Back

Privacy Policy

Effective May 7, 2026

This policy describes the data Trim collects, how it is used, and the rights you have over your data.

What we collect

  • Login email address — used solely for authentication.
  • POS sales data — CSV exports from your point-of-sale system containing hourly sales by menu item, check counts, and revenue figures.
  • POS labor data — CSV exports containing employee shift records, hours, and job titles.
  • Receipt photos — images of vendor invoices and purchase receipts.
  • OCR-extracted text — ingredient names, quantities, unit prices, and vendor names extracted from receipts.
  • Recipes — ingredient lists, quantities, and costings you enter.
  • Vendor names — supplier names associated with your receipts and ingredients.

Use of data

Collected data is used solely to compute prime cost, food cost percentage, labor percentage, item-level margins, and ingredient cost drift. We do not use your data for advertising, profiling, or any purpose unrelated to delivering the service.

Storage and tenant isolation

Data is stored on a single server we operate. Each restaurant (tenant) has an isolated database file at the filesystem level; one tenant cannot access another tenant's data. Server access is limited to the operator.

Subprocessors

  • Postmark — delivers magic-link authentication emails. Postmark receives only your email address and the contents of the login link.
  • Google Gemini — performs OCR on uploaded receipt photos. Receipt images are transmitted to the Gemini API; extracted text returns to us. Original images remain on our server. Google may retain API inputs in accordance with its API terms.

No third-party trackers

Trim loads no analytics, advertising, or behavioral profiling scripts. Our pages do not request resources from third-party domains.

Security

Traffic is encrypted in transit via TLS. Authentication is magic-link only; we do not store passwords. Administrative endpoints are restricted to a private network and are not reachable from the public internet. Backups are encrypted.

Your rights

You may request the following at any time by emailing privacy@trim.menu:

  • Export — a complete export of your tenant's data, provided within 30 days.
  • Deletion — complete deletion of your tenant and all associated data, honored within 30 days.

Data retention

Data is retained for the duration of your account. On account closure or upon receipt of a deletion request, all tenant data is purged within 30 days.

Changes to this policy

Material changes will be posted to this page with a revised effective date.

Contact

privacy@trim.menu