Privacy Policy

TableBell (“we”, “us”, or “our”) operates the TableBell platform at tablebell.app — a SaaS guest call system for restaurants and cafés. This Privacy Policy explains how we collect, use, and protect information when you use our service.

By using TableBell, you agree to the collection and use of information in accordance with this policy.

This policy applies to three types of users:

• Restaurant owners / operators — businesses that sign up for a TableBell account
• Staff members — employees who use the staff dashboard
• Guests — diners or customers who scan a QR code and use the guest request page

For restaurant owners (account holders)

• Email address and password (via Supabase Auth)
• Restaurant name and URL slug
• Billing information (processed by Stripe — we do not store card details)
• Subscription plan and status

For guests

• IP address (used solely for rate limiting to prevent spam requests)
• A randomly generated browser key stored in localStorage (used for rate limiting only, contains no personal data)
• The type of request made (e.g. “Water”, “Bill”, or general staff call)
• Timestamp of the request

We do not collect guest names, phone numbers, email addresses, or any personally identifiable information from guests. Guests are never required to create an account.

Usage data

• Pages visited and features used within the dashboard
• Error logs for debugging purposes

• To provide and operate the TableBell service
• To process subscription payments via Stripe
• To send transactional emails (account confirmation, password reset) via Resend
• To prevent abuse and spam on guest request pages
• To improve the platform based on usage patterns
• To respond to support requests

We do not sell your data. We do not use your data for advertising purposes.

Your data is stored securely using Supabase, hosted on AWS infrastructure. We use Row Level Security (RLS) to ensure restaurant owners can only access their own data.

Passwords are hashed and never stored in plain text. Payment data is handled entirely by Stripe and is never stored on our servers.

Guest IP addresses used for rate limiting are stored temporarily in our database and are not linked to any personal profile.

TableBell uses the following third-party services:

• Supabase — database, authentication, and real-time infrastructure
• Stripe — payment processing and subscription management
• Resend — transactional email delivery
• Vercel — hosting and deployment

Each of these services has their own privacy policy. We only share data with them as necessary to operate TableBell.

• Account data is retained as long as your account is active
• Request logs (guest calls) are retained for up to 90 days
• When you delete your account, all associated data is permanently deleted within 30 days

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and associated data
• Export your data in a portable format

To exercise any of these rights, contact us at privacy@tablebell.app.

TableBell uses minimal cookies — only those necessary for authentication (session management). We do not use tracking or advertising cookies.

Guest pages use localStorage to store an anonymous rate-limiting key. This is not a cookie and contains no personal data.

TableBell is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us.

We may update this Privacy Policy from time to time. We will notify account holders of significant changes via email. Continued use of TableBell after changes constitutes acceptance of the updated policy.

For privacy-related questions or requests:

• Email: privacy@tablebell.app
• Website: tablebell.app/contact