Privacy Policy

Last updated: May 26, 2026

This policy covers two relationships. If you have a Tablerr account, Tablerr is your service provider and the section For Restaurant Operators below applies to you. If a restaurant uses Tablerr to manage its reservations and guest list, the restaurant controls your data and Tablerr processes it on their behalf; the section For Diners (Restaurant Guests) explains how that works and how to exercise your rights.

For Restaurant Operators

This section covers the personal data Tablerr holds about you as the holder of a Tablerr account.

1. Information We Collect

Account information: When you create an account, we collect your email address and optional name.

Payment information: Payment processing is handled by Stripe. We do not store your credit card details. See Stripe's Privacy Policy.

Usage data: We collect anonymized usage analytics via Plausible Analytics (privacy-friendly, no cookies).

Guest data uploaded to your account: As part of using Tablerr, you may upload, type, or import personal data about your diners (guests) into your Tablerr account. The relationship for that diner data is described in the For Diners section below: you are the controller of that data, Tablerr is the processor.

2. How We Use Your Information

We use your information to:

  • Provide and maintain the Service
  • Send you transactional emails (login links, billing notifications)
  • Process payments through Stripe
  • Improve the Service based on anonymized usage data

3. Data Sharing

We do not sell your personal data. We share data only with:

  • Stripe, for payment processing
  • Resend, for transactional email delivery
  • Sentry, for error tracking (user ID and email may be sent for debugging)
  • Plausible, for cookie-free usage analytics

4. Data Retention

We retain your account data for as long as your account is active. If you delete your account, your data is soft-deleted and permanently removed after 30 days.

5. Your Rights

You have the right to:

  • Access your personal data
  • Update or correct your data
  • Delete your account and associated data
  • Export your data

6. Cookies

We use a single essential cookie for authentication (session management). We do not use tracking cookies. Plausible Analytics is cookie-free.

The cookie and tracking disclosure for the public booking pages that diners visit is covered separately on those pages.

7. Security

We use industry-standard security measures including encrypted credentials, signed cookies, HTTPS, and secure headers. However, no method of transmission over the internet is 100% secure.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email.

9. Contact

If you have questions about this Privacy Policy, contact the support address listed on the Service.

For Diners (Restaurant Guests)

This section covers the personal data a restaurant may store about you in Tablerr after you book a table, dine, or otherwise interact with a restaurant that uses Tablerr.

1. Who Controls Your Data

The restaurant you booked or dined with is the controller of your data. Tablerr is the processor, acting on the restaurant's instructions.

To know what is held about you, who it is shared with on the restaurant's side, or how to exercise your rights, your starting point is the restaurant, not Tablerr. Tablerr will not act on your data without the restaurant's instruction, except where required by law.

2. What Restaurants Can Store About You in Tablerr

Tablerr's guest profile supports storing:

  • Your name, phone number, email address, birthday, and anniversary
  • Dietary notes and allergies
  • Free-form notes about you written by restaurant staff
  • Tags applied by staff (for example, "Regular" or "Wine Lover")
  • A VIP level set by the restaurant
  • Your marketing consent state per channel (email and SMS)
  • A history of your reservations at that restaurant
  • Per-visit notes recorded during or after a visit

This describes what the system supports. What an individual restaurant actually stores about you is the restaurant's decision.

3. How Your Data Is Used

Restaurants use the data they store about you to:

  • Operate your reservation (confirmations, reminders, and helping the host know you when you arrive)
  • Market to you, only if you have opted in
  • Keep internal records and run reporting on their own business

Tablerr does not use diner data for its own marketing, does not sell it, and does not share it between restaurants.

4. Who Receives Your Data

Tablerr uses service providers to operate the platform on the restaurant's behalf, including providers for email delivery, error tracking, and cookie-free analytics on its public pages. For the full list of third parties involved in handling your data, refer to the privacy policy on the website of the restaurant you booked with. The restaurant is the controller of your data and their policy enumerates their processors, including Tablerr.

5. Retention

Restaurants set their own retention. Per-restaurant retention controls are coming in a future update. Until then, the restaurant decides; absent a stated policy, data is kept for as long as the restaurant maintains its Tablerr account. If a restaurant leaves Tablerr, the data is deleted with their account.

6. Your Rights & How to Exercise Them

You have the following rights over the data a restaurant holds about you. The first three are honored through the restaurant. Marketing consent can also be withdrawn directly from any marketing email.

  • Access, a copy of your data. The restaurant can export everything they store about you as a single JSON file. Ask the restaurant.
  • Erasure, to be forgotten. The restaurant can erase your profile. Erasure is anonymize-in-place: identifying fields (your name, phone, email, notes, tags, allergies, marketing consent) are removed, but past reservations remain in the restaurant's aggregate history as anonymous entries. Erasure includes a 30-day recovery window during which the restaurant can reverse it; after 30 days it is permanent and irreversible.
  • Rectification, correction. Restaurants can update or correct any field they hold about you. Contact the restaurant.
  • Withdraw marketing consent. Every marketing email Tablerr sends on a restaurant's behalf includes a one-click unsubscribe link. Withdrawing consent is immediate; the restaurant retains the audit log of when consent was given and withdrawn.

7. Marketing Communications

Marketing is opt-in. Consent is recorded per channel (email and SMS). Unsubscribe is one click from any marketing email. The restaurant retains the audit log of when you opted in and when you opted out.

8. Security

Tablerr uses industry-standard security measures including encrypted credentials, signed cookies, HTTPS, and secure headers. However, no method of transmission over the internet is 100% secure.

9. Contact

Contact the restaurant you booked with. They decide on requests about your data. If you cannot reach them or need to escalate, contact Tablerr support at the address listed on the Service and Tablerr will work to assist the restaurant in responding.