HETablePart of the HospiEdge platform

Privacy Policy

Last updated: March 23, 2026

Who we are

HETable is a restaurant operations platform developed and operated by HospiEdge. This Privacy Policy applies to the HETable web application at hetable.com and its related services.

What data we collect

Restaurant operator and staff accounts

  • Name, email address, and password (hashed) for account creation and login
  • Restaurant name, location, and configuration settings
  • Staff role and assignment data entered by managers
  • Floor plan layouts, section configurations, and table states
  • Usage logs for audit, security, and operational reporting

Guest reservation and waitlist data

  • Name, phone number, and party size provided at booking or check-in
  • Reservation date, time, and special requests
  • Seating assignment and visit history
  • Push notification tokens (if the guest opts in to waitlist notifications)

Payment and billing data

  • Subscription billing is handled by Stripe. We do not store full card numbers. We store Stripe customer IDs and subscription status.

Technical data

  • IP addresses and session identifiers for security and rate limiting
  • Browser type, device type, and access timestamps in server logs

How we use data

  • To operate the HETable platform and deliver the service to you
  • To send booking confirmation and notification emails you have requested
  • To process subscription billing through Stripe
  • To provide customer support and respond to your requests
  • To detect and prevent security threats, fraud, and abuse
  • To improve the platform through aggregate, non-identifying analytics

Data sharing

We do not sell your data. We share data only with service providers necessary to operate the platform:

  • Stripe — payment processing
  • OpenAI — AI chat features (guest and staff chat text; no PII is sent without your awareness)
  • Gmail / SMTP provider — transactional email delivery
  • Hosting provider (Namecheap) — server infrastructure

We may share data if required by law or to protect the rights and safety of HospiEdge, our customers, or third parties.

Data retention

  • Active account data is retained for the life of your subscription.
  • Guest reservation data is retained for up to 90 days after the reservation date, unless you request earlier deletion.
  • After account cancellation, data is retained for 30 days to allow recovery, then deleted.
  • Server and access logs are retained for up to 90 days for security purposes.

Data export and deletion

Restaurant operators may request an export of their account data or request account deletion at any time by contacting us at support@hetable.com. We will fulfill export requests within 30 days and deletion requests within 14 days.

Security

We use HTTPS for all data in transit, secure session cookies with HttpOnly and SameSite protections, CSRF tokens on all authenticated actions, and rate limiting on login to protect against brute-force attacks. Passwords are stored as hashed values and are never stored in plain text.

Cookies

We use a single session cookie to maintain your login session. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

Your rights

Depending on your jurisdiction you may have the right to access, correct, or delete your personal data. To exercise these rights, contact us at support@hetable.com.

Contact

Privacy questions: support@hetable.com
HospiEdge / HETable — hetable.com