Privacy Policy

Overview

This Privacy Policy explains how Smart Dining LLC ("Smart Dining," "we," "us," or "our") collects, uses, discloses, and protects personal information when you use our guest websites, mobile applications, and related services (collectively, the "Services").

Smart Dining operates a hospitality technology platform. Restaurants and partners that use our tools may process personal information in their own right; this Policy describes our practices and points you to choices you can exercise.

If you do not agree with this Policy, please discontinue use of the Services. Where local law requires explicit consent, we will ask separately (for example, for marketing or non-essential cookies).

Information we collect

Account and identity data: name, email address, phone number, password hash, profile preferences, and languages.

Reservation and visit data: party size, date and time, special requests, seating preferences, waitlist status, messages you send through the platform, and invitation details when you invite other guests.

Order and payment data: cart contents, pickup or dine-in linkage, amounts, tips, refunds, partial card identifiers, billing postal code when required by fraud tools, and transaction IDs from payment processors.

Device and technical data: IP address, device identifiers, browser type, operating system, app version, diagnostic logs, and approximate location derived from IP or device settings when you enable location features.

Usage and analytics: pages viewed, taps, session duration, referral URLs, campaign identifiers, and in-app events used to improve product performance and security.

Communications: customer support tickets, survey responses, and recordings or transcripts where you consent to quality assurance.

Content you submit: reviews, photos, or event feedback, which may be shown to restaurants or the public according to product settings.

How we use information

Provide and secure the Services: authenticate users, process reservations and orders, send transactional notifications, prevent fraud, and troubleshoot issues.

Personalize experiences: remember preferences, surface relevant restaurants or offers when you opt in, and measure feature effectiveness.

Communicate with you: service messages, optional marketing (with consent where required), and product updates in line with your choices.

Analytics and improvement: understand aggregate trends, train and evaluate automated systems in accordance with our AI notice, and perform testing such as A/B experiments.

Legal and compliance: comply with law, respond to lawful requests, enforce our terms, and protect rights, safety, and security.

Legal bases (EEA, UK, and Switzerland)

Where GDPR or similar laws apply, we rely on: (1) performance of a contract with you; (2) legitimate interests that are not overridden by your rights (such as fraud prevention, analytics with appropriate safeguards, and product development); (3) consent when required; and (4) legal obligations.

You may withdraw consent at any time where processing is consent-based; withdrawal does not affect prior processing that was lawful.

Sharing of information

Restaurants and events: when you book or order, we share information the venue needs to fulfill your request, such as name, contact details, party size, preferences, and payment status.

Service providers: hosting, analytics, customer communications, fraud screening, customer support tools, and payment processors (for example, Stripe) process data under contractual obligations consistent with this Policy.

Corporate transactions: we may disclose information in connection with a merger, acquisition, or asset sale, subject to appropriate confidentiality and continuity safeguards.

Legal and safety: we may disclose information to comply with law, regulation, legal process, or governmental requests, or to protect users, the public, or Smart Dining.

We do not sell personal information for money. Where U.S. state law defines "sale" or "sharing" broadly to include certain advertising cookies, we provide opt-out mechanisms described in our Cookie Policy and U.S. State Privacy Notice.

Payments and PCI scope

Payment card data is collected and tokenized by our payment processors. Smart Dining does not store full card numbers on our servers. We may store tokens and metadata required to process refunds or receipts.

Processors’ privacy policies govern their direct collection of payment details within their hosted fields or mobile SDKs.

Cookies and similar technologies

We use cookies, local storage, pixels, and mobile identifiers for essential functions, preferences, analytics, and, where permitted, marketing. You can manage non-essential cookies through our banner and browser controls. See the Cookie Policy for detail.

Retention

We retain personal information for as long as your account is active, as needed to provide the Services, and as required by law (for example, tax, accounting, or card network rules). Reservation and order records may be retained for several years to handle disputes and regulatory obligations.

When data is no longer necessary, we delete or de-identify it subject to backup cycles and legal holds.

Security

We implement administrative, technical, and organizational measures designed to protect personal information, including encryption in transit, access controls, and vendor reviews. No method of transmission or storage is completely secure; see the Security & Data Handling Statement.

International transfers

Smart Dining is based in the United States. If you access the Services from other countries, your information may be transferred to, stored, and processed in the United States or other regions where we or our providers operate.

Where required, we use appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms, as described in our EEA/UK addendum.

Your rights and choices

Depending on your location, you may have rights to access, correct, delete, port, or restrict processing of your personal information, and to object to certain processing. You may also have the right to lodge a complaint with a supervisory authority.

Marketing opt-out: use unsubscribe links, in-app settings, or contact us. Transactional messages may continue where necessary to fulfill contracts or legal duties.

California and other U.S. state residents: see the U.S. State Privacy Notice for category-specific disclosures and rights requests.

To exercise rights, email privacy@gosmartdining.com or use in-app tools where available. We may verify your identity before responding.

Children

The Services are not directed to children under 13 (or a higher age where local law defines children differently). We do not knowingly collect personal information from children. If you believe we have, contact us and we will delete it promptly subject to law.

Automated decision-making

Some features may use automation or machine learning to rank results or detect fraud. You can read more in the AI, Automation & Recommendations Notice. Where GDPR requires, you may have rights related to solely automated decisions with legal or similar effects.

Changes to this Policy

We will post updates here and adjust the "Last updated" date. Material changes may require additional notice under local law.

Contact

Privacy inquiries: privacy@gosmartdining.com. Postal: Smart Dining LLC, Attn: Privacy, 4333 Corbett Drive #1071, Fort Collins, CO 80525, United States.