Privacy Policy

1. Data Controller & Contact

The data controller for this website and the mixx service is:

MEHErix — mixx
Email: [email protected]

If you have any questions about this Policy or about how we process your data, you can contact us using the email above.

2. What Data We Collect

2.1 Information you provide to us

• Contact & pilot request data: name, email address, organisation, role, and any information you include in your message or description of your kitchens.
• Business details: such as restaurant type, number of locations, approximate covers per day, or any other information you choose to share with us.
• Support & communication data: responses, feedback, and content of emails or calls with us.

2.2 Data collected automatically

When you visit our website, we may automatically collect certain technical data, such as:

• IP address and approximate location (country or city level).
• Browser type, device type, operating system.
• Pages viewed, time spent on pages, and website navigation patterns.

This data is typically collected using standard web server logs or basic analytics tools and is used in aggregate form.

2.3 Pilot and product usage data (if you become a customer)

If you participate in a mixx pilot or production deployment, we may also process:

• Sales and POS data (e.g. menu items, quantities, timestamps, locations).
• Operational data (e.g. staff numbers, production schedules, inventory levels).
• Context data (e.g. weather or public holidays) if integrated into the solution.
• Account and access data for your team (names, work emails, roles and permissions).

This data is usually pseudonymised or aggregated where possible, and we process it according to a separate service or data processing agreement with you.

3. How We Use Your Data

We use the personal data we collect for the following purposes:

• To respond to your enquiries, pilot requests and support questions.
• To evaluate whether mixx is a good fit for your kitchens and propose a pilot or solution.
• To set up, operate and improve pilots and production deployments.
• To analyse aggregated usage trends to improve mixx’s prediction quality and dashboards.
• To maintain the security, stability and performance of our website and services.
• To comply with legal obligations and respond to lawful requests from authorities.

4. Legal Bases for Processing (GDPR)

Where EU/EEA data protection law applies (such as the GDPR), we rely on one or more of the following legal bases:

• Contract performance: when processing is necessary to enter into or perform a contract or pilot agreement with you or your organisation.
• Legitimate interests: for example, to operate, improve and secure our services, to communicate with you about relevant updates, and to develop new features, provided that these interests are not overridden by your rights and freedoms.
• Consent: when required for certain communications or optional cookies/analytics. You can withdraw consent at any time.
• Legal obligations: when we must process data to comply with laws, regulations, or lawful requests.

5. Cookies & Analytics

Our website may use strictly necessary cookies to ensure it functions properly.

We may also use basic analytics to understand how visitors use the site (e.g. number of visits, pages viewed). Where required by law, we will show you a cookie or consent banner allowing you to accept or manage optional cookies.

You can control cookies through your browser settings and delete existing cookies at any time.

6. How We Share Your Data

We do not sell your personal data. We may share data with:

• Service providers: such as hosting providers, email and communication tools, analytics, or other technical partners who process data on our behalf under appropriate contracts.
• Customer organisations: if you use mixx as part of your work and your employer or organisation manages the account.
• Authorities or legal entities: if required by law, court order, or to protect our rights, safety, or the rights of others.
• Business transfers: in the context of a merger, acquisition, or restructuring, subject to confidentiality safeguards.

7. Data Storage & Retention

We store personal data for as long as necessary to fulfil the purposes described in this Policy, unless a longer retention period is required or allowed by law.

• Contact and enquiry data is typically kept while we are in active discussions and for a reasonable period afterwards.
• Pilot and service data is kept for the duration of the pilot or contract and for an additional period where needed for reporting, backup, or legal obligations.
• Technical logs may be kept for shorter periods to ensure security and troubleshoot issues.

When data is no longer needed, we will delete or anonymise it in a secure manner.

8. International Data Transfers

We aim to store and process data within the EU/EEA where possible. If we use service providers or infrastructure located outside the EU/EEA, we will take appropriate measures to ensure an adequate level of data protection, for example by using standard contractual clauses or equivalent safeguards, where required by law.

9. Your Rights

Depending on your location and applicable law, you may have some or all of the following rights regarding your personal data:

• Right of access: to know whether we process your data and to request a copy.
• Right to rectification: to correct inaccurate or incomplete data.
• Right to erasure: to request deletion of your data, where applicable.
• Right to restriction: to request that we limit the processing of your data in certain circumstances.
• Right to data portability: to receive certain data in a structured, machine-readable format.
• Right to object: to object to processing based on legitimate interests, including profiling, and to direct marketing.
• Right to withdraw consent: when processing is based on your consent.

To exercise these rights, please email us at [email protected]. We may need to verify your identity before responding.

You also have the right to lodge a complaint with a data protection authority, for example in the EU/EEA country where you live or work.

10. Security

We use reasonable technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. If you believe your data may have been compromised, please contact us immediately.

11. Third-Party Links

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices or content of those third parties. We encourage you to read their privacy policies before providing any personal data.

12. Changes to This Policy

We may update this Privacy Policy from time to time, for example to reflect changes in our services or legal requirements. When we make changes, we will update the “Last updated” date at the top of this page.

We encourage you to review this Policy periodically. Your continued use of our website or services after changes become effective means you accept the updated Policy.

13. Contact

If you have any questions, concerns, or requests about this Privacy Policy or our data practices, you can contact us at:

MEHErix — mixx
Email: [email protected]