Legal

Privacy Policy

NZR — Mobile App  ·  Last updated: 27 May 2026

01

Introduction

Nazare Beach ("we", "us", "our") operates the NZR mobile application (the "App"), available on the Apple App Store. This Privacy Policy explains what personal data we collect, how we use it, with whom we share it, and what rights you have under the General Data Protection Regulation (GDPR) and applicable law.

By using the App you agree to the practices described in this policy. If you do not agree, please do not use the App.

02

Data Controller

The data controller responsible for your personal information is:

Nazare Beach
Buljarica, 84300, Montenegro
Website: nazarebeach.me
Privacy contact: nazarebeachesapp@gmail.com

03

Data We Collect

Account data

DataWhy we collect it
Email addressAccount creation, sign-in, and password reset
PasswordAuthentication — stored securely and never visible to us

Device & notification data

DataWhy we collect it
Device identifierA unique ID stored on your device to deliver push notifications to you
Notification tokenEnables push notifications for order status, events, and live music
Crash & error reportsHelps us identify and fix technical issues to improve stability
App usage dataGeneral information about how the app is used, to help us improve it

Order & activity data

DataWhy we collect it
Orders placedTo process your order, show order history, and send status updates
Menu interactionsTo improve the menu experience and highlight popular items
QR code scansThe QR identifies your table only — no image or photo is stored

Data we do not collect

Location / GPS Contacts or photos Health or biometric data Payment card data Browsing history

Orders are paid at the venue — no financial data passes through the App.

04

Legal Basis for Processing

Processing activityLegal basis (GDPR Art. 6)
Account creation & sign-inContract — necessary to provide the service
Order processing & historyContract — necessary to fulfil your order
Order status notificationsContract — necessary to fulfil your order
Event & music notificationsLegitimate interest / Consent — withdraw anytime in iOS Settings
App stability & analyticsLegitimate interest — to maintain and improve the App

05

Third-Party Services

To provide the App, we use services from Google LLC (Firebase platform) for authentication, push notifications, stability monitoring, and usage analytics. Data processed by these services is governed by Google's Privacy Policy.

Google may process data on servers outside Montenegro. This is covered by Standard Contractual Clauses approved by the European Commission.

06

Data Retention

We retain your personal data only for as long as necessary to provide the service and fulfil the purposes described in this policy. When data is no longer needed, we delete or anonymise it. You may request deletion of your account and associated data at any time by contacting us.

07

Your Rights (GDPR)

As a data subject in the EU/EEA you have the right to:

  • Access Request a copy of the personal data we hold about you.
  • Rectification Ask us to correct inaccurate or incomplete data.
  • Erasure Ask us to delete your data where there is no overriding reason to keep it.
  • Restriction Ask us to limit how we process your data in certain circumstances.
  • Portability Receive your data in a structured, machine-readable format.
  • Object Object to processing based on legitimate interests.
  • Withdraw consent Where processing is based on consent, withdraw it at any time without affecting past processing.

To exercise any right, email nazarebeachesapp@gmail.com. We will respond within 30 days.

You may also lodge a complaint with the national data protection authority of Montenegro:
Agency for Personal Data Protection and Free Access to Informationazlp.me

08

Push Notifications

The App requests permission to send push notifications for order status updates, event announcements, and live music schedules. You can enable or disable notifications at any time in iOS Settings → NZR → Notifications.

09

Camera Access

The App requests camera access solely to scan the QR code at your table. No photos or video are captured, stored, or transmitted. Camera access is activated only when you explicitly start a QR scan.

10

Children's Privacy

The App is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11

Security

All data transmitted between the App and our servers is encrypted. We apply appropriate technical and organisational measures to protect your data against unauthorised access, loss, or misuse.

12

Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via an in-app message or push notification. The "Last updated" date at the top will always reflect the current version.

13

Contact

Nazare Beach
Buljarica, 84300, Montenegro
Email: nazarebeachesapp@gmail.com
Website: nazarebeach.me