Free Forever How It Works

Compare

Free Jobber Alternative Free Housecall Pro Alternative Free ServiceTitan Alternative Free Square Invoices Alternative Free QuickBooks Alternative Free Contractor Invoicing
Pricing About Us Contact Us
Sign in Start for free
Legal Infrastructure

Global Privacy Statement

Last Updated: June 2, 2026

At Menutize, we treat your business data as critical infrastructure. We are committed to transparency regarding the information we collect, how it is used to power your business, how it is secured, how long it is retained, and the rights you have over it.

1. Information We Collect

We collect information to provide our services, facilitate AI agent interactions, process payments, and — for customers using the Menutize Pulse bookkeeping module — to keep accurate financial records. This includes:

  • Account Information: Name, email, business details, and billing information.
  • Service Data: Your menu items, pricing, and availability schedules ("Menutized Data") which are structured for public API access.
  • Customer Data: Information about your end-customers (names, addresses, orders) strictly for the purpose of fulfilling bookings.
  • Financial Account Data (Pulse): If you connect a bank or credit card account through our integrated financial-data provider (Plaid), we receive transaction history, account balances, and institution and account identifiers. We use this data only to maintain your business books, produce financial reports for you, and reconcile your records.
  • Vendor Tax Data (Pulse): If you use 1099-NEC features, we collect and securely store W-9 information, including encrypted EIN/SSN.

2. AI Agent Interactions

A core feature of Menutize is the API Structured Data Layer. By using our platform, you acknowledge that:

  • Your public service menu, pricing, and availability are exposed via API to authorized AI agents (e.g., ChatGPT, Gemini) to facilitate automated booking.
  • We do not share your private customer lists, financial records, or internal notes with public AI models for training purposes.
  • Where AI is used to assist with bookkeeping (e.g., transaction categorization), data is processed by a contracted subprocessor under confidentiality terms and is not used to train public models.

3. Financial Data & Plaid

For customers who use Menutize Pulse, we partner with Plaid Inc. to connect to your financial institution. By connecting an account, you authorize Plaid to collect, transmit, and disclose to Menutize the financial information described above, governed by Plaid's Privacy Policy at plaid.com/legal.

  • We use Plaid data only to provide bookkeeping services to the account owner — recording journal entries, reconciling balances, generating reports, and supporting CPA review.
  • We do not initiate payments, move funds, sell financial data, or use it for advertising.
  • Access tokens issued by Plaid are encrypted at rest using application-level encryption and are deleted immediately when you disconnect an account.

4. Google Workspace API Data (Calendar Integration)

Menutize offers an optional integration with Google Calendar that lets you sync your Menutize orders, jobs, and appointments to your primary Google Calendar. To enable this feature, we request the following Google OAuth scopes:

  • https://www.googleapis.com/auth/calendar.events — to create, update, and remove calendar events that correspond to your Menutize jobs.
  • https://www.googleapis.com/auth/calendar.calendarlist.readonly — to identify your primary Google Calendar so events sync to the right place.

Limited Use commitment. The use and transfer of raw or derived user data received from Google Workspace APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, Google Workspace API data we receive:

  • Is used only to provide and improve the Google Calendar sync feature visible to you in the Menutize app — never for advertising, never to train AI or machine-learning models, and never sold to third parties.
  • Is not shared with any third party other than as required to provide the sync feature itself (e.g., calls to Google's own Calendar API on your behalf).
  • Is not accessed by Menutize employees except where explicitly required for security, fraud prevention, debugging at your request, compliance with applicable law, or aggregated/anonymized operational analytics.
  • OAuth refresh tokens are encrypted at rest using application-level encryption and are deleted immediately when you disconnect Google Calendar from your Menutize Settings.

You can revoke Menutize's access to your Google Calendar at any time by clicking "Disconnect Google Calendar" in your Menutize Settings, or by visiting your Google Account permissions page. Disconnecting immediately revokes our access tokens and stops all future syncs; previously-synced events remain in your Google Calendar and can be removed manually.

5. Data Security

We utilize enterprise-grade encryption (AES-256) for data at rest and TLS 1.2 or higher for data in transit. Sensitive credentials — including Plaid access tokens and encrypted vendor tax identifiers — receive an additional layer of application-level encryption. Payments are processed via PCI-DSS Level 1 compliant providers (Stripe/PayPal); Menutize never stores your raw credit card numbers. Access to production systems requires multi-factor authentication and is granted on a least-privilege basis.

6. Subprocessors

We engage a small number of trusted subprocessors to operate the service. Each is contractually bound to protect your data and process it only to provide its specific service:

  • Plaid Inc. — financial account connectivity (Pulse customers only)
  • Stripe Inc. — subscription billing and payment processing
  • Digital Ocean — application hosting and managed database
  • Anthropic — AI-assisted transaction categorization (Pulse)
  • Google Workspace — internal email and productivity
  • Google APIs — Google Calendar sync for Menutize jobs (opt-in; see Section 4 for Limited Use commitment)
  • Sentry — application error monitoring

7. Data Retention

You retain full ownership ("Sovereignty") of your business data. We retain different categories of data for different periods, in accordance with applicable tax, audit, and privacy obligations:

  • Active subscription data: retained for the duration of your active subscription.
  • Bookkeeping & financial records: retained for the active subscription plus up to seven (7) years thereafter to satisfy customer tax-record retention obligations, unless you request earlier deletion.
  • Plaid access tokens: deleted immediately upon disconnection of the linked account.
  • Account & service data on cancellation: 30-day grace period for export, after which data is purged from active systems (subject to financial-records retention above).
  • Backups: retained on the platform's standard schedule and subject to the same encryption and access controls as production data.

8. Your Rights

You have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Correct — request correction of inaccurate data, or update it directly in your dashboard.
  • Delete — request deletion of your account and associated personal data, subject to our financial-records retention obligations.
  • Export — export your customer list, booking history, and (for Pulse customers) bookkeeping records at any time from your dashboard.
  • Disconnect — disconnect any linked financial account at any time, which immediately deletes the associated access token.
  • Withdraw consent — withdraw consent for optional processing.

To exercise any of these rights, contact us at the address below. Where applicable, California residents have additional rights under the California Consumer Privacy Act (CCPA), which we honor on the same basis.

9. Consent

By creating an account and using the service, you consent to the collection, processing, and storage of your data as described in this policy. Connecting a financial account through Plaid Link constitutes additional, explicit consent for the collection of financial account data described in Section 3, governed by Plaid's own consent and disclosure flow.

10. Policy Review & Changes

This policy is reviewed at least annually and updated upon any material change to our systems, vendors, or applicable regulations. Material changes will be communicated to active customers by email and reflected in the "Last Updated" date above.

11. Contact Us

For privacy-related inquiries, data subject requests, or Data Processing Addendum (DPA) requests, please contact our Compliance Officer:

Menutize Privacy Team

Email: [email protected]

Sandpoint, Idaho