Privacy Policy

Venora ("we", "us", "our") provides a multi-tenant venue management platform for restaurants, cafes, snooker clubs, gaming lounges, and sports venues. For privacy inquiries, contact privacy@venorahub.com.

We collect the following categories of data:

• Account data: name, email, phone, role, organization, and authentication metadata.
• Operational data: bookings, orders, sessions, inventory, kitchen, customers, employees, and analytics records generated when you use the platform.
• Billing data: subscription tier, invoices, and payment references. Card numbers are never stored by Venora.
• Device & usage data: IP address, browser, device, timestamps, and feature interactions for security and product analytics.
• Communications: messages you send via contact forms, email, or in-app chat.

We process personal data to:

• provide, secure, and improve the Venora platform;
• authenticate users and enforce role-based access control;
• process subscriptions and payments;
• detect fraud, abuse, and security incidents;
• send transactional and service-related communications;
• comply with legal and regulatory obligations.

We process personal data under one or more lawful bases: performance of a contract, legitimate interest in operating a secure service, your consent (where required), and compliance with legal obligations.

We share data only with vetted sub-processors required to run the service. Current sub-processor categories include:

• Database & hosting: Supabase (managed PostgreSQL, authentication, storage).
• Payment gateways: Razorpay, Stripe.
• AI model providers: OpenAI and Google (Gemini) for AI-powered features when enabled. Used for inference only.
• Application hosting & email: infrastructure providers used to deliver the web application and transactional email.

Sub-processors operate under their own data-processing terms and may not use Customer Data for their own purposes.

Data may be processed in regions outside your country, including India, the European Union, and the United States. We use contractual safeguards (such as Standard Contractual Clauses) where required by applicable law.

We retain personal data only as long as needed to provide the service, meet legal obligations, resolve disputes, and enforce agreements. Operational data is retained for the duration of your subscription and for a reasonable archival period thereafter, unless deletion is requested.

Depending on your jurisdiction (including GDPR and India's DPDP), you may have the right to access, correct, export, restrict, or delete your personal data, and to withdraw consent. Requests are handled manually today — email privacy@venorahub.com and we will respond within a reasonable timeframe, generally within 30 days.

Venora applies encryption in transit and at rest, role-based access control, audit logging, and tenant isolation through row-level security. Learn more on our Security page.

Venora is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided data, contact us so we can remove it.

We may update this policy as the service evolves. Material changes will be communicated by email or in-app notice. The "Last updated" date above reflects the current version.

Questions or complaints? Reach us at privacy@venorahub.com. You also have the right to lodge a complaint with your local data protection authority.