Privacy Policy

This policy applies to:

• Diners who use the TabSettle web interface to view, claim, and pay restaurant checks
• Diners who create a TabSettle account
• Visitors to tabsettle.com and our marketing pages
• Recipients of TabSettle's promotional communications

This policy does not apply to restaurants that subscribe to TabSettle. Restaurant subscriber data is governed by the TabSettle Master Service Agreement and Data Processing Addendum.

1. Quick Summary (Not a Substitute for the Full Policy)

• We do not store your credit card or bank account numbers. Payments are processed by Stripe.
• You can use TabSettle as a Guest without creating an account. We collect minimal data in this case.
• You can create a TabSettle Account to save receipts and history. This is optional.
• Promotional messages from restaurants are opt-in only. They are off by default.
• You can opt out of any restaurant's promotional messages at any time.
• You can delete your TabSettle account at any time.
• We aggregate dining data across all restaurants on the platform to improve our service. You can opt out of this.
• We do not sell your personal information for advertising. We do share certain data with restaurants you opt in to, which qualifies as "sharing" under California law.
• If TabSettle is acquired or sold, your data may transfer to the acquiring company. You will be notified and given an opportunity to delete your account before the transfer.

The full policy below contains the complete details required by law. If anything in the summary conflicts with the full policy, the full policy controls.

2. How You Interact With TabSettle

Your privacy choices depend on how you use the service.

2.1 Guest Use

When you scan a TabSettle QR code at a restaurant table, you may join the check as a Guest without creating an account. As a Guest:

• We collect session data (which items you claim, your payment amount, tip, and timestamps).
• We collect technical data (IP address, browser type, device type).
• We do not collect your name, phone number, or email unless you provide them for a receipt.
• We do not create a persistent profile tied to your identity.
• You cannot receive promotional or marketing communications as a Guest.

If, at the end of a payment, a restaurant offers you a promotion and you choose to subscribe to that restaurant's promotional communications, the subscription will also create a TabSettle Account. The account creation, the SMS marketing consent, and (if applicable) the email marketing consent are presented on the same screen as separate, distinct, unchecked consents. You must affirmatively agree to each consent to subscribe and claim the offer.

2.2 TabSettle Account

You may create a TabSettle Account during checkout by providing your phone number. With an account:

• We verify your phone number via a one-time SMS code (OTP).
• We store your receipts and dining history across all restaurants where you use TabSettle.
• You can opt in to promotional messages from individual restaurants.
• You can manage your data, communication preferences, and account at my.tabsettle.com/account or pay.tabsettle.com/account.

Creating a TabSettle Account does not automatically opt you in to marketing communications from any restaurant.

2.3 Restaurant Marketing Opt-In (Separate and Optional)

After you pay your check, a restaurant may offer you a promotion (for example, a discount on your next visit) in exchange for subscribing to that restaurant's promotional messages. The offer and the marketing subscription are presented together: subscribing to the restaurant's promotions is how you receive the offer.

To opt in, you will see a screen that:

• Asks you to provide your phone number (required) and email (optional)
• Presents separate, unchecked checkboxes for:
  • Creating a TabSettle Account and receiving an SMS verification code
  • Receiving promotional SMS messages from that specific restaurant via TabSettle
  • Receiving promotional emails from that specific restaurant (optional)
• Requires you to affirmatively check each consent before claiming the offer

Opt-in rules:

• Opt-in is per-restaurant. Opting in to Restaurant A does not opt you in to Restaurant B.
• Each opt-in is a separate, affirmative consent. We do not pre-check consent boxes.
• If you are a Guest at the moment you opt in, opting in will also create a TabSettle Account so we can manage your preferences across restaurants. The account creation is a separate consent from the marketing opt-in.
• You can opt out of any individual restaurant at any time from your account dashboard at my.tabsettle.com/account or pay.tabsettle.com/account.
• You can opt out of all restaurants at once by texting STOP to our marketing SMS number, by clicking unsubscribe in any marketing email, or from your dashboard.

3. Categories of Personal Information We Collect

We collect the following categories of personal information. For each category, the table lists what it is, why we collect it, how long we keep it, and who it is shared with.

3.1 Identity Information

• What: Name (if provided), phone number, email address, optional birthday month.
• Source: You, when you create an account, receive a receipt, or opt in to a restaurant's promotions.
• Why: Account authentication, receipt delivery, promotional communications (opt-in only).
• Retention: While your account is active, plus 24 months after last activity. Then deleted or anonymized.
• Shared with: Restaurants you have opted in to (name, phone, and/or email per your opt-in choice). Stripe (for payment processing). Twilio (for SMS delivery). Resend (for email delivery).

3.2 Authentication Information

• What: SMS one-time passcodes (OTP), session tokens, login timestamps.
• Source: Generated by TabSettle during account login.
• Why: Account access and security.
• Retention: OTP codes expire within minutes. Session tokens expire per security policy. Login audit logs retained 12 months.
• Shared with: Twilio (for OTP delivery only).

3.3 Transactional Information

• What: Items you claimed on a check, amounts paid, tip amounts, timestamps, restaurant identifier, table identifier. Stripe also processes payment metadata including last 4 digits of card, card brand, and payment method type.
• Source: Generated when you use TabSettle to pay a check.
• Why: Process payment, provide receipts, support disputes, maintain financial records.
• Retention: 7 years (required for financial recordkeeping and tax purposes).
• Shared with: Stripe, Inc., which processes payments through Stripe Connect. Each restaurant on TabSettle operates its own Stripe Connect account. The restaurant receives transaction data through their Stripe Connect account, including transaction amounts, timestamps, tip amounts, and limited payment metadata. TabSettle does not store credit card numbers, debit card numbers, or bank account details. Payment credentials are transmitted directly to Stripe's PCI DSS Level 1 compliant servers.

3.4 Behavioral Information

• What: Which restaurants you have visited via TabSettle, how often, time between visits, party sizes, who you dined with on the platform (co-dining patterns).
• Source: Inferred from your transactional data across restaurants.
• Why: Product improvement, fraud detection, internal analytics, future personalization features.
• Retention: Tied to your account; deleted when your account is deleted, or anonymized after 24 months of account inactivity.
• Shared with: Not shared with restaurants in identifiable form. May be used internally and shared with prospective business partners in aggregated, anonymized form.

3.5 Device and Technical Information

• What: IP address, browser type, operating system, device type, browser fingerprint elements, session metadata.
• Source: Automatically collected when you use TabSettle.
• Why: Fraud detection, security, service operation, troubleshooting.
• Retention: 13 months.
• Shared with: Sentry (error monitoring), Supabase (database infrastructure), Railway (application hosting).

3.6 Consent Records

• What: Records of when you opted in or out of communications, the consent text you were shown, the timestamp, and the method of consent.
• Source: Generated when you make a consent choice.
• Why: Legal compliance with TCPA, CAN-SPAM, and CCPA/CPRA.
• Retention: 4 years from the date of the last status change. This retention period is required by law and overrides general deletion requests.
• Shared with: Not shared. Internal compliance records only.

3.7 Engagement Information (Marketing Communications)

• What: Whether you opened a promotional email, clicked a link, or redeemed an offer.
• Source: Generated when you interact with a promotional message you opted in to receive.
• Why: Measure communication effectiveness for the sending restaurant and improve our service.
• Retention: 24 months.
• Shared with: The restaurant whose communication you engaged with (aggregate engagement metrics, not the underlying click data tied to your identity in all cases).

3.8 Approximate Location

• What: Approximate geographic region derived from your IP address. We do not collect precise GPS location.
• Source: Automatically from your IP address.
• Why: Fraud detection, restaurant association.
• Retention: 13 months (tied to technical data retention).
• Shared with: Not shared externally.

4. How We Use Your Information

We use personal information for the following business purposes:

• Payment processing. Facilitate split-payment transactions, calculate individual portions, apply tips, and process payments through Stripe.
• Receipt delivery. Send transaction receipts via email or SMS when you provide contact information for that purpose.
• Account services. Authenticate you, maintain your account, provide your dashboard, and store your dining history.
• Restaurant marketing (opt-in only). Deliver promotional messages from restaurants you have opted in to receive.
• Service operation and improvement. Operate, maintain, and improve the TabSettle service.
• Cross-restaurant aggregation. Aggregate your dining data across all restaurants on the TabSettle platform to build product insights, detect fraud, improve service quality, and develop future features. You may opt out of this aggregation. See Section 7.
• Fraud prevention and security. Detect, prevent, and respond to fraud, abuse, security risks, and technical issues.
• Legal compliance. Comply with applicable laws, regulations, legal processes, and governmental requests.
• Business communications. Respond to your inquiries and send service-related communications.
• Aggregated analytics. Generate aggregated, de-identified analytics for internal use and to share with prospective business partners.

We do not use your information for cross-context behavioral advertising or third-party advertising targeting.

5. Who We Share Your Information With

We share information only as described in this section.

5.1 Restaurants You Opt In To

When you opt in to promotional communications from a specific restaurant, that restaurant receives:

• Your name (if provided)
• Your phone number (if you opted in to SMS)
• Your email address (if you opted in to email)
• The date you opted in and the consent text you agreed to
• Your visit history at that restaurant location only
• Aggregate engagement metrics for communications sent to you by that restaurant
• Your birthday month (if you provided it)

That restaurant does not receive:

• Your activity at other restaurants
• TabSettle's cross-restaurant analytics
• Co-dining patterns or group dining intelligence
• Payment behavior outside their location

In v1 of our service, restaurants may not export your contact information from TabSettle for use in their own marketing systems. Promotional communications from restaurants are sent exclusively through TabSettle's infrastructure. Restaurants are contractually prohibited from exporting, reselling, or sharing your data outside the TabSettle platform.

5.2 Service Providers

We share information with third-party service providers solely to operate our service. These providers are contractually restricted to using your information only on our behalf:

• Stripe, Inc. Payment processing. Stripe receives payment credentials directly. (stripe.com/privacy)
• Twilio, Inc. SMS delivery for OTP codes, transactional messages, and (separately) promotional messages. (twilio.com/legal/privacy)
• Resend. Transactional and promotional email delivery. (resend.com/legal/privacy-policy)
• Supabase. Database and authentication infrastructure. (supabase.com/privacy)
• Railway. Application hosting infrastructure. (railway.app/legal/privacy)
• Sentry. Error monitoring and performance tracking. (sentry.io/privacy)
• BetterUptime. Service availability monitoring. (betteruptime.com/privacy-policy)

A current list of subprocessors is available at tabsettle.com/subprocessors.

5.3 Aggregated and Anonymized Data

We may share aggregated, anonymized data (data that cannot reasonably identify you) with:

• Prospective business partners, investors, or acquirers
• Restaurant subscribers (for benchmarking and aggregate insights, in future product features)
• Academic researchers or analysts (rare)

5.4 Business Transactions

If TabSettle is involved in a merger, acquisition, sale of assets, financing transaction, bankruptcy, or similar corporate event, your personal information may be transferred to the acquiring or successor entity. We will notify you of any such transfer through our service and give you a reasonable opportunity to delete your TabSettle Account before the transfer takes effect. The successor entity will be bound by the terms of this Privacy Policy with respect to information transferred, unless you are notified of and consent to a change.

5.5 Legal and Safety

We may disclose personal information if required by law, subpoena, court order, or governmental request, or if we believe disclosure is necessary to protect the rights, property, or safety of TabSettle, our users, our restaurant partners, or the public.

6. Sale and Sharing Under California Law

Under the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA"):

• We do not sell your personal information for monetary consideration.
• We do share your personal information, as the term "share" is defined under the CCPA/CPRA, with the following category: restaurants you opt in to receive promotional communications from.

You have the right to opt out of this sharing at any time. See Section 8.

7. Cross-Restaurant Aggregation

TabSettle aggregates your dining activity across all restaurants on our platform. This aggregated profile is used to:

• Improve the TabSettle service
• Detect fraud and abuse
• Generate internal analytics
• Develop future personalization or recommendation features (not active in v1)
• Inform aggregated, anonymized insights we may share with restaurant subscribers (not active in v1)

The aggregated profile is associated with your TabSettle Account. It is not shared with restaurants in a form that identifies your activity at other restaurants.

You may opt out of cross-restaurant aggregation by submitting a request from your account dashboard or by emailing privacy@tabsettle.com. If you opt out, we will continue to maintain your account, your transactional records, and your per-restaurant opt-ins, but we will exclude your data from cross-restaurant aggregation going forward. We cannot retroactively remove your data from past aggregated outputs that have already been generated.

8. Your Privacy Rights

8.1 Rights Available to All Users

Regardless of where you live, you may:

• Access the personal information we have about you
• Correct inaccurate information
• Delete your TabSettle Account and associated data, subject to legal retention requirements
• Opt out of promotional communications from any specific restaurant
• Opt out of all promotional communications
• Opt out of cross-restaurant aggregation

8.2 California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights:

• Right to Know. Request the categories and specific pieces of personal information we have collected about you, the sources, the purposes, and the categories of third parties with whom we share it.
• Right to Delete. Request that we delete personal information we have collected from you, subject to legal exceptions (such as transaction records required for tax compliance and consent records required by TCPA).
• Right to Correct. Request that we correct inaccurate personal information.
• Right to Opt Out of Sharing. Opt out of the sharing of your personal information for purposes defined under the CCPA/CPRA. See Section 6.
• Right to Limit Use of Sensitive Personal Information. We do not collect Sensitive Personal Information as defined under the CCPA/CPRA, so this right does not currently apply.
• Right to Non-Discrimination. We will not discriminate against you for exercising any of your privacy rights.

8.3 How to Exercise Your Rights

To exercise your rights:

• Account holders: Use the privacy controls in your account dashboard at my.tabsettle.com/account or pay.tabsettle.com/account.
• All users: Email privacy@tabsettle.com with your request.
• Do Not Sell or Share My Personal Information: Use the link at the footer of tabsettle.com or the dedicated form at tabsettle.com/do-not-sell.

We verify your identity before processing requests by matching information you provide against information we have on file. For account holders, we verify via SMS to the phone number on file. For Guest users, verification may be limited; we will request enough information to reasonably confirm your identity without collecting more than necessary.

We respond to verifiable requests within 45 days. If we need more time (up to an additional 45 days), we will notify you and explain why.

8.4 Authorized Agents

You may designate an authorized agent to submit a request on your behalf. We require written proof of the agent's authorization and verification of your identity directly before processing the request.

9. Data Retention

We retain personal information only as long as necessary for the purposes described in this policy or as required by law. Specific retention periods for each category are listed in Section 3.

When data reaches the end of its retention period, we either delete it or convert it to an anonymized form that cannot reasonably identify you. Anonymized data may be retained indefinitely for analytics and product improvement.

Certain data is retained beyond your deletion request when required by law or for legitimate business purposes:

• Transaction records: 7 years (financial recordkeeping)
• Consent records: 4 years (TCPA compliance)
• Records of your deletion request itself: 24 months (proof of compliance)
• Information needed to comply with a legal obligation or pending legal claim

10. Data Security

We implement reasonable and appropriate technical and organizational security measures to protect personal information, including:

• Encryption of data in transit (TLS) and at rest
• Row-level security policies isolating restaurant and diner data
• Access controls limiting employee access on a need-to-know basis
• Regular security monitoring and incident response procedures
• No storage of payment card numbers on our systems
• Multi-factor authentication for administrative access to production systems

TabSettle's underlying infrastructure is built on services certified to industry standards (SOC 2, ISO 27001, PCI DSS), including Stripe, Supabase, and Railway. TabSettle, Inc. has not yet completed its own SOC 2 or ISO 27001 certification.

No security program is perfect. If you have reason to believe your account or information has been compromised, contact us immediately at privacy@tabsettle.com.

11. Children's Privacy

TabSettle is intended for adults. You must be at least 18 years old to use the service. We do not knowingly collect personal information from individuals under 18. If we learn that we have collected personal information from a person under 18, we will delete it promptly. If you believe a child has used TabSettle, contact us at privacy@tabsettle.com.

12. Cookies and Similar Technologies

The TabSettle payment interface uses minimal cookies and similar technologies that are strictly necessary to operate the service (for example, to maintain your session and track which items you have claimed on a check).

Our marketing website (tabsettle.com) may use analytics cookies to understand traffic patterns. We do not use advertising cookies or cross-site tracking pixels on our marketing or payment interfaces.

You can manage cookie preferences through your browser settings.

13. Third-Party Links and Services

Our service may link to third-party websites (such as Stripe's payment interface). We are not responsible for the privacy practices of these third parties. Review their privacy policies before providing personal information.

14. International Users

TabSettle is operated in the United States and our service is intended for users in the United States and Canada. If you access TabSettle from outside these jurisdictions, your information will be transferred to and processed in the United States. Privacy laws in the United States may differ from those in your jurisdiction.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will:

• Notify you by email if you are an account holder
• Post a prominent notice on tabsettle.com and in the TabSettle interface
• Update the "Last Updated" date at the top of this policy

Material changes that affect your rights or expand how we use your information will take effect no sooner than 30 days after notice. Your continued use of TabSettle after the effective date constitutes acceptance of the updated policy.

16. Notice at Collection (CCPA/CPRA)

The following table summarizes the categories of personal information we collect, the purposes for collection, and whether each category is sold or shared:

Category	Purpose	Sold?	Shared? (CCPA Definition)
Identifiers (name, email, phone)	Account, receipts, opt-in communications	No	Yes, with restaurants you opt in to
Commercial information (transactions)	Payment processing, analytics, recordkeeping	No	Yes, restaurants receive transaction data via Stripe Connect (their own Stripe account); TabSettle does not store or transmit card numbers
Internet/electronic activity (device, usage)	Service operation, fraud prevention	No	No
Geolocation (approximate, via IP)	Fraud prevention, restaurant association	No	No
Inferences (cross-restaurant behavior)	Service improvement, fraud detection	No	No
Consent records	Legal compliance	No	No

We do not collect Sensitive Personal Information as defined under the CCPA/CPRA.

17. Contact Us

For privacy questions or to exercise your rights:

TabSettle, Inc.
Attn: Privacy
18952 MacArthur Blvd, Suite 100
Irvine, CA 92612
Email: privacy@tabsettle.com