Legal

Privacy Policy

Effective date: April 10, 2026  ·  Last updated: April 10, 2026

Catalog ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains what personal information we collect when you use our website and services, how we use it, with whom we share it, and what rights you have over it. By using Catalog, you agree to the practices described in this policy.

This policy should be read alongside our Terms of Service, which govern your overall use of the platform.

1. Information We Collect

We collect only the minimum personal information required to provide and improve our Service. Specifically:

Full Name

We collect your full name when you register for an account. This is used to identify you within the platform, personalise your experience, and display your identity to users you interact with (such as friends and followers).

Email Address

We collect your email address during registration. We use it to authenticate your account, send you essential service communications (such as password resets and account notifications), and, where you have opted in, to send you product updates and announcements. We will never sell your email address to third parties.

We do not collect payment information, precise location data, phone numbers, or any government-issued identification. We do not use tracking pixels or third-party advertising cookies.

2. Information You Provide Through Use of the Service

Beyond registration data, you may choose to provide additional information by using our features:

  • Restaurant logs & visits — records of restaurants you have marked as visited, including optional ratings and notes.
  • Reviews — written reviews and ratings you post publicly on restaurant pages.
  • Saved places — restaurants you have bookmarked for future visits.
  • Lists — curated collections of restaurants you create and optionally share.
  • Social connections — friend requests and follow relationships you initiate.

This information is associated with your account and used to provide core platform functionality. Public content (such as reviews and public lists) may be visible to other users.

3. How We Use Your Information

We use the information we collect to:

  • Create and manage your account and authenticate your identity.
  • Provide, operate, and improve the Catalog platform and its features.
  • Send transactional emails such as password reset links and account security alerts.
  • Respond to your support enquiries and feedback.
  • Detect, investigate, and prevent fraudulent or abusive activity.
  • Comply with applicable legal obligations under Indian law.

We do not use your personal information for automated decision-making or profiling that produces legal or similarly significant effects. We do not sell your data.

4. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share it only in the following limited circumstances:

Service Providers

We use trusted third-party providers (such as our cloud database host, Supabase) to operate the Service. These providers access your data only to perform services on our behalf and are contractually bound to protect it.

Legal Requirements

We may disclose your information if required to do so by law, court order, or governmental authority in India, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.

Business Transfers

If Catalog is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our platform before your data becomes subject to a different privacy policy.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Service. If you delete your account, we will delete or anonymise your personal information within 30 days, except where we are required to retain it for legal or legitimate business purposes (for example, to resolve disputes or comply with legal obligations). Aggregated, anonymised usage data may be retained indefinitely.

6. Data Security

We take reasonable technical and organisational measures to protect your personal information from unauthorised access, loss, misuse, or alteration. These measures include encrypted data transmission (TLS/HTTPS), secure credential storage using industry-standard hashing, and access controls that limit who within our team can access personal data. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

7. Your Rights

You have the following rights regarding your personal information:

  • Access — request a copy of the personal information we hold about you.
  • Correction — request that we correct inaccurate or incomplete information.
  • Deletion — request that we delete your personal information.
  • Portability — request that we provide your data in a structured, machine-readable format.
  • Objection — object to certain uses of your data, including direct marketing.
  • Withdrawal of consent — where processing is based on your consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at info@catalogapp.in. We will respond within 30 days. We may need to verify your identity before processing your request.

8. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make material changes, we will update the "Last updated" date at the top of this page and, where required, notify you by email or via a prominent notice within the Service. We encourage you to review this policy periodically. Your continued use of Catalog after any changes take effect constitutes your acceptance of the updated policy.

9. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Catalog

Email: info@catalogapp.in

We aim to respond to all privacy-related enquiries within 30 days.