us”) provides festival food service, private catering, and online ordering. This policy covers data collected via our website, booking forms, event communications, and customer reviews.

We collect only what we need to deliver quotes, cater safely (including allergy notes you choose to share), process orders, and keep the site secure. We do not sell your personal data.

Contact

Email: hello@afroeatgrills.com
Tel: (+44) 0749 8367 192
Trading entity: Afroeat LTD.

For privacy requests, email privacy@afroeatgrills.com.

What we collect & why

  • Contact details (name, email, phone, city) — respond to enquiries, quotes & bookings. (Contract; Legitimate Interests)
  • Event details (date, venue, headcount, dietary/allergen info you provide) — safe menu planning & logistics. (Contract; Legitimate Interests; vital interests for allergen safety)
  • Account/auth (Google basic profile or hashed password) — sign-in and admin access.
  • Orders, reviews & photos — show menus, manage reviews, improve services. (Consent for public display)
  • Technical data (IP, device, pages, cookies) — site security and performance.
  • Payments (via processor; no full card storage by us) — take payment & issue refunds.
Share only allergy info you’re comfortable sharing. Always check with staff at events.

Where data comes from

  • You (forms, email, WhatsApp, phone).
  • Auth providers you choose (e.g., Google).
  • Payment processors (status/metadata).
  • Public posts you tag us in (with permission to repost).

How we share

We don’t sell data. We use trusted processors under contract:

  • Hosting & DB: Vercel, MongoDB Atlas
  • Storage: AWS S3
  • Auth: NextAuth (Google if chosen)
  • Email: Resend
  • Payments: Stripe (or equivalent)
  • Security/Logs: Basic server logs & monitoring

We may disclose data if required by law, to protect rights/safety, or during a business transfer.

International transfers

Data may be processed outside the UK/EEA (e.g., US). We rely on safeguards like Standard Contractual Clauses, provider addenda, and transfer risk assessments where applicable.

Cookies & similar tech

  • Strictly necessary cookies for sign-in and security.
  • Optional (e.g., analytics) set with your consent where required.

How long we keep data

  • Accounts: while active (limited security logs retained).
  • Enquiries & bookings: typically up to 24 months.
  • Orders/payments: up to 6 years (tax/audit).
  • Reviews: while published; minimal audit trail on removal.

Your rights

Depending on your location, you may access, correct, delete, port, restrict or object, and withdraw consent. Contact privacy@afroeatgrills.com. You can also complain to your data authority (e.g., ICO in the UK).

Children

Our services aren’t directed to children under 13 (or under 16 in the EU/UK without guardian consent). If a child provided data, contact us to delete it.

Security

  • HTTPS everywhere; least-privilege access.
  • Hashed passwords for email/password accounts.
  • Vendor security addenda and periodic reviews.

No method is 100% secure, but we aim for industry best practices.

Reviews & user content

Submitting a review grants us permission to display it on our site and marketing channels. We moderate and may remove anything unlawful, harmful, or spammy.

Changes to this policy

We’ll update this page when practices change; material updates will be highlighted. Questions? Email privacy@afroeatgrills.com.

This is informational and not legal advice. Consider independent legal guidance for your jurisdictions.

Your data, your call.

Want a copy of your data or to delete your account? We’ll help.

Request dataErase my data