Privacy Policy
Last updated: April 10, 2026
Service ("we", "us", "our") operates the Service mobile application and web platform (the "Platform"), a restaurant reservation management solution. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our Platform.
1. Data Controller
The data controller responsible for your personal information is:
MOMO INVEST
16 rue du Château, 92600 Asnières-sur-Seine, France
Email: support@useservice.app
2. Information We Collect
2.1 Restaurant Staff Information
When a restaurant subscribes to our Platform, we collect information about authorized staff members:
- Full name
- Email address
- Role and permissions within the restaurant
2.2 Restaurant Information
We collect business information provided by restaurant operators:
- Restaurant name and address
- Opening hours and service schedules
- Floor plan and table configurations
- Booking rules and policies
2.3 Guest Information
When guests make reservations through the Platform, the following data is collected:
- Full name
- Email address
- Phone number
- Reservation details (date, time, party size, special requests)
- Reservation history
2.4 Technical Information
We automatically collect certain technical data to operate the Platform:
- Device type and operating system version
- Push notification tokens (to deliver reservation notifications)
- Authentication tokens (stored securely in your device's keychain)
3. Roles in Data Processing
3.1 Guest Reservation Data
For the processing of guest personal data (names, contact details, reservation details, dietary preferences), the restaurant is the data controller and Service is the data processor within the meaning of Article 28 of the GDPR. This means:
- The restaurant determines the purposes and means of processing guest data
- Service processes guest data solely on behalf of the restaurant and under the restaurant's instructions
The relationship between Service and the restaurant is governed by our Data Processing Addendum, which details sub-processors, security measures, breach notification procedures, and data subject rights assistance.
If you are a guest and wish to exercise your data rights (access, rectification, erasure, etc.), please contact the restaurant where you made your reservation. You may also contact us at support@useservice.app and we will forward your request to the relevant restaurant.
3.2 Restaurant Staff and Account Data
For the processing of restaurant staff personal data, Service is the data controller. We process this data to provide and operate the Platform under the terms of our subscription agreement.
3.3 Website Visitor Data
For the processing of marketing website visitor data, Service is the data controller. We use cookie-free, self-hosted analytics (Umami) that collect no personal data. See Section 12 for details.
4. Legal Basis for Processing
We process personal data on the following legal bases under Article 6 of the GDPR:
| Purpose | Legal Basis |
|---|---|
| Providing the reservation service | Performance of a contract (Art. 6(1)(b)) |
| Managing restaurant accounts and staff access | Performance of a contract (Art. 6(1)(b)) |
| Sending push notifications about reservations | Legitimate interest (Art. 6(1)(f)) |
| Sending service communications (updates, security alerts) | Legitimate interest (Art. 6(1)(f)) |
| Improving and maintaining the Platform | Legitimate interest (Art. 6(1)(f)) |
| Sending promotional communications | Consent (Art. 6(1)(a)) |
| Complying with legal obligations | Legal obligation (Art. 6(1)(c)) |
5. How We Use Your Information
We use the collected information to:
- Provide and operate the reservation management service
- Send push notifications about reservations
- Authenticate users and maintain session security
- Communicate service updates and important notices
- Improve and maintain the Platform
We do not use your data for profiling, automated decision-making, or targeted advertising.
6. Data Sharing
We do not sell your personal information to third parties.
We may share information only in the following circumstances:
- Between restaurant and guest: Guest contact details and reservation information are shared with the restaurant where the reservation was made
- Service providers: We use third-party infrastructure providers to host and operate the Platform. These providers process data on our behalf under data processing agreements
- Legal requirements: We may disclose information if required by law, regulation, or legal process
7. Data Storage and Security
- Authentication credentials are stored using industry-standard encryption (bcrypt)
- On mobile devices, sensitive tokens are stored in the iOS Keychain via secure storage
- We use HTTPS/TLS for all data transmission
- Access to personal data is restricted to authorized personnel
- Our databases are hosted within the European Union
In the event of a personal data breach likely to result in a risk to your rights, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay, in accordance with Articles 33 and 34 of the GDPR.
8. Your Rights Under the GDPR
Under the General Data Protection Regulation, you have the following rights:
- Right of access (Art. 15) — Obtain confirmation that we process your data and request a copy
- Right to rectification (Art. 16) — Correct inaccurate or incomplete data
- Right to erasure (Art. 17) — Request deletion of your data when it is no longer necessary
- Right to restriction (Art. 18) — Request that we limit processing of your data in certain circumstances
- Right to data portability (Art. 20) — Receive your data in a structured, commonly used, machine-readable format
- Right to object (Art. 21) — Object to processing based on legitimate interest
- Right to withdraw consent (Art. 7(3)) — Withdraw consent at any time
To exercise any of these rights, contact us at support@useservice.app. We will respond within one month of receiving your request.
If you believe your rights have not been respected, you have the right to lodge a complaint with your local supervisory authority. In France, this is the Commission Nationale de l'Informatique et des Libertés (CNIL): www.cnil.fr.
9. Data Retention
| Data Category | Active Retention | Archive |
|---|---|---|
| Restaurant and staff account data | Duration of the active subscription | 3 years after account closure |
| Guest reservation data | 3 years from the date of the reservation | 5 years (legal obligations) |
| Push notification tokens | Until logout or app uninstallation | Deleted immediately |
| Authentication tokens | Duration of the active session | Deleted on logout |
| Technical logs | 1 year | Deleted after retention period |
10. International Data Transfers
Your personal data is stored and processed within the European Union. If we need to transfer data outside the EU/EEA, we will ensure appropriate safeguards are in place, such as:
- European Commission adequacy decisions (Art. 45 GDPR)
- Standard contractual clauses approved by the European Commission (Art. 46(2)(c) GDPR)
11. Push Notifications
We send push notifications related to reservation activity. You can disable notifications at any time through your device's Settings app.
12. Cookies and Tracking
The Platform does not use advertising trackers, analytics cookies, or cross-app tracking technologies. We do not track your activity across other apps or websites.
13. Children's Privacy
The Platform is not intended for use by individuals under 16 years of age. We do not knowingly collect personal information from children.
14. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes through the Platform or by email at least 30 days before they take effect.
The current version of this policy is always available at useservice.app/en/legal/privacy.
15. Contact Us
MOMO INVEST
Email: support@useservice.app
Address: 16 rue du Château, 92600 Asnières-sur-Seine, France