Privacy Policy

Last updated: April 2026

1. About Us

TableNest is operated by Fyrge Lab Pty Ltd (ACN 696 775 096). We are committed to protecting your privacy and handling your data in accordance with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).

2. Information We Collect

Venue operators: We collect your name, email address, phone number, venue details (name, address, operating hours), payment information (processed by Stripe — we do not store card details), and account credentials.

Booking customers: We collect booking data entered by customers through the booking widget, including name, phone number, email address, party size, date and time, and any notes provided.

Automatically collected: We collect usage data including IP addresses, browser type, device information, pages visited, and interaction data to improve the Service and for analytics purposes.

3. How We Use Your Information

We use your information to: provide and maintain the Service; process transactions and manage subscriptions; send booking confirmations and reminders via SMS and email; provide customer support; analyse usage to improve the Service; send essential account communications (billing, security, service changes); and comply with legal obligations.

We do not use customer booking data for marketing purposes. We never sell your data to third parties. We do not share customer lists between venues.

4. Data Storage and Security

Your data is stored securely using industry-standard encryption in transit (TLS) and at rest. Our database is hosted by Supabase with data stored in Australia where available. We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction, including row-level security policies, encrypted credentials, and rate-limited APIs.

5. Third-Party Service Providers

We share data only with service providers necessary to operate the platform:

  • Stripe — payment processing (PCI DSS compliant)
  • Supabase — database hosting and authentication
  • Texto — SMS delivery (Australian provider)
  • Twilio — SMS delivery (international)
  • Resend — email delivery
  • Vercel — website hosting
  • Plausible Analytics — privacy-focused, cookie-free website analytics

These providers are bound by their own privacy policies and data processing agreements. We do not operate a marketing network, share customer lists between venues, or sell data to advertisers.

6. Cookies and Tracking

We use essential cookies for authentication and session management. We use Plausible Analytics for website analytics, which does not use cookies or collect personal data. We use Meta Pixel for conversion tracking on the marketing site only (not within the dashboard or booking widget). You can disable cookies in your browser settings, but this may affect your ability to use the Service.

7. Data Retention

We retain your account data for as long as your account is active. After account cancellation, we retain your data for 90 days to allow for reactivation. After 90 days, your data may be permanently deleted. Booking records may be retained in anonymised form for analytics purposes. We may retain certain data longer if required by law or to resolve disputes.

8. Your Rights

Under the Australian Privacy Act 1988, you have the right to: access the personal information we hold about you; request correction of inaccurate information; request deletion of your personal information; export your customer data via CSV from the dashboard; withdraw consent for optional data processing; and lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the APPs.

To exercise any of these rights, contact us at privacy@tablenest.app. We will respond within 30 days.

9. United States Privacy Rights

California residents (CCPA/CPRA): You have the right to: know what personal information we collect and how it is used; request deletion of your personal information; opt out of the sale of personal information (we do not sell your data); and not be discriminated against for exercising your rights. To submit a request, email privacy@tablenest.app. We will verify your identity and respond within 45 days.

Categories of information collected: Identifiers (name, email, phone); commercial information (subscription plan, payment history); internet activity (usage data, pages visited); professional information (venue details). We collect this data directly from you and automatically through the Service.

Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA) residents: You may have similar rights to access, correct, delete, and port your data, and to opt out of targeted advertising. We do not engage in targeted advertising or sell personal data. Contact privacy@tablenest.app to exercise your rights.

10. Children’s Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email at least 14 days before they take effect. The “Last updated” date at the top of this page reflects the most recent revision.

12. Contact

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

  • Email: privacy@tablenest.app
  • Support: support@tablenest.app
  • Operator: Fyrge Lab Pty Ltd (ACN 696 775 096)