Privacy Policy
Last updated: July 13, 2026
FoodPlug E-Service Inc. (“FoodPlug,” “we,” “us,” or “our”) operates the FoodPlug website, vendor tools, public storefronts, checkout experience, and related services collectively referred to as the “Services.”
FoodPlug helps independent food vendors create online storefronts, receive and manage customer orders, track payments, and view basic business reports.
This Privacy Policy explains what personal information we collect, how we use and disclose it, and the choices and rights available to you.
Privacy at a Glance
- Vendors provide account, business, and storefront information to operate their FoodPlug shops.
- Buyers may place an order without creating an account. We collect the information needed to process and fulfill that order.
- Buyer information is shared with the vendor from whom the buyer places an order.
- FoodPlug currently supports manual payment methods, such as Interac e-Transfer, cash, and bank transfer. FoodPlug does not currently process or store payment-card numbers.
- We use limited product analytics and error-monitoring services to understand how FoodPlug is used and to maintain the reliability of the Services.
- We do not sell personal information.
- We do not currently use personal information for third-party behavioural advertising or session replay.
- You may contact us to request access to or correction of your personal information or to ask questions about our privacy practices.
1. Scope of This Policy
This Privacy Policy applies when you:
- Visit a FoodPlug website or public vendor storefront.
- Create or use a vendor or administrator account.
- Create or manage a FoodPlug storefront.
- Place an order through a FoodPlug storefront.
- Contact FoodPlug for support or provide feedback.
- Otherwise interact with the Services.
Independent vendors may have their own privacy practices for information they collect or use outside FoodPlug. This policy does not govern a vendor’s independent website, social-media account, messaging group, payment account, or offline business activities.
2. Personal Information We Collect
The information we collect depends on how you use FoodPlug.
A. Vendor and Account Information
When a vendor creates or uses an account, we may collect:
- Name.
- Email address.
- Phone number.
- Profile image, where provided.
- Account role and permissions.
- Login, session, and account-security information.
- Password hashes or authentication-provider information.
- IP address, browser, and user-agent information associated with account sessions.
- Communications with FoodPlug support.
We may also collect vendor business and storefront information, including:
- Business or display name.
- Storefront description and URL.
- Business email and phone number.
- City, province or region, country, and service area.
- Pickup and delivery preferences.
- Pickup locations and related instructions.
- Product, menu, availability, price, and image information.
- Website and social-media links.
- Business type.
- Legal business name, business number, or business address, where provided.
- Tax registration status and tax registration numbers, where provided.
- Vendor verification status and internal verification notes.
- Interac e-Transfer email address and payment instructions.
- Order, sales, and payment-reporting information.
Some of this information is optional and is collected only when a vendor chooses to complete an extended business profile or when it is needed for verification, tax configuration, or support.
B. Buyer and Order Information
Buyers may place orders through guest checkout without creating a FoodPlug account.
When a buyer places an order, we may collect:
- Name.
- Phone number.
- Email address, where provided.
- Products, quantities, options, and prices selected.
- Pickup location.
- Delivery address, when delivery is selected.
- Fulfillment preferences.
- Order notes or instructions.
- Order number.
- Order, fulfillment, and payment status.
- Subtotal, tax, and total amounts.
- Manual payment method, amount, and payment reference, where recorded.
- Date and time of the order and related status changes.
Please do not include unnecessary sensitive information, banking credentials, card numbers, passwords, or security answers in order notes or payment references.
C. Information Collected Automatically
When you access the Services, we may automatically collect:
- IP address.
- Browser and device type.
- Operating system.
- Requested pages and URLs.
- Date and time of access.
- Referring page.
- Request identifiers.
- Application and server logs.
- Error and diagnostic information.
- General interactions with storefront, cart, checkout, and vendor-management features.
FoodPlug may use browser cookies or similar storage for essential functions such as authentication, security, and maintaining a shopping cart.
D. Information Provided by Other People
A vendor or authorized staff member may enter or update information relating to an order, customer, payment, or business operation.
A person providing information about someone else must have the authority to provide that information for the relevant purpose.
3. Public Vendor Information
FoodPlug storefronts are publicly accessible and may be shared through messaging services, social media, community groups, or direct links.
Information a vendor chooses to publish may be visible to anyone who visits or receives the storefront link. Public information may include:
- Vendor and storefront name.
- Description.
- Logo and product images.
- Products, menus, prices, and availability.
- City, region, and service area.
- Pickup locations and instructions.
- Delivery availability.
- Business website and social-media links.
- Public contact information.
- Interac e-Transfer email address and payment instructions.
- Vendor verification status.
Vendors should not publish personal home addresses, private phone numbers, or other information they do not want publicly accessible.
4. How We Use Personal Information
We use personal information to:
- Create and maintain user accounts.
- Authenticate users and protect accounts.
- Create and display vendor storefronts.
- Process guest orders.
- Provide order information to the appropriate vendor.
- Support pickup and delivery fulfillment.
- Track order and payment status.
- Allow vendors to manage products, menus, orders, and customers.
- Prepare sales, payment, and tax-related reports.
- Provide CSV exports requested by vendors.
- Administer vendor status and verification.
- Respond to support requests and feedback.
- Maintain, troubleshoot, and secure the Services.
- Detect misuse, fraud, security incidents, or violations of our terms.
- Measure product adoption, storefront usage, and checkout completion.
- Meet legal, accounting, tax, and regulatory obligations.
- Enforce our agreements and protect our legal rights.
- Develop or improve FoodPlug features using aggregated or de-identified information.
We will not use personal information for a materially different purpose without providing notice and obtaining consent where required.
5. How Buyer Information Is Shared With Vendors
When a buyer submits an order, FoodPlug makes the buyer’s order and fulfillment information available to the vendor receiving the order.
The vendor may use that information to:
- Review, accept, reject, or prepare the order.
- Communicate about payment, substitutions, pickup, or delivery.
- Fulfill the order.
- Resolve order issues.
- Maintain reasonable business, accounting, and tax records.
FoodPlug administrators may also access vendor and order information when needed for platform administration, support, safety, investigation, or compliance.
A vendor may download or export customer and order records. Once a vendor uses exported information outside FoodPlug, the vendor is responsible for complying with applicable privacy laws and its own privacy obligations.
6. Payments
FoodPlug currently allows vendors to record payments made outside the platform, including:
- Interac e-Transfer.
- Cash.
- Bank transfer.
- Mobile money.
- Other manually arranged payment methods.
FoodPlug may store the payment amount, method, status, reference, and the identity of the vendor user who recorded the payment.
FoodPlug does not currently process or store payment-card numbers. Payments arranged directly between a buyer and vendor may also be governed by the privacy and security practices of the relevant bank, payment service, or vendor.
Before introducing integrated card payments or automated payment processing, FoodPlug will update this policy and provide information about the applicable payment processor.
7. Cookies, Analytics, and Similar Technologies
Essential Technologies
FoodPlug uses essential cookies or similar technologies to:
- Keep users signed in.
- Protect accounts and sessions.
- Maintain security.
- Remember cart contents.
- Support basic website operation.
Disabling essential technologies may prevent parts of the Services from working.
Product Analytics
FoodPlug uses PostHog to understand how people use the Services and to measure activities such as:
- Storefront views.
- Products added to carts.
- Checkout activity.
- Orders created.
- Vendor onboarding and storefront setup.
- Order-status changes.
- Manual payment-status changes.
Our analytics implementation is designed to use identifiers, counts, totals, statuses, and product events rather than buyer names, contact information, payment references, or free-text order notes.
Where required by applicable law, we obtain consent before enabling non-essential analytics. You may change your analytics preference through the Privacy Choices option available on the website.
Error Monitoring
FoodPlug uses Sentry to identify and diagnose application errors.
Error reports may contain technical information such as the affected page, request method, status code, browser details, and application environment. FoodPlug configures Sentry not to send default personal information such as cookies, authentication headers, or IP addresses.
FoodPlug does not currently use Sentry session replay.
8. When We Disclose Personal Information
We may disclose personal information to:
Vendors
Buyer and order information is disclosed to the vendor receiving the order.
Service Providers
We use service providers that help us operate FoodPlug, including providers of:
- Hosting and cloud infrastructure.
- Databases and backups.
- Product analytics.
- Error monitoring.
- Security and operational monitoring.
- Business communications or customer support, when enabled.
- Professional, accounting, or legal services.
These providers may access personal information only as needed to perform services for FoodPlug and are expected to protect the information appropriately.
Legal and Safety Reasons
We may disclose information where we reasonably believe it is necessary to:
- Comply with applicable law, a court order, or lawful government request.
- Investigate fraud, abuse, or security incidents.
- Protect FoodPlug, vendors, buyers, or the public.
- Enforce our terms or legal rights.
- Establish, exercise, or defend legal claims.
Business Transactions
Personal information may be disclosed as part of a proposed or completed financing, reorganization, merger, acquisition, or sale of some or all of FoodPlug’s business or assets, subject to appropriate confidentiality and privacy protections.
FoodPlug does not sell or rent personal information.
9. Processing and Storage Outside Your Province or Country
FoodPlug’s core application and primary database are hosted in Canada.
Some service providers, including analytics and error-monitoring providers, may process or store limited information outside Canada, including in the United States or other jurisdictions.
Information processed in another jurisdiction may be subject to the laws of that jurisdiction and may be accessible to courts, law-enforcement agencies, or government authorities in accordance with applicable law.
FoodPlug evaluates service providers and uses contractual, organizational, and technical safeguards appropriate to the sensitivity of the information.
10. Consent and Your Choices
We obtain consent in a manner appropriate to the sensitivity of the information and the context in which it is collected.
You may:
- Choose not to provide optional profile information.
- Choose whether to provide an email address during guest checkout when it is optional.
- Manage non-essential analytics through available privacy controls.
- Withdraw consent for optional uses of personal information.
- Unsubscribe from marketing communications using the instructions in the message.
Some information is necessary to provide the Services. For example, a vendor must provide account information to operate a shop, and a buyer must provide sufficient contact and fulfillment information to place an order.
Withdrawing consent may limit our ability to continue providing a particular feature or service.
11. Retention
We retain personal information only for as long as reasonably necessary for the purposes described in this policy or as required by law.
Retention depends on the type of information:
- Account and vendor-profile information is generally retained while the account is active and for a reasonable period after closure.
- Order, payment, tax, and transaction records may be retained for accounting, dispute-resolution, fraud-prevention, and legal-compliance purposes.
- Security and application logs are retained for limited operational periods.
- Analytics and error-monitoring information is retained according to FoodPlug’s configured provider settings.
- Deleted information may remain temporarily in secured backups until the backups are overwritten through the normal backup cycle.
We may retain aggregated or de-identified information that can no longer reasonably identify an individual.
12. Security
FoodPlug uses administrative, technical, and organizational safeguards appropriate to the sensitivity of the information, including measures such as:
- Encrypted network connections.
- Hashed passwords.
- Secure session cookies.
- Role-based access controls.
- Separation of vendor and administrator permissions.
- Restricted administrative access.
- Logging and monitoring.
- Redaction of sensitive information from application logs.
- Database backups.
- Software testing and security updates.
No online service can guarantee absolute security. Users are responsible for protecting their passwords, email accounts, and devices and for notifying FoodPlug if they suspect unauthorized access.
FoodPlug will investigate privacy and security incidents and provide notifications where required by applicable law.
13. Access, Correction, and Deletion
Subject to applicable law, you may request:
- Confirmation that FoodPlug holds personal information about you.
- Access to your personal information.
- Information about how it has been used or disclosed.
- Correction of inaccurate or incomplete information.
- Deletion of information that is no longer required.
- Withdrawal of consent for optional processing.
- Information about FoodPlug’s service providers and cross-border processing.
- Review of a privacy-related decision or response.
We may need to verify your identity before completing a request.
Certain information may not be deleted immediately where retention is required for legal, accounting, fraud-prevention, security, dispute-resolution, or legitimate business purposes. We will explain any applicable limitation where required.
Buyers may also need to contact the vendor directly regarding information the vendor has downloaded, copied, or retained outside FoodPlug.
14. Communications
FoodPlug may send vendors administrative or service-related communications concerning:
- Account security.
- Service availability.
- Orders and business operations.
- Support requests.
- Important changes to the Services, Terms of Use, or Privacy Policy.
Marketing messages will be sent only where permitted by law and where any required consent has been obtained. Marketing messages will include a method to unsubscribe.
FoodPlug does not currently promise automated email, SMS, or push notifications for every order.
15. Children
FoodPlug is not intended for children under 14.
We do not knowingly collect personal information directly from children under 14 without the consent of a parent or guardian where required. A parent or guardian who believes a child has provided personal information may contact us to request its deletion.
16. Automated Decision-Making
FoodPlug does not currently make decisions that have legal or similarly significant effects on individuals solely through automated processing.
Vendor verification and platform-status decisions currently involve human review. We will update this policy and provide any legally required notice before introducing significant automated decision-making or profiling.
17. Changes to This Privacy Policy
We may update this Privacy Policy as FoodPlug, applicable laws, or our service providers change.
We will post the updated policy and revise the “Last updated” date. Where changes are material, we will provide additional notice and obtain consent where required by law.
Continued use of FoodPlug does not replace any consent that applicable law requires us to obtain separately.
18. Contact and Privacy Complaints
FoodPlug E-Service Inc. is responsible for personal information under its control.
Questions, access requests, correction requests, deletion requests, and privacy complaints may be sent to FoodPlug’s Privacy Officer at:
Email: hello@myfoodplug.ca Subject: Privacy Request
Please include enough information for us to understand and respond to your request, but do not send passwords, payment credentials, or unnecessary sensitive information by email.
We will review and respond to privacy requests within the timelines required by applicable law.
You may also have the right to complain to the privacy regulator responsible for your province or territory or to the Office of the Privacy Commissioner of Canada.

