Privacy

Who we are

Soul Flava operates this website to take food orders and enquiries in the UK (Swindon & London).

Data we collect

• Orders: name, email, phone, delivery address (if applicable), basket contents, notes, and payment-related metadata needed to fulfil the order (checkout remains demo until live payments are enabled).
• Account: if you sign in with Supabase magic link, we store your auth user id and profile fields you choose (name, phone) plus saved addresses.
• Contact & catering: name, email, and message (plus phone and event details for catering) sent to our inbox via Postmark when configured.

Why we use it

To process and deliver orders, communicate about your order, operate staff tools, improve service, and meet legal obligations. Marketing uses only where you have opted in (we do not add you to marketing lists from a food order alone).

Processors & hosting

We use suppliers such as Vercel (hosting), Supabase (database & authentication), Prisma against Postgres, and Postmark (email). They act on our instructions under contract.

Your rights

Under UK GDPR you may request access, correction, deletion, or restriction in line with the law. Contact us via the contact page; we will respond within statutory timeframes.

Cookies

We use cookies and similar storage for session and security (e.g. staying signed in). Essential cookies are needed for checkout and account features. When you first visit, you can choose Essential only or Accept analytics. If you accept analytics, we load Vercel Analytics (privacy-friendly usage metrics). Your choice is stored in localStorage on your device; you can clear it in the browser to reset the banner.