How TableTosh handles personal data

Depending on how you use TableTosh, we may collect the following types of information:

• Contact details such as your name, email address, phone number, and business contact information.
• Reservation details such as date, time, party size, seating preferences, notes, and changes or cancellations.
• Account and usage data such as login information, saved preferences, language settings, and support messages.
• Device and technical data such as IP address, browser type, device identifiers, log data, and approximate location derived from your device or network.
• Optional information you choose to provide, such as dietary preferences, accessibility needs, or special requests.

We use the information we collect to:

• Create and manage reservations, accounts, and related communications.
• Operate, secure, troubleshoot, and improve the platform and its features.
• Personalize your experience and remember settings such as language or interface choices.
• Respond to support requests and send service messages about bookings or account activity.
• Comply with legal obligations and enforce our terms or policies when needed.

Those legal bases can include:

• Contract: to take steps before a reservation or account relationship and to perform that relationship.
• Consent: for optional features, preferences, or cookies where consent is required.
• Legitimate interests: to keep the service secure, prevent abuse, and improve the product.
• Legal obligation: to meet tax, accounting, regulatory, or compliance requirements.

We may share personal data in the following situations:

• With the restaurant, venue, or organization managing the reservation, including authorized staff in that account.
• With service providers that host, store, monitor, analyze, secure, or otherwise support the platform.
• With advisors, auditors, law enforcement, or public authorities when required by law or to protect rights, safety, or the service.
• In connection with a merger, acquisition, financing, or similar business transaction.

Depending on the features you use, we may rely on:

• Essential cookies or local storage to keep the site functioning and maintain sessions.
• Preference cookies to remember settings such as language or form choices.
• Analytics or performance cookies to understand usage and improve the experience, if enabled.
• Browser settings or on-site controls to manage cookies, where available. Disabling essential cookies may affect site functionality.

We keep personal data only for as long as necessary for the purposes described in this policy, including to provide the service, handle disputes, meet legal obligations, and maintain security logs. Retention periods vary based on the type of data and our contractual or legal obligations.

Reservation and account data are usually kept while the relationship is active and for a reasonable period afterward. Security and log data are often kept for shorter periods unless we need them for investigations, legal compliance, or abuse prevention.

Your data may be processed in countries other than the one where you live. When we transfer data internationally, we use safeguards intended to protect it.

We use safeguards designed to protect personal data against unauthorized access, loss, alteration, or disclosure. No system is completely secure, so we encourage you to keep account credentials private and contact us if you suspect a security issue.

Your rights can include the ability to:

• Access the personal data we hold about you.
• Request correction, deletion, or restriction of your data where applicable.
• Object to processing based on legitimate interests.
• Withdraw consent at any time for consent-based processing.
• Request a copy of your data in a portable format where applicable.
• Lodge a complaint with your local data protection authority.

We may need to verify your identity before responding to a rights request.

TableTosh is not directed at children under 16, or the age of digital consent in your jurisdiction if higher. We do not knowingly collect personal data from children in that age group. If you believe a child has provided data to us, please contact us so we can review and delete it where appropriate.

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated version here and change the date at the top of the page.

For privacy questions or requests, please use our contact page. If your request relates to a booking, it can also help to contact the restaurant or venue involved.