Privacy Policy

1 Information We Collect

Account Information

• Phone number — used for account creation, SMS verification, and booking confirmations
• Name — as provided by your Resy or OpenTable account when linked
• Email address — your Resy or OpenTable login email, used to authenticate bookings on your behalf

Restaurant Platform Credentials

• Resy email and password — encrypted and stored securely using AES-256 encryption; used solely to submit reservation requests on your behalf
• OpenTable credentials — encrypted and stored securely; used solely to submit reservation requests on your behalf

Booking & Usage Data

• Reservation details (restaurant, date, time, party size, status)
• Transaction history and credit balance
• Device information and IP address (for security and fraud prevention)

Payment Information

Payment processing is handled by Stripe. We do not store your full credit card number. Stripe retains payment information in accordance with PCI-DSS standards. We store only a tokenized reference and last four digits for display purposes.

2 How We Use Your Information

We use the information we collect to:

• Create and manage your tablepass account
• Submit reservation requests on your behalf via Resy and OpenTable
• Send SMS notifications about booking confirmations, status updates, and account activity
• Process payments for confirmed reservations
• Prevent fraud and abuse of our service
• Improve our service and develop new features

3 Information Sharing

We do not sell, rent, or share your personal information with third parties for marketing purposes.

We may share your information only in the following limited circumstances:

• Resy / OpenTable — your credentials are transmitted directly to these platforms’ APIs to complete bookings. We act as your agent.
• Stripe — payment data is shared with Stripe to process transactions
• Twilio — your phone number is shared with Twilio to deliver SMS messages
• Legal requirements — we may disclose information if required by law, court order, or governmental regulation

4 Data Security

We take data security seriously:

• Restaurant platform passwords are encrypted at rest using Fernet symmetric encryption (AES-256-CBC)
• All data transmitted between your browser and our servers is encrypted via TLS/HTTPS
• Access to production systems is restricted to authorized personnel
• We do not store your password in plain text at any point

5 Data Retention

We retain your account data for as long as your account is active. You may request deletion of your account and associated data at any time by contacting us. Reservation history and transaction records may be retained for up to 12 months for legal and accounting purposes.

6 SMS Communications

By creating an account, you consent to receive transactional SMS messages related to your bookings (confirmations, status updates, and alerts). Message and data rates may apply. You can opt out at any time by texting STOP to any message from us. For help, text HELP or contact us at the email below.

7 Cookies & Analytics

We use minimal cookies required for authentication and session management. We do not use third-party advertising cookies or trackers.

8 Your Rights

You have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate data
• Request deletion of your account and data
• Unlink your Resy or OpenTable credentials at any time from your account settings

9 Children’s Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from minors.

10 Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via SMS or by posting a notice on our website. Continued use of the service after changes constitutes acceptance of the updated policy.

11 Contact Us

If you have questions about this Privacy Policy or your data, contact us at: