Privacy Policy

Last Updated: May 6, 2025

1. Introduction

Welcome to DigiTable ("we," "our," or "us"). We provide QR code menu solutions for businesses ("Services"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Services.

We are committed to protecting your personal data and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018.

2. Data Controller Information

DigiTable

[Your Company Address]

Grimsby, DN31 2AA

United Kingdom

Email: privacy@digitable.uk

Phone: [Your Phone Number]

3. Information We Collect

3.1 Information You Provide to Us

When you register for and use our Services, we may collect:

• Account information: Name, email address, phone number, job title, and company information
• Billing information: Payment details, billing address, and VAT number
• Content information: Menu items, descriptions, prices, and images you upload
• Communication data: Information you provide when contacting our customer support

3.2 Information We Collect Automatically

When you use our Services, we may automatically collect:

• Device information: IP address, browser type, operating system, and device identifiers
• Usage data: How you interact with our Services, pages visited, features used, and time spent
• Log information: Access times, pages viewed, and system activity
• QR code scan analytics: Scan counts, locations, times, and devices used (anonymized where possible)

3.3 Cookies and Similar Technologies

We use cookies and similar tracking technologies to collect information about your interactions with our Services. For detailed information about our cookie practices, please see our separate Cookie Policy.

4. Legal Basis for Processing

We process your personal data on the following legal bases:

• Contract performance: To provide the Services you have requested
• Legitimate interests: To improve our Services, ensure security, and conduct business development
• Legal obligations: To comply with applicable laws and regulations
• Consent: Where you have explicitly agreed to specific processing activities

5. How We Use Your Information

We use your personal data for the following purposes:

• To create and manage your account
• To provide and maintain our Services
• To process payments and billing
• To communicate with you about our Services
• To respond to your inquiries and provide customer support
• To improve and develop our Services
• To ensure the security and integrity of our Services
• To comply with legal obligations
• To send you marketing communications (with your consent)

6. Data Sharing and Disclosures

We may share your personal data with:

6.1 Service Providers

Third-party vendors who perform services on our behalf, such as hosting, payment processing, customer support, and analytics.

6.2 Business Partners

With your consent, we may share certain information with our business partners to provide specific services.

6.3 Legal Requirements

When required by law, legal process, litigation, or governmental authorities.

6.4 Business Transfers

In connection with a merger, acquisition, reorganization, or sale of all or a portion of our assets.

All third-party processors are vetted to ensure they provide adequate protection for personal data and comply with applicable data protection laws.

7. International Transfers

Your personal data may be transferred to, stored, and processed in countries outside the UK and European Economic Area (EEA). We ensure appropriate safeguards are in place through:

• EU Standard Contractual Clauses
• UK International Data Transfer Agreements
• Only transferring data to countries with adequate protection determinations
• Implementing supplementary measures where necessary

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:

• The duration of your relationship with us
• Legal obligations to retain data for certain periods
• Statutes of limitations under applicable law
• Resolution of disputes
• Enforcement of our agreements

9. Your Data Protection Rights

Under the GDPR and UK data protection laws, you have the following rights:

• Right to access: Request a copy of the personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data in certain circumstances
• Right to restrict processing: Request limitation of how we use your data
• Right to data portability: Request transfer of your data in a machine-readable format
• Right to object: Object to processing based on legitimate interests or direct marketing
• Rights related to automated decision-making: Not be subject to decisions based solely on automated processing that produce legal effects

To exercise any of these rights, please contact us at privacy@digitable.uk.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and testing
• Access controls and authentication procedures
• Staff training on data protection
• Incident response procedures

However, no method of transmission over the internet or electronic storage is 100% secure, so we cannot guarantee absolute security.

11. QR Code Menu End-User Privacy

11.1 Customer Responsibilities

As our customer, you are responsible for:

• Providing appropriate privacy notices to your end users (restaurant customers)
• Obtaining necessary consents for data collection through QR codes
• Complying with applicable data protection laws in your interactions with end users

11.2 Our Role as a Processor

For end-user data that may be collected through our system when restaurant customers scan QR codes, we act as a data processor on your behalf. We:

• Process this data only according to your instructions
• Implement appropriate security measures
• Assist you in fulfilling your obligations to end users
• Delete or return all personal data at the end of our service provision

12. Children's Privacy

Our Services are not directed to children under 16. We do not knowingly collect personal data from children under 16. If you become aware that a child has provided us with personal data, please contact us.

13. Third-Party Links and Services

Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party websites you visit.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we will provide additional notice, such as an email notification.

15. Data Protection Officer

While we may not be legally required to have a designated Data Protection Officer, we are committed to data protection compliance. For questions about this Privacy Policy or our data practices, please contact:

Thomas Bardsley

DigiTable

[Your Company Address]

Email: dpo@digitable.uk

16. Complaints

If you have concerns about our data processing activities, please contact us first so we can address your concerns. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office

Wycliffe House, Water Lane

Wilmslow, Cheshire, SK9 5AF

United Kingdom

Website: www.ico.org.uk

17. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

DigiTable

[Your Company Address]

Grimsby, DN31 2AA

United Kingdom

Email: privacy@digitable.uk

Phone: [Your Phone Number]