Privacy Privacy Policy

1. General

The company PHAINO, whose head office is located in Rabat, Morocco, attaches great importance to the protection and respect of your privacy. This policy is intended to inform you about our practices regarding the collection, use, and sharing of the information you provide to us through our platform accessible from the website www.bonaptea.fr or our mobile applications.

This policy (together with our terms of use, any documents referred to therein, and our cookie policy) sets out how we handle the personal data we collect and that you provide. We invite you to read this document carefully to understand our practices regarding the processing of your personal data that we implement.

2. Information We Collect

We may collect and process the following data:

2.1 Information You Provide Directly

By using our platforms, you provide us with information, some of which can identify you ("profile"). This happens when you fill out forms (such as the registration form), contact us by phone, email, or other means of communication, or when you report a problem.

This information includes in particular:

  1. Data required to register for the service we provide on our platforms or to access any other service. This includes your first and last name, email address, date of birth, gender, phone number, and password. These are mandatory; otherwise, Bon Aptea will not be able to provide you with services and you will not be authorized to create an account.
  2. A photo.
  3. A mailing address.
  4. Your short biography.
  5. A copy of all exchanges between you and Bon Aptea.
  6. A copy of all reservations or posts made on our platforms.
  7. Details of financial or accounting transactions carried out on our platforms or by any other means, including payment card information, bank details, and information about meals booked or menus posted.
  8. Details of your visits to our platforms.
  9. Your responses to surveys or questionnaires and reviews left for meals shared with other members, which may be used for research and analysis of user behavior.
  10. Data you provide when reporting a problem with our platforms or services, such as your support request.
  11. Location data when you agree to share it.
  12. A copy of your passport, ID card, or other document you agree to provide.

2.2 Data We Collect Automatically

  1. If you log in via social networks, Bon Aptea may access some data (e.g., first name, last name, photo, email, Facebook friends count) from your account as allowed by the network’s terms. We may also collect data when you interact with social features, such as “likes.”
  2. During visits, we may collect, in compliance with applicable laws and with your consent if required, information about the devices you use and networks you access our services from, such as IP addresses, login data, browser types and versions, plugins, OS and platforms, browsing paths, content viewed, search terms, download errors, time spent on pages, and phone numbers used to contact us. We use technologies such as cookies (see our "Cookie Policy").
  3. We also collect usage information (e.g., number of meals in your menu, response rate, signup date, average reviews received) that may appear on your public profile.

2.3 Data Retention

  1. Except for categories below, personal data is archived after:
    • 5 years after your last use if you haven’t closed your account
    • 1 year after account closure, or 2 years if you had a negative review/report.
  2. Some categories are kept longer:
    • Financial data (payments, refunds, etc.) kept for tax and accounting legal requirements;
    • Content created (comments, reviews, ratings) is anonymized but remains visible.
  3. If your account is suspended/blocked, we retain data for 2–10 years to prevent circumvention.

3. How We Use the Data

We use the data collected to:

  1. Perform contracts and provide requested services;
  2. Send booking confirmations and service info;
  3. Process payments or transfer funds;
  4. Allow you to customize your profile;
  5. Enable communication with other community members;
  6. Provide customer support;
  7. Ensure compliance with laws and our terms;
  8. Send marketing/promotional messages and recommendations (with consent when required);
  9. Inform you of service changes;
  10. Verify your identity documents;
  11. Run technical operations and analysis;
  12. Improve and optimize platforms;
  13. Enable interactive features;
  14. Maintain a safe and secure environment;
  15. Evaluate and adapt advertising effectiveness.

4. Who Receives the Data?

  1. Some information is shared with other community members via your profile or booking process (e.g., phone, address).
  2. We may share with group entities as described in this policy.
  3. We work with third parties (social networks, business partners, technical providers, payment services, identity verification, analytics).
  4. Data is only shared when necessary (e.g., service providers, booking processes, reviews, search engines, upon request, legal obligations, business transfers).

5. How We Use and Moderate Messages

We may review messages exchanged between members to prevent fraud, improve services, provide support, and ensure compliance. For example, to prevent bypassing our booking system, we may analyze messages to ensure they don’t include personal contact info.

We never use your communications for promotional or advertising targeting. Automated systems may moderate messages but no individual-impact decisions are made.

6. Targeted Ads, Emails, and SMS

With consent when required, we may use your data for marketing (newsletters, info, targeted ads on social media or third-party sites).

You can unsubscribe from promotional emails anytime via the link in our emails or by contacting us (see Article 13).

7. Data Transfers

Your data is anonymized and used only for statistics. We do not share, sell, or rent your personal data to third parties for marketing without your explicit consent.

8. Your Rights

  1. Right of access to your data;
  2. Right to erasure and rectification of incorrect/outdated data (subject to legal requirements or fraud prevention needs);
  3. Right to object to processing for marketing or legitimate interest;
  4. Right to restrict processing under certain conditions (accuracy contested, unlawful processing, no longer needed but required for legal claims, pending objection review);
  5. Right to complain to supervisory authority or seek court remedy;
  6. Right to data portability (receive your data in a structured machine-readable format and transmit it elsewhere);
  7. Right to define instructions for your data after death;
  8. To exercise rights, contact us (see Article 13).

9. Cookies and Similar Technology

See our Cookie Policy

10. Password Confidentiality

You are responsible for keeping your chosen password for account access confidential.

You agree not to disclose it to anyone.

11. Links to Other Websites and Social Networks

Our platforms may contain links to third-party websites. These sites have their own terms and privacy policies, and we are not responsible for their use of information. Please review their policies before sharing your personal data.

12. Changes to This Privacy Policy

We may occasionally update this policy. When necessary, we will notify you and/or request your consent. Please check this page regularly for updates.

13. Contact

For any questions about this privacy policy or your personal data, contact us:

  • Email: contact@phaino.ca
  • Online form
  • Mail: PHAINO, 24 Avenue de France, Apt. 9, 3rd floor, Agdal, Rabat, Morocco

Updated on July 15, 2022