Skip to main content
Cennaire
Log inSign up
Documentation

Privacy Policy

Last updated: April 2026

This Privacy Policy explains how Cennaire collects, uses, and protects your personal information when you use our platform.

1. Information We Collect

Account Information

When you register, we collect your email address, chosen password (hashed, never stored in plain text), and the name you provide. We also store your selected role (Client or Caterer).

Profile Information (Caterers)

Caterers optionally provide: business name, city, bio, cuisine types, guest capacity, service packages, and photos. This information is displayed publicly on your profile.

Event Information (Clients)

When you post a catering request, we collect: event title, type, date, guest count, city, cuisine preferences, budget range, and any notes you include.

Messages

When you send messages through the platform, we store the message content, timestamps, and the conversation context (linked request or booking). Messages are visible only to the participants in the conversation.

Verification Documents (Caterers)

Caterers may upload business documents for verification purposes. These files are stored securely and reviewed only by the Cennaire team. They are not displayed publicly.

Payment Information

Cennaire uses Stripe to process subscription payments. We store only your Stripe Customer ID — no card numbers, CVVs, or bank details are held on our servers. All payment data is handled by Stripe under their own Privacy Policy.

Usage Data

We collect standard server logs including IP address, browser type, pages visited, and timestamps. This data is used for security and platform improvement purposes only.

2. How We Use Your Information

We use your information to:

  • Create and manage your account.
  • Match client requests with relevant caterers.
  • Display caterer profiles and packages in search results.
  • Send transactional notifications (booking confirmations, quote alerts).
  • Process subscription payments via Stripe.
  • Investigate and resolve disputes or abuse reports.
  • Improve the platform based on usage patterns.

We do not sell your personal data to third parties.

3. What's Shared Publicly

Caterer profiles — Business name, bio, city, cuisine types, packages, photos, and reviews are publicly visible to all visitors, including unauthenticated users.

Client requests — The details of a catering request (event type, date, guest count, city, cuisine preferences, notes) are visible to Caterers on the platform so they can submit relevant quotes. Your name and email are not included in this view.

Reviews — Reviews you leave are displayed publicly on the relevant caterer's profile.

Messages — Messages between clients and caterers are private. They are not visible to other users or displayed publicly.

4. Data Storage and Security

Your data is stored in a Supabase PostgreSQL database hosted on infrastructure with encryption at rest and in transit. Authentication is handled by Supabase Auth, which uses industry-standard session management and hashed passwords.

Media uploads (photos and verification documents) are stored in Supabase Storage.

We apply reasonable technical and organisational security measures, but no system is completely secure. Please use a strong, unique password for your account.

5. Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your account and associated data.
  • Export your data in a portable format.

To exercise any of these rights, email us at info@cennaire.co.uk. We will respond within 30 days.

Note: Deleting your account will remove your profile, requests, and personal data. Review history linked to caterer profiles may be retained in anonymised form.

6. Cookies

Cennaire uses a session cookie set by Supabase Auth to keep you logged in. This is a strictly necessary cookie — it cannot be opted out of without logging out.

We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

7. Third-Party Services

We use the following third-party services that may process your data:

ServicePurposePrivacy Policy
SupabaseDatabase, auth, file storagesupabase.com/privacy
StripePayment processingstripe.com/privacy

We may add additional services (e.g., Twilio for SMS, SendGrid for email) in the future. This policy will be updated accordingly.

8. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete or anonymise your personal data within 30 days, except where retention is required by law.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. The "last updated" date at the top of this page reflects the most recent revision.

10. Contact

For privacy-related questions or requests, contact:

Email: info@cennaire.co.uk