logoORDER NOW

Last Updated: March 23, 2026

PRIVACY POLICY.

1. Introduction

This Privacy Policy ("Policy") explains how EattoFit ("we", "our", or "us") collects, uses, stores, discloses, and protects your personal data when you access or use our website, mobile platform, and services (collectively, the "Platform"). By using the Platform, you acknowledge that you have read and understood this Policy.

This Policy forms an integral part of the EattoFit Terms & Conditions and should be read together with the Terms & Conditions and Refund & Cancellation Policy.

2. Data Controller

EattoFit WLL

Kingdom of Bahrain

CR No: 84004

Email: [email protected]

Address: BLDG 170, RD 4203, BLK 342.

EattoFit is the data controller responsible for your personal data in accordance with the Kingdom of Bahrain Personal Data Protection Law (PDPL).

3. Information We Collect

We collect only the data necessary to provide, operate, and improve our services.

3.1 Personal Information

  • Full name
  • Email address
  • Phone number

3.2 Account Information

  • Login credentials
  • Order history
  • Preferences and saved meals

3.3 Transaction & Payment Data

  • Payment details are processed by secure third-party providers and are not stored by EattoFit
  • Transaction records
  • Wallet balances and transaction history
  • CARE CHAIN contributions and distribution records

CARE CHAIN contributions are voluntary and non-financial in nature. Wallet balances are operational credits and do not constitute stored monetary value or financial instruments.

3.4 Delivery Information

  • Delivery address
  • GPS location data during delivery
  • Delivery photos (where applicable)
  • Delivery timestamps and confirmation records
  • Delivery instructions

These records may be used as proof of delivery and for dispute resolution in accordance with the Terms & Conditions and Refund & Cancellation Policy, to the maximum extent permitted by applicable law.

3.5 Technical & Usage Data

  • IP address
  • Device type, operating system, and browser type
  • App usage data
  • Cookies and similar tracking technologies

3.6 Communication Data

  • Customer support messages
  • Feedback, reviews, and ratings

3.7 Optional Data

  • Dietary preferences
  • Meal preferences
  • Other optional information you choose to provide

EattoFit does not provide healthcare services and does not intentionally collect sensitive health data. Any dietary or allergy-related preferences are treated strictly as user-provided preference data and used solely for service fulfillment purposes. Where required by applicable law, such data may be processed based on your consent.

3.8 User-Generated Content

  • Reviews and ratings
  • Testimonials and feedback
  • Comments and public submissions
  • Any other content you voluntarily share

4. How We Use Your Information

We use your data to:

  • Process and fulfill orders
  • Manage your account
  • Provide delivery services
  • Operate, maintain, and improve the Platform
  • Process payments and prevent fraud
  • Communicate regarding orders, updates, and support
  • Personalize your experience
  • Enforce Terms & Policies
  • Comply with legal obligations
  • Display user-generated content
  • Verify deliveries and resolve disputes
  • Administer wallet and CARE CHAIN operations

We do not provide medical or nutritional advice based on your data.

We do not sell or commercially exploit personal data.

5. Legal Basis for Processing

We process your personal data based on:

  • Contractual necessity
  • Your consent
  • Legal obligations
  • Legitimate interests

Examples:

  • Contractual necessity: order fulfilment, account management, delivery coordination, payment processing
  • Consent: marketing communications, optional features, dietary or allergy-related data (where required)
  • Legal obligations: tax, accounting, compliance, lawful authority requests
  • Legitimate interests: fraud prevention, platform security, service improvement, operational efficiency

You may withdraw consent at any time, subject to legal or operational requirements.

Each category of data described in Section 3 is processed only to the extent necessary under the applicable legal basis outlined above.

6. Cookies & Tracking Technologies

We use cookies to support platform functionality and performance.

Types of cookies:

  • Essential Cookies — Required for core functionality (login, checkout, security)
  • Functional Cookies — Store preferences and improve user experience
  • Analytics Cookies — Analyze usage and improve performance

You can manage cookies via your browser settings. Disabling them may affect functionality.

Where required by applicable law, cookie consent will be obtained through a cookie banner or similar mechanism before non-essential cookies are activated.

7. Data Sharing & Disclosure

We may share data with:

7.1 Service Providers

  • Payment processors
  • Delivery partners
  • Cloud providers
  • Analytics providers

7.2 Legal Authorities

  • Where required by law
  • To prevent fraud or ensure safety

7.3 Business Transfers

  • Mergers
  • Acquisitions
  • Restructuring

We do not sell personal data.

8. International Data Transfers

Data may be transferred outside Bahrain. Appropriate safeguards are implemented, including standard contractual clauses or equivalent legally recognized safeguards where applicable.

9. Data Retention

We retain data only as long as necessary for:

  • Order fulfillment and transactions
  • Legal and regulatory compliance
  • Dispute resolution
  • Fraud prevention

Data is securely deleted, anonymized, or archived when no longer required. Typical retention periods are determined based on the nature of the data, applicable legal requirements, and operational necessity.

10. Data Security

We implement safeguards including:

  • Encrypted transactions
  • Secure infrastructure
  • Access controls
  • Internal data protection practices
  • Access to personal data is restricted to authorized personnel and governed by role-based access controls

No system can guarantee absolute security.

11. Your Rights

Subject to Bahrain law, you may:

  • Access your data
  • Correct inaccuracies
  • Request deletion
  • Restrict or object to processing
  • Withdraw consent

Requests: [email protected]

Identity verification may be required.

12. Marketing Communications

You may receive promotional communications where permitted.

You can opt out via:

  • Unsubscribe links
  • Account settings
  • Support contact

Service-related communications will continue.

13. Children's Privacy

The Platform is intended for users aged 18+. Guardians are responsible for minor usage. We do not knowingly collect data from minors.

14. Third-Party Services & Links

We are not responsible for third-party privacy practices.

15. Automated Processing & Analytics

Used for:

  • Performance improvement
  • Fraud detection
  • Personalization

No legally binding decisions are made without human review where required.

16. Data Breach & Incident Response

In case of breach:

  • Containment and mitigation
  • Authority notification (if required)
  • User notification (if required)

17. Account Control & Data Management

You may:

  • Update your data
  • Request account deletion

Some data may be retained for legal obligations.

18. Do-Not-Track (DNT)

The Platform may not respond to DNT signals due to lack of standardization.

19. Changes to This Policy

Updates may be made periodically.

Material changes will be communicated via:

  • Platform
  • Email or notifications

20. Contact Information

EattoFit WLL Customer Support