Privacy Policy

CafeNode is a platform for discovering independent cafes for coffee, atmosphere, reading, meetings, travel, relaxing, and work-friendly visits when appropriate. We process only data needed to provide authentication, discovery, reviews, favorites, and owner listing features.

CafeNode does not sell personal information in the ordinary meaning of selling user data.

Account information

• Name and email
• Profile photo when provided
• Authentication details managed by Supabase Auth (email/password metadata)

Location information

• Approximate or precise location, only with permission
• City or search location entered by users
• Browse and map context such as nearby cafe search area

User-generated data

• Reviews, ratings, and comments
• Suggested edits and correction requests
• Uploaded photos and reports
• Favorites and saved cafes

Cafe owner information

• Business name and business address
• Owner/manager contact details
• Website, social links, and claim verification details
• Cafe amenities and policy fields (Wi-Fi, outlets, noise, etc.)

Technical and device data

• Device and browser metadata
• IP address and request metadata
• Pages viewed, app interactions, and feature usage
• Crash and error events for reliability
• Analytics events if an analytics provider is enabled

• Authenticate and protect user and owner accounts.
• Power café discovery, search, filtering, and map/list experiences.
• Display and rank listing and review signals for discovery quality.
• Enable owner claim workflows and moderation review.
• Operate abuse prevention, fraud prevention, and safety workflows.
• Improve product quality and support analytics and monitoring.

Data is stored using Supabase and related infrastructure providers. We use role-based controls, transport security, and least-privilege access patterns.

Retention is based on feature use and operational needs. Logs or backups may be retained for limited periods under security, legal, and compliance requirements.

We use trusted providers to operate the service and only share what is required:

• Supabase (Auth, database, storage, and operational APIs)
• Vercel (hosting and deployment delivery)
• Google Maps / Places / Geocoding APIs if map features are enabled
• Analytics providers and payment processors if introduced in future releases

We do not share personal information with marketing or data brokers for resale.

• Request access, correction, or deletion where available in product features.
• Manage location permission in device/browser settings.
• Withdraw consent for optional processing where applicable.
• Use Account and Data Deletion to request removal.
• Contact us directly for additional privacy requests.

For account deletion workflow details, see /delete-account. We retain only data required for security, legal, fraud prevention, disputes, or regulated obligations.

We implement safeguards appropriate to a startup product, including secure access controls and review processes. No system is completely risk free.

CafeNode is not knowingly directed to children under 13. We do not intentionally collect personal data from children.

Data may be transferred across regions to operate the service infrastructure. Where required, we rely on provider safeguards and legal transfer mechanisms.

We may update this policy as features evolve. Material changes will be reflected by updating the date and, where needed, notifying users through product channels.

Legal entity: Decodation LLC dba CafeNode

United States

Contact: support@cafenode.app

Privacy requests: privacy@cafenode.app