Leer este artículo en español →
The screen asks for your POS login. Or it asks you to drop in your sales export — “just paste your last month so we can show you what you’re leaving on the table.” The cursor is blinking in the box. This is the moment the whole question lives in: not after you’ve typed, after the report has already scrolled past and the damage is done, but right here, before the first real number leaves your hand. Before you type a real number into any free restaurant tool, you can find out in under a minute whether that number ever leaves your browser. That is the entire job of this page.
Because most “free margin audit” tools have a price tag — it’s just paid in data. The pattern is well-worn: you type your real ticket, your real food cost, your real labor — and the tool returns a number. It also tends to return sales reps in your inbox by morning, each with a proposal built on numbers that were never supposed to leave your office. The tool was the funnel. Your numbers were the qualifier.
The pattern hides because nobody asks the obvious question at the cursor: where do my inputs go the moment I type them? So treat what follows as a walkthrough you run with the sign-up screen still open in front of you — five tests, four data tiers, one worked example, and a verdict tree that ends in a plain keep-or-walk-away call on the exact tool you’re looking at. The tools that pass will tell you so, plainly. The tools that fail are about to explain why the tests don’t apply to them. That’s the tell.
The screen wants your real numbers before it gives you anything. The one minute before you type is the only leverage you’ll ever have over that tool — spend it.
1. The five tests — run before you type
Open DevTools ↗ on whatever tool you're evaluating (Cmd+Opt+I on Mac, Ctrl+Shift+I on Windows). Five questions:
- Does typing a number trigger a network request? Open the Network tab. Type. If the request list grows on every keystroke, the tool is silently sending your inputs to a server. Walk away.
- Is the privacy claim at the point of input? A trustworthy tool tells you what it does with your data where you're typing — not in a footer link three clicks deep.
- Is there an account / newsletter / cookie gate? “Enter your email to see your results” means your numbers are the price of admission. The tool is not free.
- Are there third-party analytics, session replay, or marketing scripts? Filter the Network tab by JS. If you see Google Analytics, Meta Pixel, HubSpot, FullStory, Hotjar — your inputs are being recorded by surveillance vendors who weren't even part of the deal you thought you were making.
- Is the source code readable? Right-click → View Source. A small, readable, unminified script is a tool you can audit. A 4-megabyte minified bundle from a SaaS framework is a tool you can't.
Pass all five and the tool is at least honest about its data flow. Fail any of them and the tool either doesn't know or doesn't want you to know — both are reasons to leave.
Each test has a tell you can read at a glance. Here is what a safe signal looks like beside the red flag it’s standing in for — same five tests, sorted into the two columns you’re actually deciding between.
-
1
Network on keystroke
-
2
Privacy at the point of input
-
3
Account / email / cookie gate
-
4
Third-party scripts
-
5
Readable source
2. The four-tier model — what to share, where
Most small-business owners carry all their data in the same mental bucket — which means the supplier list and the tax ID get the same protection (often the same low level of it). Four tiers, each with a different audience and a different level of caution:
- Tier 1 — Public. Menu, hours, photos, address, phone, schema.org markup. Optimize aggressively; this is how customers find you.
- Tier 2 — Competitive-sensitive. Cost of goods, supplier list, your actual commission tier (not the public rate), labor schedule template. Share with bookkeeper / consultant / broker — under NDA. Not with platforms, competitors, or “free audit” tools that keep your input.
- Tier 3 — Operational-confidential. Monthly P&L, actual food cost %, customer pipeline, employee schedules. Inside the business only. POS vendor, payroll, accountant — and only under written contract.
- Tier 4 — Regulated. SSN, EIN, customer card data, bank details, food-safety logs, I-9s. Encrypted storage, access logging, contracts with cybersecurity terms. Never email. Never in a shared spreadsheet.
The principle: data never flows up a tier. A Tier 3 vendor doesn't get Tier 4 access just because they asked. A Tier 1 audience (a platform, a listing site) doesn't get Tier 2. The easiest way to reduce your attack surface is to stop volunteering data that wasn't actually required.
PublicMenu, hours, photos, address. Optimize aggressively.
Competitive-sensitiveSuppliers, costs, real commission tier. NDA only.
Operational-confidentialP&L, food cost, pipeline, schedules. Contract only.
RegulatedSSN, EIN, card data, I-9s. Encrypted only. Never email.
3. What “safe” looks like — the worked example
Here's the standard every tool on this site is held to. Nine claims about how every Muntin tool handles your inputs, each one verifiable in your own browser. Tap any claim to see the DevTools step that confirms it.
The full version with each claim's specific DevTools verification step lives at /security/. Four of them (1, 2, 4, 5) are build invariants — the cohesion-check pass that runs on every deploy fails CI if a future tool ships a forbidden pattern. So “verifiable” isn't marketing copy; it's a contract enforced by the build, with a public hash of the production bundle published at /security/integrity.txt.
The claim that the build won’t let slide
Four of the nine claims — 1, 2, 4, and 5 — are enforced as build invariants, not promises. A tool that ships a forbidden pattern fails the deploy outright. That’s the difference the tree below is built to read: a claim a vendor can quietly break the week after you sign up versus one a machine re-checks on every release. Read your own audit the same way — worst failure first, and let the first hard fail decide it.
So stop reading the five tests as a checklist and read them as a verdict. Walk the spine top to bottom; the first branch that fires hands you a keep-or-walk-away call on the exact tool in front of you, and you’re done.
-
1Did a request fire on a keystroke?
The most serious failure, and it overrides every check below. A request per keystroke means the tool is streaming your raw inputs to a server before you ever press submit.
Walk away Yes — this is the one failure that ends the audit on its own, no matter how clean the rest looks.
Keep checking No — inputs stay on the page so far. Drop to the next gate.
-
2Is there an account / email / cookie gate?
“Enter your email to see your results” means the numbers are the cost of entry. The tool is not free; it is a lead-capture funnel wearing a calculator costume.
Walk away Yes — unless you would hand those exact numbers to the vendor's sales team by name, decline.
Keep checking No gate — nothing stands between you and the result. Continue.
-
3Are third-party surveillance scripts recording?
Meta Pixel, FullStory, Hotjar, HubSpot — vendors who were never part of the deal you thought you were making. Even if inputs stay client-side, watchers you never approved are on the page.
Not free, watched Yes — a soft fail. Usable only if the surveillance is genuinely incidental and nothing financial reaches it.
Last gate No watchers — one honest check left.
-
4Readable source + privacy claim at the input?
A small, unminified script you can read in five minutes, with the privacy line sitting next to where you type — not buried in a footer. This is the standard every Muntin tool meets and enforces as a build invariant.
Safe to use Yes — the tool is at least honest about its data flow, and you can confirm it yourself in the browser.
Walk away No — a tool you cannot audit is a tool asking for trust it has not earned.
"Verifiable" should be a build flag, not a marketing claim. If the only proof is the brochure, treat it as the brochure.
4. Run the audit
The 5-test framework is also an interactive checklist at /learn/checklists/audit-any-tool/ — walk through it with DevTools open on any tool you're evaluating. Save the result to your Workshop as a baseline; re-run it whenever a vendor pushes a “new feature.”
And if you find a tool that fails the audit but you can't tell whether it's malicious or just sloppy, write through The Window and tell me about it. I read every one. The pattern of free tools that quietly turn operators into the product is worth naming — out loud, with the tool's name attached.
Tell us
Be the first field note on this piece.
Tried this in your own restaurant? 100–400 words, your name on it. Don reads every one. Your note shows up here once approved.
Sources & further reading
OWASP — client-side data exposure
OWASP — OWASP's ongoing guidance on client-side data exposure underpins Test 4 (third-party scripts) and the principle that any input typed into a page reachable by GA, Pixel, or session-replay vendors should be treated as published. The categories of script flagged in Test 4 (analytics, session replay, marketing) map to OWASP's "untrusted client-side data" risk class.
NIST data classification frameworks
NIST data classification frameworks — The four-tier data model in this post is operator-friendly framing of NIST SP 800-60 Volume I — the federal data-classification framework that distinguishes Public / Sensitive / Confidential / Regulated. The vocabulary differs; the principle ("data never flows up a tier without a contract") is the same one NIST applies to federal information systems.
RFC 3986 — URL fragment behavior
RFC 3986 — The "shareable scenario links use the URL fragment" claim relies on RFC 3986 §3.5: browsers do not transmit the fragment portion of a URL to the server in HTTP requests. This is what makes fragment-encoded scenario links a valid privacy-preserving share mechanism.