Dinder logo — burger icon with location pin, wordmark, and tagline reading "The End of Dinner Debates. Just Swipe & Dine" on a red rounded backgroundDinder logo — a white burger with a location pin above it on a red circular backgroundAboutMeet the DeveloperContact
Decorative red zigzag borderDecorative red zigzag border

Privacy Policy

Last updated: April 13, 2026

Dinder is built on a simple belief: everyone deserves a seat at the table. That belief extends to how we handle your data. We collect what we need to make the app work, we protect it seriously, and we never sell it. This policy explains exactly what we collect, why we collect it, and what we do with it.

1. Who We Are

Dinder ("we," "us," or "our") is a group restaurant decision app developed by a team at Iowa State University. You can reach us at vwilliamsj22@gmail.com with any questions about this policy or your data.

2. What We Collect and Why

Account & Profile Information

When you create an account, we collect your name, username, and email address. These identify you within the app and allow you to log in. Passwords are hashed using bcrypt and are never stored in plain text. We also generate an avatar for your profile automatically — we do not store any photos you take of yourself.

Dietary Restrictions and Accessibility Needs

This is the most sensitive data we store, and we treat it accordingly. Your dietary restrictions (such as allergies, intolerances, and lifestyle diets) and accessibility needs are stored securely in our database and protected by access-controlled infrastructure. This data is the core of what makes Dinder work — it is used exclusively to filter restaurants on your behalf and is never used for advertising or shared with third parties for marketing purposes.

We store restrictions in two formats: a simple list (e.g., "Gluten Free," "Vegan") and a structured format that includes severity tiers so the app can distinguish between life-threatening allergies and lifestyle preferences. This distinction is critical to keeping you safe.

Location Data

Dinder uses your location to find restaurants near you. Your coordinates are sent to our restaurant data partners (Yelp and, in an upcoming update, Google Places) to return nearby results. Your last known location is cached on your device to improve loading speed. We also use your location in the background to detect when you are within approximately 500 meters of a restaurant you matched on — if so, we may send a notification asking if you visited, as part of our crowdsourced data collection program. We store a boolean flag indicating whether you have enabled location access. We do not continuously track or log your location history on our servers.

Swipe Behavior and Preferences

We record every swipe you make — which restaurant, which direction (left or right), and how long you looked at it before deciding. This data is used to build a preference vector that improves your recommendations over time. We also store the time of day you tend to swipe, your price sensitivity, and your distance preferences. These weights decay over time if the app is not used, so recommendations stay fresh.

Group and Social Data

If you use Dinder with others, we store which groups you belong to, who created each group, and the group's name and image. We store friendship connections, including request status and timestamps. Group swipe sessions, votes, matches, and match acknowledgments are stored so the consensus feature works correctly.

Crowdsourcing Submissions

If you choose to contribute to Dinder's restaurant database through our "Help Dinder Help You" feature, we store photos you take of restaurant exteriors and menus (uploaded to secure cloud storage), along with survey responses about your dining experience. This is entirely optional. Submissions are linked to your user ID so we can attribute contributions and prevent abuse.

Permissions

We store boolean flags for each permission you grant or deny — location, camera, and general data permissions. These flags reflect your choices and are used to determine which features are available to you.

3. Data We Do Not Collect

  • We do not collect your phone number
  • We do not collect photos of you or store user-uploaded profile pictures
  • We do not use advertising networks or sell your data to advertisers
  • We do not use third-party analytics services
  • We do not read your device contacts

4. Data Stored Only on Your Device

Some data never leaves your phone. The following is stored locally using secure on-device storage and is not transmitted to our servers:

  • Your login token (stored in SecureStore, not standard local storage)
  • Cached restaurant data for faster loading and offline access
  • Your theme preference (light or dark mode)
  • Dining preference filters (cuisine type, price range, dining style)
  • Your current group selection and card position
  • Liked, disliked, and matched restaurant lists
  • Notification and privacy preference settings

5. Third Parties We Share Data With

We share data with third parties only where necessary to operate the app. We do not sell your data. The third parties we work with are:

  • Yelp Fusion API — we send your location coordinates to search for nearby restaurants. Yelp's privacy policy applies to data they receive.
  • Google Places API — we send your location coordinates to retrieve restaurant details, photos, and ratings. This integration is currently being rolled out. Google's privacy policy applies to data they receive.
  • Google Cloud Vision API — when processing menu images through our crowdsourcing feature, image data is sent to Google's OCR service for text extraction.
  • Apple Sign-In — if you sign in with Apple, your identity token is verified with Apple's servers. Apple's privacy policy applies.
  • Amazon Web Services (AWS) — your data is stored on AWS infrastructure, including PostgreSQL on AWS RDS (primary database), DynamoDB (group session state), and S3 (crowdsourcing photo storage). All data is protected by access-controlled infrastructure. AWS does not access your personal data.

6. How We Protect Your Data

  • All communication between the app and our servers is encrypted in transit using TLS/HTTPS
  • Passwords are hashed using bcrypt and are never stored or transmitted in plain text
  • Login tokens are stored in SecureStore on your device, not in standard local storage
  • Access to our database and cloud services is controlled using least-privilege IAM policies
  • Dietary and health-related data is stored in access-controlled database columns and is only read by the recommendation and filtering systems

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, your personal data — including your profile, dietary restrictions, swipe history, and preference vectors — is deleted from our servers. Crowdsourcing contributions (menu photos, survey responses) are retained to preserve the integrity of our restaurant database, but they will be disassociated from your account and will no longer be linked to any identifying information.

8. Your Rights

You can do the following at any time from within the app:

  • View and edit your profile, dietary restrictions, and accessibility needs
  • Change or revoke location and camera permissions
  • Delete your account and associated data

If you have questions about your data or would like to request a copy of what we store, contact us at vwilliamsj22@gmail.com.

9. Children's Privacy

Dinder is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly. If you believe a child under 13 has created an account, please contact us at vwilliamsj22@gmail.com.

10. A Note on Dietary Safety

Dinder uses your stated dietary restrictions to filter restaurants, but we cannot guarantee the accuracy of all restaurant data in our system. If you have a life-threatening allergy, always verify directly with restaurant staff before eating. Dinder is a decision aid, not a medical safety guarantee.

11. Changes to This Policy

We may update this policy as the app evolves. When we do, we will update the date at the top of this page. For significant changes, we will notify you through the app. Continued use of Dinder after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

Questions, concerns, or data requests can be sent to:
vwilliamsj22@gmail.com

We aim to respond within 5 business days.

© 2026 Dinder. All rights reserved. dinder.food

h
Decorative red zigzag borderDecorative red zigzag border
Red logo with stylized burger and location pin icon, bold text 'DINDER', and slogan 'The end of dinner debates. Just swipe & dine'.

Interested in keeping up with progress?
Enter your email below to join our mailing list!

You may unsubscribe at any time!

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.