Last updated: 25 April 2026
Tavolo Plus ("we", "our", "us") is the data controller for personal data collected through this platform. Contact: [email protected]
For Customers: account information (name, email address), stamp activity (restaurants visited, stamps collected, rewards redeemed), device information and usage data.
For Restaurant Partners: business information (name, address, category), contact details (email, phone), opening hours, transaction data (stamps issued, offers created, redemptions).
• Performance of a contract (Art. 6(1)(b)): to operate the loyalty platform. • Legitimate interests (Art. 6(1)(f)): analytics, security, fraud prevention. • Consent (Art. 6(1)(a)): marketing communications where applicable.
We use your data to provide and operate the loyalty stamp platform, process stamp issuance and reward redemptions, send transactional notifications, improve our services through analytics, and comply with legal obligations.
Customer accounts: retained until account deletion, then purged within 30 days. Transaction data: 3 years from creation. Marketing preferences: until consent is withdrawn.
You have the right to: • Access your personal data (Art. 15) • Rectify inaccurate data (Art. 16) • Erase your data — "right to be forgotten" (Art. 17) • Restrict processing (Art. 18) • Data portability (Art. 20) • Object to processing (Art. 21) • Withdraw consent at any time
To exercise these rights, contact: [email protected]
We do not transfer personal data outside the European Economic Area (EEA). Where third-party processors are used, they are bound by EU Standard Contractual Clauses.
We use essential cookies for session management only. No third-party tracking cookies are placed without your explicit consent. You may manage cookie preferences through your browser settings.
We do not sell or rent personal data. Payment processing is handled by Stripe (stripe.com/privacy). Email communications are sent via SMTP Pulse under a data processing agreement.
You have the right to lodge a complaint with your national data protection authority. In Italy: Garante per la Protezione dei Dati Personali — www.garanteprivacy.it.
We will notify you of material changes via email or in-app notification at least 15 days in advance.