How we keep your account, your data, and your payments locked down — by default.
DinnerVeto utilizes 1-click Google and Apple OAuth exclusively. We never collect, handle, or store passwords on our servers, entirely neutralizing credential leak risks. Your identity stays with the provider you already trust.
All session parameters and user profile metrics are encrypted in transit via TLS 1.2+ and at rest using AES-256 engines. Restaurant pools, room codes, and tier counters never travel or sit in plaintext.
Row-Level Security (RLS) policies ensure data is isolated and only accessible by the verified account holder. Game-state mutations are gated by signed tokens and server-side functions — clients cannot spoof votes, vetos, or winners.
Transaction handling is managed off-site by Stripe (PCI Service Provider Level 1) and DinnerVeto never handles or stores credit card numbers. Your card details never touch our infrastructure.
Last updated: May 25, 2026. Questions? Email us at dinnerveto1@gmail.com.