Order by Sunday 8pm3d 23h 26m 1s leftfor Monday deliverySee menu →

Beit Nana

Privacy

A short, plain-English privacy policy.

We collect the minimum we need to cook for you, take payment, and stay in touch. Nothing is sold; nothing is shared without a clear reason.

Last updated · May 2026

Who we are

Beit Nana Limited (referred to as “Beit Nana”, “we”, “us” in this notice) is a private company registered in England & Wales. We run a Lebanese-Persian home kitchen in London. If you need to reach the data controller, email hello@beitnana.co.uk.

What we collect

  • Waitlist signups — just your email address (and the page you signed up from) so we can let you know when we open.
  • Account & ordering — name, email, phone, delivery address and postcode, dietary notes, the dishes you ordered, and order totals.
  • Payment — handled by Stripe. We never see or store your card details; we only receive a payment confirmation and a Stripe reference.
  • Operational logs — basic request logs (IP address, user agent, timestamps) used to keep the site secure and rate-limit abuse.

Why we collect it

  • To process and deliver your order (contractual necessity).
  • To email you about your order and account (transactional, no marketing).
  • To tell waitlist subscribers when we open (consent — you can unsubscribe at any time by replying).
  • To protect the site against abuse (legitimate interest — keeps the kitchen and your account safe).

Where it lives

Our database (customers, orders, waitlist) is hosted on Supabase in the EU region. Transactional email is sent via Resend, also EU-hosted. Payments are processed by Stripe. We don’t transfer your personal data outside the UK / EEA without an appropriate safeguard in place.

How long we keep it

  • Waitlist signups — until we open and email you, then either (a) migrated into a customer record if you order, or (b) deleted on request.
  • Customer & order records — kept for 7 years after your last order to meet HMRC bookkeeping obligations, then deleted.
  • Operational logs — 30 days, then purged.

Your rights

Under UK GDPR you can ask us to access, correct, port, restrict, or delete the personal data we hold about you, and you can object to processing based on legitimate interest. Email hello@beitnana.co.uk and we’ll respond within one month. If you’re not satisfied with how we handle it, you can complain to the UK Information Commissioner’s Office (ico.org.uk).

Cookies and similar technologies

We only use strictly-essential cookies and browser storage right now — nothing optional, nothing for analytics or marketing. Under UK PECR, essential-only use doesn’t require a consent banner, so we don’t show one.

What’s stored on your device:

  • Supabase auth session cookie — required to keep you signed in once you have an account. Set only after you log in; cleared when you sign out.
  • localStorage waitlist_signed— remembers that you’ve joined the waitlist on this device, so the homepage popup doesn’t ask you again.
  • sessionStorage waitlist_dismissed— remembers that you closed the popup in the current browser tab, so it doesn’t reopen on the same session. Cleared when you close the tab.

No analytics, no marketing pixels, no third-party tracking are loaded at this time. If we add anything in that category in future — Google Analytics, Plausible, an ad pixel, anything similar — this section will be updated and a consent banner will appear before those scripts load.

Changes

If we update this policy we’ll change the “Last updated” date above. For material changes that affect how your data is used, we’ll email customers and waitlist subscribers before the change takes effect.

See also our Terms & Conditions.