Privacy Policy

Last updated: 14 January 2025

Welcome to Douq.ma, Morocco's premier restaurant discovery platform. This Privacy Policy explains how we collect, use, protect, and share your personal information when you use our services. We are committed to protecting your privacy and ensuring transparency in our data practices. By using our platform, you agree to the collection and use of information as described in this policy.

Data Collection

Personal Information

We collect the following personal information when you use our platform:

  • Name and email address for account creation
  • Phone number for reservation confirmations
  • Location data to show nearby restaurants
  • Profile preferences and dining history
  • Review and rating content you submit
  • Communication preferences and language settings

Restaurant and Business Data

For restaurant owners and business users, we also collect:

  • Business registration information and licenses
  • Menu items, prices, and restaurant photos
  • Operating hours and contact information
  • Reservation and booking management data
  • Customer feedback and analytics
  • Payment and billing information

How We Use Your Data

Service Improvement

We use your data to enhance our restaurant discovery platform:

  • Personalized restaurant recommendations based on your preferences
  • Improved search results and filtering options
  • Enhanced user experience through behavior analysis
  • Quality assurance and customer support

Communication

We may use your contact information to:

  • Send booking confirmations and reminders
  • Notify you about new restaurants in your area
  • Share special offers from partner establishments
  • Provide customer support and respond to inquiries

Security Measures

Technical Safeguards

  • SSL/TLS encryption for all data transmission
  • Encrypted database storage
  • Multi-factor authentication for admin access
  • Regular security audits and monitoring
  • Secure API key management
  • Regular automated backups

Security Incident Response

In the event of a data breach, we will notify affected users within 72 hours and take immediate steps to secure the compromised data.

Your Rights

GDPR Rights (EU Residents)

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate personal data
  • Right to Erasure: Request deletion of your data
  • Right to Restrict Processing: Limit how we use your data

Additional Rights

  • Data Portability: Receive your data in a portable format
  • Right to Object: Object to certain types of processing
  • Automated Decision Making: Object to automated profiling

How to Exercise Your Rights: Contact us at contact@douq.ma with your request.

Cookies and Tracking

Cookie Categories

Essential Cookies

Required for basic site functionality, authentication, and security.

Performance Cookies

Help us understand how visitors interact with our website through analytics.

Functional Cookies

Remember your preferences and provide enhanced features.

Marketing Cookies

Used to deliver relevant advertisements and track campaign effectiveness.

Cookie Management

You can control cookies through your browser settings or our cookie consent banner. Note that disabling essential cookies may affect site functionality.

Data Retention

Account Data: Retained for the duration of your account plus 3 years after closure

Reviews and Ratings: Kept indefinitely for platform integrity and historical reference

Reservation Data: Stored for 2 years for customer service and business analytics

Marketing Data: Deleted immediately upon unsubscribe or after 5 years of inactivity

Analytics Data: Anonymized after 26 months in compliance with GDPR guidelines

International Data Transfers

Data Centers

  • Morocco (Primary data center)
  • European Union (GDPR compliant)
  • United States (Privacy Shield certified)
  • Asia-Pacific region

Security Safeguards

  • Standard Contractual Clauses (SCCs)
  • Data Processing Agreements with all vendors
  • Regular security audits and compliance checks
  • End-to-end encryption for data transfers

Opérations Internationales

En tant qu'entreprise internationale, nous opérons des serveurs dans plusieurs régions :

  • Europe (GDPR Compliant)
  • Maroc (Data Center Principal)
  • États-Unis (Privacy Shield Certified)
  • Asie-Pacifique

Contact Information

General Support

Data Protection Officer