TABLE214For Restaurants

Privacy Policy

Last updated: 01-07-2026 — Legal entity: ConviOne Inc., Herengracht 208, 1016 BS Amsterdam, Netherlands.

ConviOne Inc. (“we”, “us”, or “our”) operates the TABLE214 platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our website, applications, and related services (the “Service”). Please read this policy carefully. If you disagree with its terms, please do not access the Service.

1. Data Controller

ConviOne Inc. is the data controller responsible for your personal data. You can contact our privacy team at:

ConviOne Inc.
Herengracht 208
1016 BS Amsterdam
Netherlands
Email: privacy@table214.com

2. Personal Data We Collect

We collect the following categories of personal data:

  • Account data: name, email address, phone number, and password (stored as a hash).
  • Reservation data: date, time, party size, special requests, dietary requirements, and the restaurant selected.
  • Usage data: IP address, browser type, device identifiers, pages visited, referral URLs, and timestamps.
  • Payment data: where applicable, payment card details are collected and processed by our PCI-DSS-compliant payment processor; we do not store full card numbers.
  • User Content: reviews, ratings, and photographs you submit.
  • Communications: messages you send to us via email or in-app support channels.
  • Cookie data: as described in our Cookie Policy.

3. How We Use Your Personal Data

We use your personal data for the following purposes:

  • To create and manage your account and authenticate your identity.
  • To process, confirm, and manage restaurant reservations on your behalf.
  • To communicate with you regarding your bookings, account, and service updates.
  • To personalise your experience, including restaurant recommendations.
  • To improve and develop the Service through analytics and user research.
  • To detect, investigate, and prevent fraudulent transactions and other illegal activities.
  • To comply with legal obligations and enforce our Terms of Use.
  • To send marketing communications where you have given consent (you may opt out at any time).

4. Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we rely on the following legal bases:

  • Contract performance (Art. 6(1)(b)): processing necessary to provide the Service and fulfil reservations.
  • Legitimate interests (Art. 6(1)(f)): fraud prevention, security, analytics, and service improvement.
  • Consent (Art. 6(1)(a)): marketing communications and non-essential cookies.
  • Legal obligation (Art. 6(1)(c)): compliance with applicable Dutch and EU law.

5. Sharing Your Personal Data

We share your personal data only in the following circumstances:

  • Restaurants: we share reservation details (name, party size, date, time, special requests) with the restaurant at which you have booked.
  • Service providers: we engage third-party processors for hosting, email delivery, payment processing, and analytics. All processors are contractually bound to protect your data.
  • Legal requirements: we may disclose data when required by law or to protect the rights and safety of our users and third parties.
  • Business transfers: in the event of a merger, acquisition, or asset sale, your data may be transferred to the acquiring entity, subject to equivalent privacy protections.

We do not sell your personal data to third parties.

6. International Transfers

Some of our service providers may process your data outside the European Economic Area (EEA). Where data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or we rely on an adequacy decision.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. We will also retain and use your data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Specifically:

  • Account data: retained for the lifetime of your account plus 3 years after closure.
  • Reservation data: retained for 7 years for accounting and legal compliance purposes.
  • Usage and log data: retained for up to 24 months.
  • Marketing consent records: retained for 3 years from the date of consent or last interaction.

8. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: request correction of inaccurate or incomplete data.
  • Erasure: request deletion of your data in certain circumstances (“right to be forgotten”).
  • Restriction: request that we restrict processing in certain circumstances.
  • Portability: receive your data in a structured, commonly used, machine-readable format.
  • Objection: object to processing based on legitimate interests or for direct marketing.
  • Withdrawal of consent: withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact us at privacy@table214.com. We will respond within 30 days. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include encryption in transit (TLS), encryption at rest, access controls, and regular security assessments. However, no internet transmission is completely secure and we cannot guarantee absolute security.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to operate the Service and, with your consent, to analyse usage and deliver personalised content. For full details, including how to manage your preferences, please see our Cookie Policy.

11. Children's Privacy

The Service is not directed at individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have inadvertently collected such data, we will delete it promptly. If you believe we have collected data from a child under 16, please contact privacy@table214.com.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date and notify you via email or a prominent notice on the Service. Your continued use of the Service after the effective date of the revised policy constitutes acceptance of those changes.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact our privacy team:

ConviOne Inc. — Privacy Team
Herengracht 208
1016 BS Amsterdam
Netherlands
Email: privacy@table214.com

For complaints you may also contact the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

← Back to TABLE214