Privacy Policy

Effective: September 1, 2025

Raccoon Services UG (haftungsbeschränkt) ("FoodRaccoon", "we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and share your personal data when you use our App and services. We process your data in compliance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

1. Introduction

This Privacy Policy applies to all personal data processed by FoodRaccoon through our mobile application (App), website, and related services. FoodRaccoon acts as the data controller within the meaning of the GDPR.

If you have any questions about data protection, you can contact us at:

Raccoon Services UG (haftungsbeschränkt) Mühlenstraße 8a, 14167 Berlin Email: office@foodraccoon.com

2. Personal Data We Collect

We collect the following categories of personal data:

(a) Contact data: name, email address, telephone number, postal address.

(b) Account data: username, password (encrypted), profile information, preferences.

(c) Transaction data: order history, payment information (processed by our payment provider), delivery/pickup details, receipts.

(d) Communication data: messages sent through the platform, customer service inquiries, reviews and ratings.

(e) Usage data: app usage patterns, device information (device type, operating system, app version), IP address, access times, pages viewed, features used, crash reports.

3. Processing Purposes and Legal Bases

We process your personal data for the following purposes and on the following legal bases:

(a) Performance of our services: Processing your orders, managing your account, facilitating payments, and providing customer support. Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

(b) Customer relationship management: Communicating with you about your orders, account updates, and service changes. Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

(c) Direct marketing: Sending you promotional offers, newsletters, and information about new features or partners, where you have consented. Legal basis: Art. 6(1)(a) GDPR (consent).

(d) Research and improvement: Analysing usage patterns and feedback to improve our services, develop new features, and enhance user experience. Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

(e) Record keeping: Maintaining records for accounting, tax, and regulatory compliance. Legal basis: Art. 6(1)(c) GDPR (legal obligation).

(f) Security: Protecting our platform, detecting fraud, and ensuring the security of our systems and users. Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

(g) Legal claims: Establishing, exercising, or defending legal claims. Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

(h) Compliance: Fulfilling legal obligations, including responding to lawful requests from public authorities. Legal basis: Art. 6(1)(c) GDPR (legal obligation).

4. Data Sharing with Third Parties

We may share your personal data with the following categories of recipients:

(a) Partner restaurants: We share your order details and necessary contact information with Partner restaurants to fulfil your orders.

(b) Payment service providers: We use third-party payment processors (such as Stripe) to process payments. These providers receive only the payment-related data necessary to process your transactions and are contractually obligated to protect your data.

(c) Service providers: We engage service providers who process data on our behalf for purposes such as hosting, analytics, and customer support. These providers are bound by data processing agreements in accordance with Art. 28 GDPR.

(d) Legal obligations: We may disclose your data to law enforcement agencies, courts, or regulatory authorities when required by law or when necessary to protect our rights, property, or safety, or the rights, property, or safety of others.

5. Data Retention and Deletion

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by law.

6. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

(a) Right of access (Art. 15 GDPR): You have the right to obtain information about whether and which personal data we process about you.

(b) Right to rectification (Art. 16 GDPR): You have the right to request the correction of inaccurate personal data or the completion of incomplete personal data.

(c) Right to erasure (Art. 17 GDPR): You have the right to request the deletion of your personal data, provided there is no legal obligation to retain it.

(d) Right to restriction of processing (Art. 18 GDPR): You have the right to request the restriction of processing of your personal data under certain conditions.

(e) Right to object (Art. 21 GDPR): You have the right to object to the processing of your personal data based on legitimate interests, including direct marketing.

(f) Right to data portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used, and machine-readable format.

(g) Right to lodge a complaint (Art. 77 GDPR): You have the right to lodge a complaint with a supervisory authority.

(h) Right to withdraw consent (Art. 7(3) GDPR): Where processing is based on your consent, you have the right to withdraw your consent at any time.

To exercise your rights, please contact us at: office@foodraccoon.com

7. Cookies We Use

We use the following types of cookies and similar technologies:

(a) Authentication cookies: These cookies are necessary to identify you as a logged-in user and to maintain your session.

(b) Personalisation cookies: These cookies store your preferences and settings.

(c) Security cookies: These cookies help protect against fraud and unauthorised access.

(d) Analytics cookies: These cookies help us understand how users interact with our Service. Analytics cookies require your explicit consent via the cookie banner.

(e) Consent management cookies: These cookies, set by CookieYes, store your cookie preferences and consent decisions.

8. Cookies and Technologies

We use the following third-party services and technologies:

(a) Firebase (Google LLC): We use Firebase for authentication, database services, cloud functions, analytics, and crash reporting.

(b) PostHog (PostHog, Inc.): We use PostHog for website analytics, session recording, and product improvement. Data is processed exclusively in the EU (Frankfurt, Germany). PostHog analytics require your explicit consent via the cookie banner.

(c) CookieYes (CookieYes Limited): We use CookieYes to manage cookie consent and comply with GDPR requirements.

(d) Microsoft 365 (Microsoft Corporation): We use Microsoft 365 for internal communications and business operations.

(e) TypeForm (TYPEFORM S.L.): We use TypeForm for surveys and forms.

(f) Stripe (Stripe, Inc.): We use Stripe for payment processing.

(g) Google Analytics (Google LLC): We use Google Analytics to analyse usage of our mobile apps.

9. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of material changes through the App or by other appropriate means.

10. Our Details

Raccoon Services UG (haftungsbeschränkt) Mühlenstraße 8a, 14167 Berlin Commercial register: HRB 257349, District Court Berlin (Charlottenburg) Email: office@foodraccoon.com VAT ID: DE365826522