Privacy policy
JOSIAH EATS APP — PRIVACY POLICY
Effective Date: June 25, 2026
1. INTRODUCTION
This Privacy Policy describes how Cafiero Media LLC ("we," "us," "our," or "Josiah Eats") collects, uses, and shares information when you use the Josiah Eats App and related services (the "App").
By using the App, you agree to the practices described in this Policy. This Policy is incorporated into and forms part of our Terms of Service (https://josiaheats.com/terms). If you do not agree, please do not use the App.
This Policy applies to all users, including those who browse the App without an account.
2. INFORMATION WE COLLECT
We aim to collect only what the App needs to function. We collect information in three ways: information collected automatically, information you provide, and information from third-party services.
2.1 INFORMATION COLLECTED FROM ALL USERS (INCLUDING WITHOUT AN ACCOUNT)
• Push notification token
How It's Collected: Automatically when the App launches, if you grant notification permission
Why: To deliver push notifications
Where It's Stored: Our server
• Device identifier
How It's Collected: Generated on first launch and stored on your device
Why: To link an anonymous push token and identify your device
Where It's Stored: On your device; reference stored on our server
• Device platform (iOS/Android)
How It's Collected: Detected automatically
Why: To format notifications correctly
Where It's Stored: Our server
• Approximate location
How It's Collected: Only when you grant location permission
Why: To show nearby restaurants and center the map
Where It's Stored: Used in real time only — not stored on our server
• City preferences
How It's Collected: You select them
Why: To filter content by area
Where It's Stored: On your device
• Notification preferences
How It's Collected: You set them
Why: To control which notification categories you receive
Where It's Stored: On your device
2.2 INFORMATION WE COLLECT FROM ACCOUNT HOLDERS
If you create an account, we also collect:
• Name and email
How It's Collected: From your authentication provider (Manus OAuth) when you sign in
Why: To identify your account
Where It's Stored: Our server
• Saved restaurants
How It's Collected: When you save or favorite a restaurant
Why: To maintain your favorites
Where It's Stored: Our server
• Custom lists (names and items)
How It's Collected: When you create lists
Why: To organize your saved restaurants
Where It's Stored: Our server
• Notification read status
How It's Collected: When you open your notification feed
Why: To show unread counts
Where It's Stored: Our server
• Subscription status
How It's Collected: From RevenueCat when you subscribe
Why: To enable premium features
Where It's Stored: RevenueCat and a local cache on your device
We do not store your password. Sign-in is handled by our authentication provider.
2.3 INFORMATION WE DO NOT COLLECT
To be clear about what we don't do, the App does not collect:
- Precise GPS tracking or location history stored on our servers;
- Your contacts, photos, camera, or media library;
- Browsing history outside the App;
- Health, fitness, or financial data;
- Credit card or payment details (payments are handled by Apple or Google);
- Social media account links;
- User-generated reviews, ratings, comments, or uploads.
The App does not use advertising identifiers, ad networks, or App Tracking Transparency (ATT) tracking across other apps and websites.
3. HOW WE USE INFORMATION
We use the information we collect to:
- Provide, operate, and maintain the App and its features;
- Authenticate you and manage your account;
- Save your favorites, custom lists, and preferences;
- Show you nearby restaurants and center the map (when you allow location);
- Send push notifications you've opted into, including new restaurants, events, deals, guides, recommendations, and announcements;
- Manage and validate subscriptions and premium access;
- Understand how the App is used so we can improve it (see Section 4);
- Detect, prevent, and address technical issues, security incidents, and abuse;
- Comply with legal obligations.
4. ANALYTICS
We use internal, first-party analytics to understand how the App is used. We may record events such as restaurant profile views, reservation/RSVP link clicks, guide views, event views, and notification opens, along with associated identifiers (your account ID if signed in, or an anonymous device-based ID), city, and the screen the action came from.
These analytics are used only for our own internal dashboards and product decisions. We do not use third-party analytics SDKs (such as Google Analytics, Firebase Analytics, Amplitude, Mixpanel, or Segment), and we do not share analytics data with third parties for their own purposes.
5. HOW WE SHARE INFORMATION
We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We share information only with the service providers that make the App work, and only as needed for them to perform their services:
• Manus OAuth
Purpose: Authentication
Information Shared: Email and name from your OAuth identity
• Expo Push Notifications (exp.host)
Purpose: Deliver push notifications
Information Shared: Push tokens and notification content
• RevenueCat
Purpose: Subscription and in-app purchase management
Information Shared: Anonymous app user ID and purchase receipts
• Sentry
Purpose: Error monitoring and crash reporting
Information Shared: Error stack traces and request metadata (no personal information)
• Apple App Store / Google Play
Purpose: Payment processing
Information Shared: Handled entirely by Apple/Google under their terms
• Manus Cloud Storage
Purpose: Hosting restaurant photos
Information Shared: Restaurant images only (no user data)
• Apple Maps / Google Maps (via react-native-maps)
Purpose: Display the interactive map
Information Shared: The map region currently visible to you
Each provider handles data under its own privacy policy. We encourage you to review them:
Expo (https://expo.dev/privacy) · RevenueCat (https://www.revenuecat.com/privacy) · Sentry (https://sentry.io/privacy/) · and the applicable Apple, Google, and Manus platform terms.
We may also disclose information if required by law, to enforce our agreements, to protect the rights, safety, or property of users or the public, or in connection with a merger, acquisition, or sale of assets (in which case we will provide notice as required by law).
6. EXTERNAL LINKS
The App links to third-party platforms for reservations, menus, ordering, ticketing, and search — for example, Resy, OpenTable, Tock, SevenRooms, Yelp, DoorDash, Uber Eats, Eventbrite, your phone's dialer, and web search. These are standard links that open the third-party service; the App does not send your personal information to them. Once you leave the App, the third party's own privacy policy governs your interaction with it.
7. PUSH NOTIFICATIONS
If you grant permission, we send push notifications through Expo. Anonymous devices receive notifications by default; account holders can customize which categories they receive within the App. You can turn off push notifications at any time in your device's operating system settings.
8. LOCATION
We request access to your approximate location only to center the map and show nearby restaurants. Location access is optional, and the map works without it. Location is used in real time and is not stored on our servers, and is not used for background tracking, geofencing, or building a location history. You can revoke location permission at any time in your device settings.
9. DATA RETENTION
- We retain account information and account-related data (saved restaurants, custom lists, preferences, notification status) for as long as your account remains active.
- When you delete your account, we permanently remove your user record, saved restaurants, custom lists, notification and location preferences, and push tokens.
- Push tokens are marked inactive when delivery repeatedly fails.
- Anonymous device identifiers persist on your device until you uninstall the App.
- We may retain limited information where required to comply with legal obligations, resolve disputes, or enforce our agreements.
10. DATA SECURITY
We take reasonable measures to protect your information:
- Session tokens are stored securely in the iOS Keychain or Android Keystore;
- Account data is stored in a managed cloud database, and our API enforces server-side authentication so you can only access your own data;
- The admin panel is protected by separate administrative authentication;
- Error monitoring captures diagnostic data without personal information.
No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
11. YOUR RIGHTS AND CHOICES
Depending on where you live, you may have rights to access, correct, delete, or port your personal information, and to object to or restrict certain processing. You can exercise many of these directly in the App:
- Access / update: Your name and email come from your OAuth identity; manage them through your OAuth provider.
- Delete your account: Use the Account tab to permanently delete your account and associated data (see Section 9). This action is irreversible.
- Notifications: Turn off push notifications in your device settings, or customize categories in the App.
- Location: Revoke location permission in your device settings at any time.
To make a request that you can't complete in the App, contact us using the details in Section 16. We will respond as required by applicable law and will not discriminate against you for exercising your rights.
12. CHILDREN'S PRIVACY
The App is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us personal information, contact us and we will delete it.
The App may reference dining establishments that serve alcohol but does not sell, promote, or facilitate the purchase of alcohol.
13. CALIFORNIA PRIVACY RIGHTS
If you are a California resident, the California Consumer Privacy Act (as amended by the CPRA) gives you the right to know what personal information we collect, to request access to or deletion of it, to correct inaccurate information, and to opt out of the "sale" or "sharing" of personal information.
We do not sell or share your personal information as those terms are defined under California law, and we do not use or disclose sensitive personal information for purposes beyond those permitted. To exercise your rights, contact us using Section 16. We will not discriminate against you for exercising them.
14. EUROPEAN ECONOMIC AREA, UNITED KINGDOM, AND OTHER REGIONS
If you are in the EEA, the UK, or a similar jurisdiction, we process your personal information under the following legal bases: performance of our contract with you (to provide the App and your account), our legitimate interests (to operate, secure, and improve the App), your consent (for example, push notifications and location access, which you can withdraw at any time), and compliance with legal obligations.
You have the right to access, correct, delete, restrict, or object to processing of your personal information, and to data portability. You may also lodge a complaint with your local data protection authority. Where we transfer information internationally, we rely on appropriate safeguards as required by applicable law.
15. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date and may provide additional notice through the App. Your continued use of the App after changes take effect constitutes acceptance of the updated Policy.
16. CONTACT US
If you have questions or requests regarding this Privacy Policy or your information, contact:
Cafiero Media LLC
Email: [email protected]
Address: 3800 S Ocean Drive, Hollywood, FL 33019