Privacy Policy

Last updated: October 12, 2025

1. Introduction

FullTable, Inc. ("FullTable," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our restaurant reputation management platform and related services.

By using our services, you agree to this Privacy Policy.

2. Information We Collect

2.1 Personal Information

We may collect the following personal information:

  • Name and contact details (email address, phone number)
  • Restaurant business and location information
  • Payment details (processed securely via Stripe)
  • Account login and authentication data
  • Customer feedback and review information

2.2 Usage Information

When you access or use our platform, we automatically collect:

  • Device information, browser type, and IP address
  • Pages visited and features used
  • Date, time, and duration of access
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use collected information to:

  • Provide, operate, and improve our services
  • Process payments and manage subscriptions
  • Send SMS messages for waitlist and review requests
  • Deliver customer support and account communications
  • Comply with applicable laws and enforce our Terms of Service
  • Analyze usage to improve performance and features
  • Send important updates or service notifications

4. SMS Communication and Consent

FullTable uses Twilio to send text messages for waitlist updates and review requests.

4.1 Consent

By providing your phone number to a participating restaurant or through our platform, you consent to receive automated, service-related text messages (e.g., "Your table is ready" and a single follow-up review request). Consent is not a condition of purchase.

Consent is collected verbally or digitally and is logged for compliance purposes under the Telephone Consumer Protection Act (TCPA) and CTIA guidelines.

4.2 Opt-Out

You may opt out of SMS messages at any time by replying "STOP" to any message. You will receive a confirmation message and no further texts will be sent. You may also contact your restaurant directly for assistance.

4.3 Message Handling

We retain SMS message logs (including sender, recipient, timestamps, and delivery status) through Twilio, our trusted SMS provider, to ensure system reliability and regulatory compliance. Message content is used solely for service delivery and not for marketing.

5. Information Sharing and Disclosure

We do not sell or rent your personal information. We may share data in the following circumstances:

  • Service Providers: With trusted partners such as Stripe (payments) and Twilio (SMS delivery) to operate core platform functions.
  • Legal Compliance: When required by law or valid legal process.
  • Business Transfers: If FullTable undergoes a merger, acquisition, or asset sale.
  • Consent: When you explicitly authorize us to share information for specific purposes.

All third-party partners are contractually required to handle your information securely and in accordance with applicable data protection laws.

6. Data Security

We use industry-standard measures to protect your data, including:

  • Encryption in transit and at rest
  • Role-based access controls
  • Secure authentication mechanisms
  • Regular system audits and vulnerability testing

However, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Data Retention

We retain personal and SMS-related data only as long as necessary to:

  • Provide and maintain our services
  • Comply with legal and regulatory obligations
  • Resolve disputes and enforce agreements

Opt-in and opt-out records are retained for at least three (3) years for compliance with telecommunications regulations.

8. Legal Basis for Processing (GDPR Notice)

If you are located in the European Economic Area (EEA), we process your information based on one or more of the following legal bases:

  • Your consent
  • Performance of a contract
  • Compliance with legal obligations
  • Legitimate business interests (e.g., improving our services)

9. International Data Transfers

We and our service providers (including Twilio and Stripe) may process and store your data in the United States or other countries. We take steps to ensure that data transferred internationally is protected under appropriate safeguards, such as the EU Standard Contractual Clauses.

10. Your Rights and Choices

Depending on your location, you may have the right to:

  • Access and obtain a copy of your personal data
  • Correct or delete inaccurate information
  • Restrict or object to processing
  • Withdraw consent at any time
  • Request data portability

To exercise these rights, please contact us at wells.wes@outlook.com.

11. Cookies and Tracking

We use cookies and similar technologies to improve user experience and site performance. You can manage cookies through your browser settings, but disabling them may affect functionality.

12. Children's Privacy

Our services are not directed to children under 13. We do not knowingly collect personal information from minors. If we become aware that we have collected data from a child under 13, we will delete it promptly.

13. Your California Privacy Rights (CCPA)

If you are a California resident, you may have additional rights regarding access, deletion, and disclosure of personal information under the California Consumer Privacy Act (CCPA). To submit a request, contact wells.wes@outlook.com.

14. Changes to This Policy

We may update this Privacy Policy periodically. The "Last Updated" date at the top reflects the latest version. Continued use of our services after updates constitutes acceptance.