Kitch·ıo Back to Homepage

Privacy Policy

Last Updated: May 23, 2026

Welcome to Kitchio (kitchio.co.uk). Kitchio is a branded ordering platform for independent takeaways, restaurants, and food operators in the United Kingdom. We respect your privacy and are committed to protecting the personal data of both our restaurant merchants ("Merchants") and their end customers ("Diners").

This Privacy Policy explains how we collect, use, and share personal data when you use the Kitchio software, visit our website, or interact with an online ordering store built on our system.

1. Diner Data Ownership: The Kitchio Promise

Unlike third-party aggregator apps (e.g., Uber Eats, Deliveroo, or Just Eat) that capture and hide customer databases from the kitchens, **Kitchio maintains a strict direct-merchant ownership model**.

Any diner personal data collected on a Merchant's branded ordering page (such as names, emails, addresses, and order history) is owned exclusively by that Merchant. Kitchio acts solely as a data processor for these transactions. We will never sell, lease, or use your Diner lists to cross-promote competing food establishments or market direct aggregator services.

2. Information We Collect

We collect personal data through different channels depending on your interaction with our platform:

A. Merchant Information:

When a restaurant registers for Kitchio, we collect contact details (owner name, business email, telephone, location addresses) and secure payment metadata (linked via Stripe) to route payouts.

B. Diner Information:

When placing an order on a Kitchio-powered branded site, we collect data necessary for transaction completion and delivery fulfillment:

3. How We Use Collected Data

We process personal information under standard GDPR lawful bases to fulfill our business contracts and service requests:

4. Information Sharing & Third Parties

We only share necessary personal data with specific services to perform core operational actions:

5. Data Security

Kitchio uses robust technical and administrative structures to prevent unauthorized access or modification. All ordering pages implement SSL certificates, secure endpoint verification, and tokenized API processing channels. However, no digital transmission is entirely secure, and we prompt Merchants to keep dashboard passwords strictly confidential.

6. Your GDPR Rights

As a UK resident, you retain standard statutory data rights under GDPR guidelines, including rights of access, correction, transfer, and deletion of personal files. Diners wishing to exercise these rights should contact the restaurant Merchant directly, as they manage the primary guest database. Merchants and other system operators can contact our privacy officer at onboard@kitchio.co.uk.