Menuvia Platform — Terms of Service (Draft)
Last updated: [Date] · Effective date: [Date]
1. Parties
These Terms of Service (“Agreement”) are entered into by and between Arsbias L.L.C-FZ, registered at Meydan Free Zone, Dubai, UAE (“Company,” “we,” “us”), and the restaurant owner or the entity/person duly authorized to act on its behalf who uses the Platform for commercial purposes (“User,” “you”).
2. Definitions
- Platform: The Company’s website(s), mobile site(s), and/or application(s).
- Service(s): Features provided via the Platform, including QR menu display, multilingual content, tags/filters, visual presentation, AI-assisted recommendations/chat, and (if available) an admin panel.
- Subscription (Paid Subscription): A recurring paid membership model.
- Content: All information/data uploaded by the User (menus, images, copy, logos, tags, etc.).
- Account: The user profile created for access to the Platform.
3. Scope
The Platform enables restaurants to present menus in a multilingual, visual format; allows end-customers to view menus; and (if enabled) provides AI-based recommendation/chat features. The Platform does not sell products to consumers; ordering/payment flows are outside the scope of this Agreement (if a separate module is launched, additional terms will be published).
4. Account Creation and Access
4.1. You are responsible for ensuring all information provided upon account creation is accurate, complete, and up-to-date.
4.2. The Company may reject applications or suspend/terminate access, in whole or in part, at its discretion (e.g., violation, security concerns, payment issues, risk).
4.3. Keep your credentials confidential. You are responsible for all actions taken through your Account.
5. Acceptable Use
5.1. Use the Platform only for lawful purposes.
5.2. You may not use content that is illegal, harmful, misleading, defamatory/abusive, obscene, infringing, or that violates third-party rights.
5.3. Reverse engineering, attempting to access source code, running unauthorized security/performance tests, or attempting to access systems without authorization is prohibited.
5.4. Abuse (spam, attacks, abnormal load, etc.) may lead to immediate restriction/termination.
6. Content and Licenses
6.1. You retain ownership of your Content.
6.2. You grant the Company a worldwide, non-exclusive, transferable, sublicensable, royalty-free license to use your Content as reasonably necessary to provide, operate, back up, secure, debug, analyze, and (optionally) showcase screenshots as portfolio/marketing examples of the Services. (If you do not want the marketing/portfolio right, tell us and we will remove that clause.)
6.3. You represent you have the rights in your Content and that it does not infringe third-party rights. You agree to indemnify us for third-party claims arising from your Content.
7. Pricing, Plans, and Billing
7.1. Fees, plan scope, any trial period, billing cycle (monthly/annual/TBD), and auto-renewal terms are posted on the Platform.
7.2. Subscriptions are billed in advance and auto-renew until cancelled.
7.3. Cancellation takes effect at the next billing cycle; no partial refunds for the current period.
7.4. If payment fails, access may be suspended.
8. Taxes and Invoicing (UAE/Dubai)
8.1. Prices are exclusive of VAT. Under applicable UAE law, VAT (generally 5%) and other statutory charges are added.
8.2. For free-zone, out-of-scope, or cross-border transactions, tax treatment follows applicable law. You agree to provide required information/documents.
8.3. Invoices are issued electronically and uploaded/sent to your Account/email.
9. Cancellation, Termination, and Refunds
9.1. Your termination: You may cancel anytime; for paid plans, fees accrue for the current term; no partial refunds.
9.2. Our termination: We may suspend or terminate for cause (violation, payment issues, security risk, etc.).
9.3. Obligations accrued up to the effective date of termination survive.
9.4. Post-termination, we may allow read-only access to Content for a reasonable period (e.g., 30 days); legal retention obligations remain.
10. Privacy and Data Processing
10.1. Personal data is processed under our Privacy Policy.
10.2. We may share data with service providers/sub-processors (hosting, analytics, email/SMS, payments, etc.) on a need-to-know basis and purpose-limited terms.
10.3. We may analyze anonymized/de-identified data for performance and product development.
10.4. We may disclose information to competent authorities where required by law.
10.5. End-customer data: If you input or process your customers’ personal data (e.g., via AI chat),you are the data controller; we process such data on your behalf as your processor, solely to provide the Services. You are responsible for obtaining necessary consents and meeting all legal requirements.
11. Third-Party Services and Integrations
The Platform may use third-party services (cloud, CDN, payments, messaging, analytics, AI). Their own terms apply, and we are not liable for their outages/errors.
12. “As Is” (Disclaimer)
12.1. The Services are provided “AS IS” and “AS AVAILABLE” without warranties of any kind, express or implied, including merchantability, fitness for a particular purpose, uninterrupted or error-free operation, outcomes, or accuracy of third-party content.
12.2. The accuracy of menu content and declarations (allergens/calories, pricing, etc.) is the User’s responsibility.
13. Limitation of Liability
13.1. We are not liable for indirect, incidental, special, punitive, or consequential damages; loss of profits, reputation, records/data; business interruption; or third-party claims.
13.2. In any case, our aggregate liability is limited to the total fees you paid to us in the 12 months preceding the event giving rise to the claim.
14. Intellectual Property
14.1. All IP in the Platform/Services (software, design, databases, trademarks/logos) belongs to the Company or its licensors.
14.2. You may not copy, modify, adapt, distribute, or reverse engineer the Platform.
14.3. We may display your logo/mark within the Services as permitted; separate consent is required for marketing use unless otherwise agreed.
15. Maintenance, Changes, and Suspension
15.1. We may perform maintenance/improvements; we’ll try to notify in advance when feasible.
15.2. We may change the Services or this Agreement at any time. Unless stated otherwise, changes take effect upon posting. Continued use constitutes acceptance.
16. Force Majeure
We are not liable for failures caused by events beyond our reasonable control (natural disasters, war, strikes, outages, legal changes, supplier failures). Obligations are suspended for the duration.
17. Assignment
You may not assign this Agreement or your Account without our written consent. We may assign in connection with a merger, acquisition, or asset transfer.
18. Notices
Official notices may be sent via email (to your Account email), in-product notices, or to a legal address. You must keep your email current.
19. Governing Law and Jurisdiction
This Agreement is governed by the laws of the United Arab Emirates. Courts of Dubai shall have exclusive jurisdiction. (Optional: Parties may agree separately to submit disputes to DIFC or ADGM arbitration.)
20. Entire Agreement and Severability
This Agreement and referenced policies constitute the entire agreement. If any provision is invalid, the remainder remains in effect.
21. Contact
Company: Arsbias L.L.C-FZ
Address: Meydan Grandstand, 6th Floor, Meydan Road, Nad Al Sheba, Dubai, U.A.E.
Email: [email protected]
Support: [email protected]
Privacy Policy
Last updated: [Date] · Effective date: [Date]
This Privacy Policy (“Policy”) explains how Arsbias L.L.C-FZ (“Company,” “we,” “us”) collects, uses, shares, and protects personal data when operating the Menuvia Platform (“Services,” “Platform”). By using the Platform, you consent to the practices described herein.
Note: The Platform is designed primarily for businesses (restaurants). However, restaurant customers may access digital menus via QR, so this Policy covers data about Users (restaurants and their representatives) and Visitors/Customers (individuals who view menus or interact with optional AI chat).
1. Data We Collect
- Account Data (Users): Name, surname, business name, email, phone, business address, billing details. Payment card data, if any, is collected/processed directly by Stripe; we do not store raw card numbers.
- Usage Data: Device/browser type, IP, OS, timestamps, language preferences, pages/menu items viewed, clicks, and—if used—prompts/messages in the AI chat. Collected via cookies, logs, and similar technologies; typically used in aggregate/anonymous form.
- Customer (End-User) Inputs: We do not intend to collect personal data from end-customers beyond what is necessary to display menus. If the AI chat is used, customers may voluntarily disclose preferences (e.g., “gluten-free”). Such text may be processed transiently to generate a response. We may temporarily retain text to improve reliability and debug issues, avoiding identification where feasible. AI prompts may be sent to OpenAI and Anthropic to obtain answers; as commonly configured for API usage, providers process inputs only to provide the response and do not use API inputs to train base models.
- Cookies/Similar Tech: We may use essential cookies to operate sessions and remember preferences, and analytics cookies to understand traffic. See our Cookie Policy (if available) for details and controls.
2. How We Use Data
- Provide Services: Operate accounts, publish menus, enable multilingual/AI features, process subscription payments (via Stripe), and deliver support.
- Communications: Service notices (renewals, payment issues, material changes, security alerts). These may be mandatory for service operation.
- Marketing (Opt-In/Legitimate Interest): Product updates, features, campaigns—subject to your consent or applicable law. Opt-out via unsubscribe links or by contacting us.
- Analytics & Improvement: Performance monitoring and feature development using aggregate/anonymous data wherever possible.
- Security & Abuse Prevention: Detect and mitigate fraud, abuse, or attacks; maintain logs for security and compliance.
- Legal Compliance: Maintain records and respond to lawful requests or tax obligations.
3. Sharing with Third Parties
We share personal data only as reasonably necessary:
- Service Providers/Sub-processors:
- Hosting/Infrastructure: Supabase (database) and Vercel (cloud hosting).
- Payments: Stripe (collects/processes card data; we see status/metadata).
- AI Services: OpenAI (ChatGPT API) and Anthropic (Claude API) to generate answers for the AI features; data sent is processed to return the response and not used for base-model training under standard API terms.
- Analytics/Monitoring: If used, third-party analytics or error monitoring tools may collect de-identified/aggregate data. These providers act on our instructions under appropriate data-processing agreements.
- Corporate Transactions: In a merger, acquisition, asset sale, or insolvency, data may transfer subject to continuity of protection and notice where feasible.
- Legal Requests: Disclosures required by applicable law, court orders, or competent authorities; or to protect rights, safety, or investigate fraud.
- With Consent: We will seek your consent for any sharing beyond the above.
We do not sell or rent personal data.
4. International Transfers
We are UAE-based, but data may be processed/stored outside your country (e.g., where Supabase, Vercel, OpenAI, Anthropic, Stripe operate). Where laws offer lower protection, we implement safeguards (e.g., contractual clauses, minimization, anonymization) consistent with UAE PDPL and, where applicable, GDPR-style standards. By using the Platform, you acknowledge such transfers.
5. Data Retention
- Account/profile data: as long as your Account is active; deleted or anonymized within a reasonable period after closure (typically within 30 days post-termination), subject to legal holds.
- Billing/financial records: retained for at least 5 years or longer if required by law.
- Technical logs: retained for security/compliance (typically 6–12 months absent incidents).
- Support tickets: retained for a reasonable period (e.g., up to 2 years).
- Anonymous analytics: may be retained indefinitely.
6. Security
We implement technical and organizational measures: encryption in transit/at rest where appropriate, access controls, firewalls, periodic testing, and credential hashing. Payment flows use TLS; AI API calls use encrypted channels. No method is 100% secure; if a breach occurs, we will notify affected parties and authorities as required by law.
7. Your Rights
Depending on your jurisdiction (e.g., UAE PDPL, Türkiye KVKK, EU GDPR), you may have rights to: access, correct, delete, restrict processing, object (including to direct marketing), data portability, and to lodge a complaint with a supervisory authority. Submit requests via the contact details below; we will verify identity and respond within statutory timelines (generally 30 days). Repetitive or manifestly unfounded requests may be refused or charged as permitted by law.
End-customer data controlled by Users: Where you (the restaurant) input or cause processing of your customers’ data, you are the controller; we act as your processor. Please obtain necessary consents and provide notices to your customers.
8. Children’s Privacy
The Platform targets businesses, not children. We do not knowingly collect personal data from individuals under 18. If you believe a child’s data was provided to us without consent, contact us to request deletion.
9. Changes to this Policy
We may update this Policy. Material changes will be notified on the Platform and/or via email. The “Last updated” date shows the latest revision. Continued use after updates constitutes acceptance. Where legally required, we will seek renewed consent.
10. Contact / Data Controller
Data Controller: Arsbias L.L.C-FZ (Menuvia)
Address: Meydan Grandstand, 6th Floor, Meydan Road, Nad Al Sheba, Dubai, U.A.E.
Email: [privacy email]
Contact form: [link]