← Back to home

Privacy Policy

Last updated:June 4, 2026

This Privacy Policy explains how Kin Tiam (operated by an individual developer, "we", "us") collects, uses and protects your personal data when providing the Service.

1. Data we collect

Account data: the merchant’s registration email, store and brand information.

Operational data: menus, products, attributes, orders and related content.

Customer-side data: orders created via anonymous sessions; order notes and service type, etc.

Technical data: device and browser information, IP, usage logs and essential cookies/local storage (e.g. login session, cart, language preference).

2. How we use data

To provide and operate the Service, process orders, generate reports, contact you for support and important notices, and to improve quality and security.

3. Payment data

Payments are processed by Paddle as Merchant of Record. Your card and payment details are collected and processed by Paddle; we do not store your full card number. Please also see Paddle’s privacy policy.

4. Third-party services

We use the following providers to operate the Service: Supabase (database, authentication and storage), Cloudflare (website hosting and delivery), and Paddle (payments and tax). They process data only as necessary to provide their services.

5. Cookies & local storage

We use essential cookies and browser local storage to maintain login state, cart and language preference. You can manage these in your browser, but disabling them may affect functionality.

6. Data retention

We retain data for as long as necessary to provide the Service and as required by law. After account termination we will delete or anonymize relevant data within a reasonable period, unless law requires otherwise.

7. Your rights

Subject to applicable law, you may request access to, correction or deletion of your personal data, or restriction of its processing. Email [email protected] to make a request.

8. International transfers

Our hosting and providers may be located outside your region. We take reasonable measures to ensure cross-border transfers meet the protection standards of applicable law.

9. Data security

We apply reasonable technical and organizational measures to protect data, including encryption in transit and access controls. However, no method of transmission or storage is completely secure.

10. Children’s privacy

The Service is not directed to children. We do not knowingly collect personal data from children.

11. Changes to this policy

We may revise this policy from time to time and post the updated date on this page. Please review periodically.

12. Contact us

For questions about data handling or to exercise your rights, email [email protected].