Privacy Policy

This policy explains what data we collect, why we collect it, and how we use it. We believe in being transparent about data practices.

1. Who We Are

Nibble is a trading name of Clerky Limited, a company registered in Ireland with company registration number 557553. Our registered office is Newtown, Rathcoole, Co. Dublin. VAT number: IE3372058PH.

Nibble provides online ordering software for independent food businesses. When we say "we", "us", or "Nibble", we mean Clerky Limited trading as Nibble.

Contact: hello@nibble.ie

2. What Data We Collect

From Merchants (Food Businesses)

When you create a Merchant account, we collect:

Account information: Name, email address, password (encrypted), phone number
Business information: Business name, address, business type, logo
Menu data: Items, descriptions, prices, images, categories
Payment information: Bank account details for payouts (stored securely by our payment providers)
Order data: Orders received, order history, revenue data

From Customers (People Placing Orders)

When you place an order, we collect:

Contact information: Name, phone number, email address
Order details: Items ordered, special requests, order time
Payment information: Card details are processed by Stripe or SumUp - we don't store full card numbers

Customers don't need to create an account to place orders. We identify returning customers by phone number or email to show order history.

Automatically Collected Data

When you use Nibble, we automatically collect:

Device information: Browser type, operating system, device type
Usage data: Pages visited, features used, time spent
IP address: Used for security and approximate location
Cookies: See our Cookies section below

3. How We Use Your Data

For Merchants

Provide and improve our ordering platform
Process payments and pay out your earnings
Send order notifications and important updates
Provide customer support
Generate reports and analytics about your orders
Detect and prevent fraud
Comply with legal obligations

For Customers

Process and fulfil your orders
Send order confirmations and updates (via SMS or email)
Show your order history (if you provide the same phone/email)
Detect and prevent fraudulent orders
Improve our service

4. Who We Share Data With

Merchants and Customers

When a Customer places an order, the Merchant receives the Customer's name, phone number, and order details to fulfil the order. Merchants are responsible for how they use this data.

Payment Providers

We use Stripe and SumUp to process payments. They receive payment information necessary to process transactions. See their privacy policies:

Communication Services

We use Twilio for SMS notifications and Postmark for email. They process phone numbers and email addresses to deliver messages.

Hosting and Infrastructure

Our service runs on cloud infrastructure providers who store and process data on our behalf under strict data processing agreements.

Legal Requirements

We may share data if required by law, legal process, or to protect the rights, property, or safety of Nibble, our users, or others.

5. Data Retention

Merchant accounts: Data retained while account is active, plus 7 years after closure for legal/tax purposes
Order data: Retained for 7 years for tax and legal compliance
Customer contact data: Retained for 3 years from last order, or until deletion requested
Usage logs: Retained for 90 days

6. Your Rights (GDPR)

Under GDPR, you have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate data
Erasure: Request deletion of your data (with some exceptions)
Restriction: Limit how we use your data
Portability: Receive your data in a portable format
Object: Object to certain processing of your data

To exercise these rights, contact us at hello@nibble.ie. We'll respond within 30 days.

7. Cookies

We use cookies for:

Essential cookies: Required for the site to function (login sessions, security)
Preference cookies: Remember your settings (dark mode, language)
Analytics cookies: Help us understand how the site is used

You can control cookies through your browser settings. Blocking essential cookies may prevent some features from working.

8. Security

We protect your data with:

Encryption in transit (HTTPS/TLS)
Encryption at rest for sensitive data
Secure password hashing
Regular security updates
Access controls and audit logs

No system is 100% secure. If we discover a breach affecting your data, we'll notify you as required by law.

9. International Transfers

Your data may be processed in countries outside the EEA. When this happens, we ensure appropriate safeguards are in place (such as Standard Contractual Clauses) to protect your data.

10. Children

Nibble is not intended for children under 16. We don't knowingly collect data from children. If you believe a child has provided us data, please contact us.

11. Changes to This Policy

We may update this policy from time to time. We'll notify you of significant changes by email or through the service. The date at the top shows when this policy was last updated.

12. Contact Us

For privacy-related questions or to exercise your rights:

Clerky Limited (trading as Nibble)
Company Registration No. 557553
Registered office: Newtown, Rathcoole, Co. Dublin
Email: hello@nibble.ie

You also have the right to lodge a complaint with the Data Protection Commission (Ireland) or your local supervisory authority.