Privacy policy

When you submit feedback through a restaurant's DiningEcho page, we collect:

• The star rating, tags, and any written comment you provide
• An optional email address or phone number, only if you opt in for a manager follow-up
• A hashed (one-way) form of your IP address and browser user agent, used solely for rate limiting and anti-spam

When restaurant owners use DiningEcho, we collect their account email, business information (name, address, phone, Google Place ID), and standard billing metadata through Stripe.

• To deliver private feedback to the restaurant owner
• To let the owner reply to you, if you opted in for follow-up
• To prevent abuse (rate limits, spam protection)
• To provide aggregate analytics to the restaurant owner

We do not sell personal information. We do not run third-party trackers on customer rating pages.

Identifiable data is retained until the restaurant cancels their account, you submit a valid deletion request, or applicable retention windows expire:

• Hashed IPs and user agents: 90 days
• Contact info and comments: until deletion request or restaurant offboarding
• Anonymous aggregate metrics: 12 months

You can request deletion of any feedback tied to your email or phone at any time:

Request deletion →

US state privacy laws (CCPA, CPRA, and similar) give you the right to know what we collect, request deletion, and receive non-discriminatory service whether or not you exercise these rights.

Privacy questions: privacy@diningecho.com

If we make material changes to this policy, we'll email account holders and update the "Last updated" date above. Customers without accounts will see notice via the restaurant's rating page.