Last updated July 1, 2026
Data Deletion Policy
This policy explains how to delete restaurant websites, account-related information, and order-related information from EatFoodNow.
Delete a restaurant website
Restaurant owners can delete a generated website from the EatFoodNow account dashboard. Deleting a website removes it from the public site list, disables ordering, removes the owner's dashboard association, and removes custom-domain routing managed by EatFoodNow.
EatFoodNow may keep a short tombstone record for up to 24 hours after site deletion so active checkout sessions, webhooks, and security checks can finish safely.
Request account or personal data deletion
- Email admin@appy.co.nz with the subject line "Data deletion request".
- Send the request from the email address used with EatFoodNow, or include enough information for us to verify that you are authorized to make the request.
- Include the restaurant URL or subdomain and say whether you want us to delete the website, account association, order information, or another specific category of data.
- We aim to respond within 30 days, unless a shorter or longer period is required or allowed by applicable law.
Customer order information
If you placed a pickup order through an EatFoodNow-powered restaurant website, EatFoodNow stores order contact details for about 90 days so the restaurant can fulfill the order and resolve order issues.
You may ask EatFoodNow or the restaurant to delete order-related personal information. Some payment, tax, accounting, fraud-prevention, dispute, and delivery records may need to be retained by the restaurant, Stripe, email providers, or EatFoodNow where legally or operationally required.
What deletion covers
- Restaurant site content stored by EatFoodNow, including extracted menu data, business details, custom sections, owner association, claim-invite data, and custom-domain mapping.
- Account ownership indexes and dashboard associations connected to your verified email address.
- EatFoodNow order records that are still within the service retention period and are not needed for legal, security, payment, fraud-prevention, or dispute reasons.
What may remain
- Information kept by third-party services such as Stripe, Resend, Google, hosting providers, Redis providers, Cloudflare, or a restaurant's own systems under their own retention rules.
- Emails already sent to restaurant owners or customers.
- Aggregated, anonymized, backup, logging, abuse-prevention, security, accounting, tax, legal, or dispute-resolution records that are not reasonably removable immediately or that we are permitted or required to retain.