MenulyBack to Home

Privacy Policy

Last updated: April 5, 2026

Menuly ("we," "us," or "our") operates the website menuly.pk and its associated subdomains, including portal.menuly.pk and restaurant-specific subdomains (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree with the terms of this policy, please do not access the Service.

1. Information We Collect

1.1 Personal Information You Provide

When you register for an account, we collect the following personal information:

  • Name — used to personalize your account
  • Email address — used for account authentication and communication
  • Password — securely hashed using bcrypt before storage; we never store your password in plain text

1.2 Restaurant and Menu Data

As a restaurant owner using our portal, you may provide the following business data:

  • Restaurant name, URL slug, currency, and timezone
  • Menu information including item names, descriptions, pricing, dietary tags, allergen information, spice levels, calorie counts, and portion sizes
  • Media assets including food images and 3D model files uploaded to our platform
  • Food photographs submitted for AI-powered 3D model generation, which are transmitted to a third-party AI processing service solely to perform the generation request
  • Theme customization data such as colors, fonts, and logo images
  • QR code configurations

1.3 Automatically Collected Information

When you access the Service, we may automatically collect certain information from your device, including:

  • Browser type and version
  • Operating system
  • IP address
  • Pages visited and time spent on those pages
  • Referring website addresses

We do not currently use third-party analytics or tracking services.

2. How We Use Your Information

We use the information we collect to:

  • Create and manage your account
  • Provide, maintain, and improve the Service, including generating digital menus and enabling AR experiences for your restaurant
  • Authenticate your identity and secure access to your account
  • Store and serve your uploaded media assets (images, 3D models)
  • Process food photographs through our AI-powered 3D model generation feature when you initiate a generation request
  • Track your AI generation token balance and usage
  • Respond to your inquiries and provide customer support
  • Send administrative communications, such as updates to our terms or policies
  • Detect, prevent, and address technical issues or security breaches

3. Data Storage and Security

3.1 Where Your Data Is Stored

  • Account and menu data is stored in a MongoDB database
  • Uploaded files (images, 3D models) are stored in Amazon Web Services (AWS) S3 and delivered through AWS CloudFront CDN

3.2 Security Measures

We implement the following security measures:

  • Passwords are hashed using the bcrypt algorithm before being stored
  • Authentication is managed through secure JSON Web Tokens (JWT)
  • All data in transit is encrypted using HTTPS/TLS
  • Access to uploaded files is managed through secure, scoped permissions

While we use commercially reasonable measures to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

4. Third-Party Services

We use the following third-party services to operate the platform:

  • MongoDB — for database storage
  • Amazon Web Services (S3 and CloudFront) — for file storage and content delivery
  • Google Fonts — for serving web fonts on menus and the landing page
  • Google Model Viewer — for rendering 3D models and AR experiences in customer-facing menus
  • Third-party AI generation service — when you use the AI-powered 3D model generation feature, the food photographs you submit are transmitted to a third-party AI processing service to perform the generation. Only the photographs you explicitly submit for generation are shared with this service, and they are used solely for generating the requested 3D model. We do not share your account information, personal data, or any other data with this service. We do not publicly disclose the specific AI provider as it may change over time.

These third-party services have their own privacy policies governing the use of your information. We encourage you to review their respective policies.

We do not sell, trade, or rent your personal information to third parties. We do not use third-party advertising or analytics services.

5. Data Shared Publicly

When you create a restaurant and publish your menu through Menuly, the following information is made publicly accessible to anyone who visits your menu URL or scans your QR code:

  • Restaurant name and branding (logo, colors, fonts)
  • Menu items including names, descriptions, prices, dietary tags, allergen information, images, and 3D models

Your personal account information (name, email, password) is never shared publicly.

6. Data Retention

We retain your personal information and restaurant data for as long as your account is active or as needed to provide the Service. If you wish to delete your account and associated data, please contact us at hello@menuly.pk.

Upon account deletion, we will delete your personal information and restaurant data within a reasonable timeframe. Some data may be retained in backups for a limited period as part of our standard backup procedures.

7. Cookies and Session Data

We use essential cookies and session tokens solely for authentication purposes. These are necessary for the Service to function and allow you to remain signed in. We do not use tracking cookies, advertising cookies, or any non-essential cookies.

8. Your Rights

You have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate or incomplete data
  • Delete your account and associated data
  • Export your restaurant and menu data

To exercise any of these rights, please contact us at hello@menuly.pk.

9. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after any changes constitutes your acceptance of the new Privacy Policy.

11. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:

Menuly

Email: hello@menuly.pk

Website: menuly.pk