Privacy Policy

Effective Date: March 1, 2026

On & Off ("we," "our," or "us") operates the On & Off mobile application and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Service. By using On & Off, you consent to the practices described in this policy.

1. Information We Collect

1.1 Information You Provide

Account Information: When you register, we collect your name, email address, phone number, and password. Business users also provide venue name, address, and business details.
Profile Information: Profile photo, dining preferences, and any other information you choose to add to your profile.
Reservation Data: Details of your restaurant reservations including date, time, party size, special requests, and venue.
Reviews and Content: Reviews, ratings, photos, and any other content you post through the Service.
Payment Information: Payment details are processed securely through Stripe and Apple In-App Purchases. We do not store your full credit card number on our servers.
Communications: Messages you send to restaurants or to our support team.

1.2 Information Collected Automatically

Location Data: With your permission, we collect your precise location to show nearby restaurants and deals. You can disable location sharing at any time through your device settings.
Device Information: Device type, operating system, unique device identifiers, and push notification tokens for sending reservation reminders.
Usage Data: Information about how you interact with the Service, including pages viewed, features used, search queries, and session duration.
Log Data: Server logs that may include your IP address, browser type, access times, and referring URLs.

1.3 Information from Third Parties

We may receive information from third-party service providers to enhance our services, including analytics data and publicly available business information for restaurant listings.

2. How We Use Your Information

We use the information we collect for the following purposes:

To provide, maintain, and improve the Service and its features
To process and manage restaurant reservations on your behalf
To display relevant deals, discounts, and restaurants near your location
To process subscription payments and manage billing
To send reservation confirmations, reminders, and status updates
To manage the XP rewards program and track your progress
To facilitate communication between you and restaurant partners
To personalize your experience and recommend restaurants
To detect, prevent, and address fraud, abuse, and security issues
To comply with legal obligations
To analyze usage trends and improve our services

3. Information Sharing and Disclosure

We share your information only in the following circumstances:

Restaurant Partners: When you make a reservation, we share your name, party size, reservation time, and any special requests with the restaurant. Restaurants can see your reservation history with their venue.
Payment Processors: Stripe and Apple process your payments securely in accordance with their own privacy policies.
Service Providers: We use trusted third-party providers including Amazon Web Services (AWS) for file storage and hosting, CloudFront for content delivery, Resend for email delivery, and other vendors necessary to operate the Service.
Legal Requirements: We may disclose your information if required by law, court order, subpoena, or governmental request, or to protect our rights, property, or safety.
Business Transfers: If On & Off is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

We do not sell your personal information to third parties.

4. Data Security

We take the security of your information seriously and implement industry-standard measures to protect it, including:

Encrypted connections (HTTPS/TLS) for all data transmission
Hashed passwords using bcrypt
Secure token-based authentication (JWT)
Firewalled servers and access controls
Regular security reviews and monitoring

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data. You are responsible for maintaining the confidentiality of your account credentials and for logging out after each session.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy, including legal, accounting, and operational requirements.

Active Accounts: Your data is retained for as long as your account remains active.
Deleted Accounts: Upon account deletion, your personal data is removed from our active systems. Backup copies may persist temporarily but are not accessible to other users.
Reservation History: Anonymized reservation data may be retained for analytics and reporting purposes.

You can request deletion of your account and all associated personal data at any time by contacting us at legal@joinonandoff.com.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request deletion of your personal data.
Portability: Request a machine-readable copy of your data.
Opt-Out: Opt out of marketing communications at any time.
Location: Disable location sharing at any time through your device settings.
Withdraw Consent: Withdraw your consent to data processing at any time.

To exercise any of these rights, contact us at legal@joinonandoff.com. We will respond within 30 days.

For California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act, including the right to know what personal information is collected, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information.

For EU/EEA Residents (GDPR)

If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation, including the right to lodge a complaint with your local data protection authority.

7. Children's Privacy

On & Off is not intended for use by persons under 18 years of age. We do not knowingly collect personal information from anyone under 18. If we discover that we have collected information from a person under 18, we will delete that information and terminate the account immediately. If you believe a child under 18 has provided us with personal information, please contact us at info@joinonandoff.com.

8. International Data Transfers

Your information may be transferred to and processed in the United States, where our servers are located. By using the Service, you consent to the transfer of your information to the United States and processing globally in accordance with this Privacy Policy.

9. Push Notifications

With your permission, we send push notifications for reservation confirmations, reminders, deal alerts, and other Service-related updates. You can manage your notification preferences in the app settings or through your device settings at any time.

10. Cookies and Tracking

Our web properties may use cookies and similar tracking technologies to maintain session state, remember preferences, and analyze usage. You can control cookie preferences through your browser settings.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you through the app or by email and update the effective date at the top of this page. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: legal@joinonandoff.com
General inquiries: info@joinonandoff.com
Website: joinonandoff.com