Privacy Policy

BetterTable adheres to the following privacy regulations:

• Canada: PIPEDA and British Columbia's PIPA
• EU/UK: General Data Protection Regulation (GDPR) and UK GDPR
• California: CCPA and CPRA

We do not sell personal data.

• Contact details: name, email, phone number, company name
• Account credentials: email and encrypted password
• Payment information: processed securely through Stripe (we do not store card numbers)
• Profile preferences: language, notification settings
• User-generated content: food audit data, course progress, exam responses
• Communications: messages sent through contact forms and support requests

• Device details: browser type, operating system, screen resolution
• Network information: IP address, internet service provider
• Usage logs: pages visited, features used, time spent, click patterns
• Location data: approximate location based on IP (precise location only with permission)
• Cookies: session cookies, analytics cookies, preference cookies

• Platform operation: providing, maintaining, and improving our services
• Service improvement: analytics to understand usage patterns
• Marketing: newsletters and product updates (with your consent)
• Security: fraud prevention, abuse detection, and platform integrity
• Legal compliance: responding to legal requests and enforcing our terms
• Research: aggregated and anonymized benchmarking for the hospitality industry

We share information with service providers including:

• Hosting: Microsoft Azure (Canada)
• Payments: Stripe
• Analytics: Google Analytics
• CRM : HubSpot
• Email: Resend

We may also disclose information for legal obligations, corporate transactions, and with your explicit consent. We do not sell your personal data.

Depending on your jurisdiction, you may request:

• Access: a copy of your personal data
• Correction: update inaccurate or incomplete data
• Deletion: removal of your personal data
• Restriction: limit how we process your data
• Portability: receive your data in a machine-readable format
• Consent withdrawal: withdraw consent at any time

We respect Do Not Track (DNT) signals and Global Privacy Control (GPC). To exercise any rights, contact privacy@bettertable.com.

• Active accounts: data retained while your account is active
• Financial records: retained per legal requirements (typically 7 years)
• Deleted accounts: partially retained for compliance and fraud prevention
• Anonymized data: retained indefinitely for research and benchmarking

• Encryption in transit (TLS) and at rest
• Role-based access controls
• Continuous monitoring and logging
• Employee security training
• Incident response procedures

While we take reasonable precautions, no method of transmission over the internet is 100% secure.

• Essential: required for platform functionality (sessions, authentication)
• Analytics: Google Analytics to understand usage patterns
• Preferences: remembering your language and display preferences

We may update this Privacy Policy from time to time. Material changes will be posted on the Platform with an updated "Last Updated" date.