Privacy

Chapter I: Introduction
Chapter II: Account Terms
Chapter III: Your data
Chapter IV: Our Role as Data Controller and Data Processor
Chapter V: Payments Information
Chapter VI: Your choices
Chapter VII: Cookies

Chapter I: Introduction

Tablein is a web-based restaurant reservation and table management platform, developed and operated by Internet Marketing Solutions, a company registered in Lithuania under company code 301840551, with its registered office at K. Donelaičio g. 62, Kaunas, Lithuania.

Our service enables restaurants to manage their reservations, table inventory, and guest communication through a secure and user-friendly web interface. Guests benefit from a fast and intuitive way to discover dining venues and book tables online — with no app installation required.

Tablein powers reservation systems for restaurants across multiple regions, offering dedicated portals and solutions tailored for local markets, including:

National portals: such as www.tablein.lt, www.tablein.mt, www.tablein.co.uk, and www.tablein.lv;
Embedded reservation widgets: allowing direct bookings from a restaurant’s own website;
Shared website templates: provided to restaurants that don’t operate a standalone site;
Third-party integrations: with platforms such as Mozrest, which extend reservation visibility to Tripadvisor, Michelin Guide, Facebook, and Instagram.

Through these integrations, Tablein ensures seamless access for diners while supporting restaurants with a reliable system to manage bookings, reduce no-shows, and deliver outstanding service.

We are committed to data privacy, security, and compliance with applicable regulations, including the EU General Data Protection Regulation (GDPR).

Tablein operates in dual roles under applicable data protection laws, depending on the type of user and the nature of the data being processed. We distinguish between:

A. Tablein as a Data Controller (for Restaurant Users)

Tablein acts as the Data Controller for the personal data of restaurant representatives and account holders who register to use our reservation management system. This includes data such as:

Business contact information (name, email, phone number)
User login credentials
Billing and subscription data
Communication preferences
Support requests or feedback submitted to Tablein

As the Data Controller, we determine the purpose and legal basis for processing this data—for example, to provide our services, manage subscriptions, and deliver platform support. We are responsible for ensuring the lawful and transparent processing of this data and for upholding the data rights of restaurant users.

B. Tablein as a Data Processor (for Guest Data)

When guests make reservations through a restaurant using the Tablein system—whether through the restaurant’s website, our national portals, or partner integrations—Tablein acts solely as a Data Processor. In this context:

The Restaurant is the Data Controller, determining the purposes and means of processing guest data;
Tablein processes personal data (such as name, email, phone number, reservation details, and special requests) on behalf of the Restaurant and strictly in accordance with their instructions;
It is the responsibility of each Restaurant to inform guests of their privacy practices and obtain any necessary consents.

Tablein does not use guest data for its own marketing purposes unless a guest has explicitly subscribed to a newsletter via our own portals.

We maintain strict contractual agreements and technical safeguards to ensure that all guest data processed through our platform remains secure, confidential, and in compliance with GDPR and similar privacy laws.

Tablein collects different types of personal data depending on how you interact with our platform. We categorize the data we collect based on whether you are a restaurant representative (user of our system) or a guest making a reservation.

A. Data We Collect from Restaurant Users

When a restaurant registers to use Tablein’s system, we collect and process the following types of personal and business-related information:

Contact Information: Full name, email address, phone number, business address.
Account Details: Username, password (hashed), and access permissions.
Billing and Subscription Data: Payment method, billing address, VAT numbers (if applicable), and invoice history.
Support & Communications: Correspondence through email, live chat, or other support channels.
System Usage: Login times, feature usage, configuration choices, and activity logs within the reservation management platform.

We use this information to create and maintain your account, provide customer support, issue invoices, notify you of system updates, and offer training or onboarding assistance.

B. Data We Collect from Guests

When guests make a reservation through a restaurant using the Tablein platform (including through integrated widgets, partner portals, or third-party systems like Mozrest), we may collect the following on behalf of the restaurant:

Basic Contact Information: Full name, email address, phone number.
Reservation Details: Date, time, party size, selected venue, special requests.
Dining Preferences: Seating preferences, dietary notes, or other custom fields entered voluntarily.
Communication History: Confirmation and reminder emails or SMS, if enabled by the restaurant.
Device Data: IP address, browser type, operating system, device identifiers (used for security and analytics).

This data is processed solely for the purpose of managing restaurant reservations and is shared with the restaurant you booked with. We do not use this information for any other purpose unless you have explicitly opted in—for example, to receive newsletters via our national Tablein portals.

C. Data Collected Automatically (for All Users)

When anyone visits our websites (e.g., tablein.com, tablein.lt, tablein.mt, tablein.co.uk, tablein.lv), we automatically collect certain technical and usage data via cookies and similar technologies:

Device Information: IP address, browser type, screen resolution, and operating system.
Log Data: Pages viewed, date and time of access, referring URLs, and interactions with features.
Geolocation: Approximate location derived from IP address (city or region-level, not precise).

This information is used to:

Ensure platform stability and security,
Analyze usage trends and improve user experience,
Detect and prevent fraudulent or unauthorized access.

You can manage cookie preferences through your browser settings or via our cookie banner where applicable.

A. How We Use Restaurant User Data

If you are a restaurant representative or employee using Tablein’s platform, we process your data to:

Provide Access to the Platform: To create and manage your account, authenticate logins, and personalize your dashboard.
Deliver Customer Support: To respond to technical inquiries, provide onboarding or training, and resolve operational issues.
Administer Subscriptions and Billing: To process payments, send invoices, manage renewals, and notify you of any changes to pricing or terms.
Send Service Communications: To alert you to system updates, security advisories, feature changes, or planned maintenance.
Analyze Usage: To monitor platform performance, understand system behavior, and enhance the overall user experience.
Enforce Our Terms and Policies: To investigate misuse of the system or violations of our Terms of Service.

We rely on contractual necessity, legitimate interest, and (where applicable) legal obligations as the legal bases for these activities.

B. How We Use Guest Data (on Behalf of Restaurants)

If you are a guest making a reservation at a restaurant using Tablein, we process your personal information primarily on behalf of that restaurant, to:

Manage Reservations: To confirm, modify, or cancel bookings and notify you of changes.
Send Notifications: To deliver reservation confirmations, reminders, and post-dining surveys if enabled.
Facilitate Check-ins and Dining Experience: To help restaurants prepare for your visit (e.g., based on dietary notes or special requests).
Support Restaurants’ Operations: To reduce no-shows, optimize seating, and improve guest management.
Enable Communication: To allow the restaurant to contact you in relation to your reservation.

Your data is only shared with the restaurant you’ve booked with and is not used for unrelated purposes by Tablein unless you’ve independently opted in to our marketing communications.

C. How We Use Data for Platform and Service Improvement

We also process some technical and aggregated data (not directly linked to any individual) to:

Enhance Platform Functionality: Identify and address bugs, add features, and improve system performance.
Monitor Security: Detect suspicious activity or unauthorized access.
Ensure Legal Compliance: Maintain audit logs and fulfill legal obligations or respond to lawful data requests.

All such data is handled in a way that respects privacy, using the minimum amount of personal information necessary and, where feasible, anonymizing or aggregating the data.

Tablein is committed to protecting your personal data and only shares it when strictly necessary to provide our services, comply with legal obligations, or fulfill contractual requirements. We do not sell personal data to third parties.

We distinguish between sharing data of restaurant users and guests.

A. Sharing Data of Restaurant Users

We may share the data of restaurant representatives with:

Authorized Service Providers
Third-party vendors who support our operations, including:
- Cloud hosting and infrastructure providers;
- Payment processors (e.g., Stripe, Paysera, PayPal);
- Email and SMS delivery platforms;
- Customer support and CRM software;
- Data analytics tools.
These providers are bound by strict data processing agreements and are only permitted to use data for purposes we define.
Professional Advisors
We may disclose personal data to legal, financial, or regulatory consultants when necessary for audits, compliance, or legal enforcement.
Authorities or Legal Entities
Where required by law or court order, we may disclose information to regulators, law enforcement agencies, or legal parties to:
- Comply with applicable laws;
- Enforce our terms;
- Protect our rights or defend against legal claims;
- Investigate fraud or security threats.

B. Sharing Data of Guests (Processed on Behalf of Restaurants)

When guests make a reservation, their personal data is shared only with the restaurant they are booking with. This includes:

Contact details (name, email, phone number);
Reservation details (date, time, party size);
Any notes or requests submitted.

Restaurants may access and process this data through the Tablein system for purposes such as managing bookings, preparing for the guest’s arrival, or following up after the visit.

In some cases, guest reservation data may also be shared through partner integrations, such as:

Mozrest – enabling reservations and synchronization with platforms like Facebook, Instagram, Tripadvisor, and Michelin Guide.
Shared booking templates – e.g., if multiple restaurants use a common booking engine or marketing site (like a city dining portal).

Please note:

Tablein does not monitor or control how restaurants use guest data after it is shared with them. Each restaurant acts as an independent Data Controller and is solely responsible for complying with data protection laws applicable to their business.

We strongly recommend that guests review the individual restaurant’s privacy policy before submitting personal data.

C. International Transfers

Some of our infrastructure or service providers may be located outside the European Economic Area (EEA). In such cases, Tablein ensures that:

Transfers are subject to adequate safeguards (such as Standard Contractual Clauses approved by the European Commission);
The recipient country has an adequate level of data protection, or
Appropriate contractual and technical measures are in place.

Tablein maintains a strong commitment to permission-based communication and full transparency in the way we manage personal data for marketing and newsletter purposes. We clearly distinguish between Tablein’s own communications and those managed by restaurants.

A. Tablein Newsletters (Voluntary Subscriber Group)

We send general marketing newsletters only to individuals who have voluntarily subscribed through our official Tablein portals:

Key points:

Subscription is initiated only when a person enters their email into a dedicated newsletter sign-up form on one of the above websites.
These newsletters include restaurant-related content specific to the country selected—such as new restaurant openings, special dining campaigns, or relevant promotions.
Tablein acts as the Data Controller for this mailing list and ensures GDPR-compliant data handling.

Unsubscribing is possible at any time via the link provided in each newsletter or by emailing info@tablein.com.

B. Product and System Communications (For Restaurant Partners)

Restaurants and business users who:

Register for a free trial,
Subscribe to a paid plan, or
Contact us via online forms or sales/demo inquiries

will be added to our professional communication list.

These communications include:

Product updates;
System improvements and feature announcements;
Account-related information (e.g. onboarding support, service notifications);
Educational or support materials relevant to using the Tablein system.

Tablein acts as the Data Controller for this data and ensures all communication is relevant, lawful, and consent-based (or based on legitimate interest under GDPR for B2B communications).

C. Restaurant Guest Newsletters (Managed by Restaurants Only)

When guests make reservations via:

An embedded Tablein booking widget on a restaurant’s website or social platform;
A shared reservation link or microsite;

They may be presented with an optional checkbox to subscribe to a newsletter.

Important distinctions:

If a guest opts in to receive promotional content via this method, their subscription is added directly to the restaurant’s subscriber list, not Tablein’s.
Tablein acts solely as a Data Processor in this case, facilitating the technical functionality of the checkbox but not controlling how the restaurant uses the guest's email for marketing.
Tablein does not send marketing or newsletter emails to these guests. Restaurants are fully responsible for managing their own guest communications in accordance with GDPR and other data protection laws.

As a data subject, you have specific rights under the General Data Protection Regulation (GDPR) and other applicable privacy laws. Tablein is committed to upholding these rights, whether we act as a Data Controller (for restaurant representatives or newsletter subscribers) or as a Data Processor (on behalf of restaurants collecting guest data).

A. Your Rights

You may exercise the following rights at any time, free of charge:

Right to Access
Request a copy of the personal data we hold about you.
Right to Rectification
Request correction of inaccurate or incomplete data.
Right to Erasure ("Right to be Forgotten")
Ask us to delete your data when it is no longer necessary, or when you withdraw your consent (where applicable).
Right to Restriction of Processing
Ask us to temporarily stop processing your data under certain circumstances (e.g. while accuracy is being verified).
Right to Data Portability
Receive your data in a structured, commonly used, and machine-readable format or request its transfer to another controller.
Right to Object
Object to processing based on legitimate interests, or to direct marketing (including profiling).
Right to Withdraw Consent
If our processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

B. Exercising Your Rights

To exercise any of these rights regarding data held by Tablein, contact us at: Email: info@tablein.com
Postal address: Internet Marketing Solutions, K. Donelaičio g. 62, Kaunas, Lithuania

For guest data processed on behalf of a restaurant, we may redirect your request to the appropriate restaurant as the Data Controller. We will inform you of this action and assist where possible.

We will respond to all data rights requests within 30 days unless extended under permitted conditions. For complex or numerous requests, we may extend the deadline by an additional 60 days, and will notify you accordingly.

C. Identity Verification

To protect your data and comply with legal obligations, we may require you to verify your identity before fulfilling your request. Acceptable verification methods may include confirming your email, providing a booking reference, or other reasonable means depending on the nature of your request.

D. Complaints

If you believe your data protection rights have been violated, you may:

Contact our Data Protection Officer at info@tablein.com

Tablein places a high priority on maintaining the security, integrity, and confidentiality of all personal data we process. Whether acting as a Data Controller or Processor, we apply industry best practices and legal requirements to protect personal information from unauthorized access, misuse, alteration, or loss.

A. Technical and Organizational Measures

We have implemented appropriate technical and organizational safeguards, including:

Data encryption in transit and at rest;
Secure Socket Layer (SSL) technology on all user-facing systems;
Firewall protection and access restrictions on our hosting environments;
Multi-layered authentication and password policies for internal access;
Role-based access control, ensuring only authorized staff can access personal data;
Regular data backups and disaster recovery planning.

Our systems are hosted in secure data centers located in the European Union, primarily in Lithuania, which are compliant with GDPR hosting requirements.

B. Staff Training and Confidentiality

All Tablein staff, contractors, and system administrators with access to personal data:

Receive regular training on data protection, privacy, and cybersecurity protocols;
Are bound by confidentiality agreements and internal access policies;
Undergo access reviews to ensure continued need-to-know access.

C. Data Breach Notification Procedures

While Tablein makes every effort to prevent breaches, we maintain a formal data breach response policy. If a personal data breach occurs that poses a risk to individuals' rights and freedoms:

We will notify the relevant supervisory authority within 72 hours of becoming aware of the breach;
If necessary, we will inform affected individuals directly in accordance with legal obligations;
All incidents are logged, investigated, and addressed promptly.

The point of contact for any suspected breach is our Data Protection Officer, who can be reached at info@tablein.com.

D. Responsibility of Restaurants

Restaurants using Tablein are also responsible for protecting their guests' data. Tablein provides secure tools and storage for reservation data, but it is the restaurant’s obligation to:

Limit internal access to guest data;
Use secure devices when accessing Tablein;
Follow GDPR or applicable privacy legislation regarding marketing, guest communication, and data retention.

Restaurants are strongly encouraged to conduct regular staff training, assign data responsibilities, and maintain a record of processing activities under GDPR guidelines.

A. Retention for Guests

When you make a reservation through Tablein:

Reservation data (including your name, email, phone number, special requests, and booking history) is stored on behalf of the restaurant where you dined.
Each restaurant acts as the Data Controller and is responsible for determining how long your data is retained. Tablein processes and stores guest data in accordance with their instructions.
Tablein retains backup copies of reservation data for up to 90 days solely for system recovery and disaster resilience purposes.

If you would like your reservation data deleted or modified, please contact the restaurant directly, or contact Tablein at info@tablein.com, and we will coordinate with the restaurant.

B. Retention for Restaurants and System Users

For restaurants, administrators, or users with registered Tablein accounts:

Your account data (including login credentials, billing details, and usage history) is retained for as long as your account remains active.
If your subscription ends, we will retain your data for up to 12 months for business continuity and support purposes, unless otherwise requested.
Financial and billing records are retained for up to 10 years as required by Lithuanian accounting and tax regulations.

C. Retention for Newsletter and Marketing Subscribers

If you subscribe to our newsletters via official Tablein portals:

Your email address and preferences are retained until you unsubscribe.
Once you opt out, we retain minimal information (such as email and unsubscribe timestamp) for suppression purposes only, to ensure you are not contacted again.

D. Retention of Technical Data

Log files, analytics data, and device information (collected for system security and usage insights) are retained for up to 24 months, then either deleted or anonymized.

E. Data Minimization and Deletion

We follow a strict data minimization approach. Data is only kept:

For the original purpose of collection;
For the duration necessary to meet legal or contractual obligations;
Until you withdraw consent (where applicable) or request erasure.

Upon expiration of retention periods, personal data is securely deleted or anonymized.

A. What Are Cookies?

Cookies are small text files that are placed on your device (computer, smartphone, or tablet) when you visit a website. They allow the site to recognize your device and store certain information about your preferences or actions.

Cookies can be:

Session Cookies: Deleted when you close your browser;
Persistent Cookies: Remain on your device until they expire or are deleted;
First-Party Cookies: Set directly by Tablein;
Third-Party Cookies: Set by other domains, such as analytics or advertising platforms.

B. Why We Use Cookies

We use cookies for the following purposes:

Essential Cookies
Necessary for the operation of our Platform. These enable you to log in, make reservations, and navigate pages securely.
Performance and Analytics Cookies
Help us analyze how users interact with our websites (e.g., page views, clicks, bounce rates) so we can improve performance and functionality. We use tools such as Google Analytics.
Functionality Cookies
Allow our websites to remember user preferences (e.g., language settings or location), providing a more personalized experience.
Marketing and Advertising Cookies
These cookies are used to deliver targeted advertisements and measure the effectiveness of our marketing campaigns. They may track browsing habits across different websites.

C. Third-Party Services

We may integrate with trusted third parties who also set cookies, such as:

Mozrest, TripAdvisor, Michelin Guide – For restaurant visibility and review integration;
Facebook and Instagram – For social media connectivity and retargeting;
Google – For analytics, maps, and remarketing.

Each third party is independently responsible for its cookies and privacy practices. We encourage you to review their respective privacy policies.

D. Your Choices and Consent

When visiting our website for the first time, you will be presented with a cookie consent banner allowing you to accept, reject, or customize your cookie preferences.

You can manage your cookie settings at any time through:

The cookie banner (if still active on the page);
Your browser settings (e.g., Chrome, Firefox, Safari);
Privacy plugins or tools for cookie management.

Please note that disabling certain cookies may limit the functionality of our Platform, such as login, reservation flow, or language preferences.

E. Cookie Retention

Cookies used on our Platform expire after a predefined period, depending on their type and function:

Session cookies: expire when your session ends;
Analytics and marketing cookies: typically expire after 1 to 24 months;
Consent settings: stored for up to 12 months, unless revoked earlier.

Tablein is committed to ensuring that your personal data remains secure and protected, even when transferred outside of the European Economic Area (EEA). As a company headquartered in the EU, we adhere to the requirements of the General Data Protection Regulation (GDPR) regarding cross-border data flows.

A. Where Data May Be Transferred

While Tablein’s core data infrastructure is hosted within the European Union — specifically in Lithuania — certain processing activities may involve transferring personal data to trusted third-party service providers located outside the EEA, including:

Cloud service providers;
Email and communication platforms;
Payment processors (e.g., Stripe, PayPal);
Analytics and advertising partners (e.g., Google, Meta);
Customer support tools (e.g., help desk or ticketing systems).

These third parties may process data in jurisdictions such as the United States, where privacy laws may differ from those in the EU.

B. Safeguards for International Transfers

Whenever your personal data is transferred to a country outside the EEA that is not subject to an adequacy decision by the European Commission, Tablein ensures appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the European Commission;
Data Processing Agreements (DPAs) with all third-party processors;
Due diligence reviews of vendors' security practices and privacy policies;
Ongoing monitoring of compliance and breach reporting protocols.

These mechanisms are designed to ensure that your data receives a level of protection essentially equivalent to that guaranteed by EU law.

To make a request regarding international data transfers, please contact us at info@tablein.com.

If you are located in the European Union (EU) or European Economic Area (EEA), you have specific rights under the General Data Protection Regulation (GDPR) regarding your personal data. At Tablein, we are committed to upholding these rights and providing clear and accessible ways for you to exercise them.

A. Right to Access

You have the right to request access to the personal data we hold about you. This includes details about:

What data we process;
Why we process it;
Who we share it with;
How long we store it.

We will provide this information free of charge unless your request is clearly unfounded, repetitive, or excessive.

B. Right to Rectification

If your personal data is inaccurate or incomplete, you may request that we update or correct it. You can also update your data directly by contacting the restaurant you made a reservation with or through our support team.

C. Right to Erasure ("Right to Be Forgotten")

You may request the deletion of your personal data in the following circumstances:

The data is no longer necessary for the purposes it was collected;
You withdraw your consent (where applicable);
You object to the processing and there are no overriding legitimate grounds;
The data has been unlawfully processed.

Note: Some data may be retained where required by law or for legitimate business purposes (e.g. tax or audit obligations).

D. Right to Restrict Processing

You can request that we restrict the processing of your personal data in certain cases, such as when:

The accuracy of your data is being contested;
Processing is unlawful but you prefer restriction over deletion;
We no longer need the data, but you require it for legal claims.

E. Right to Data Portability

Where legally applicable, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another data controller.

F. Right to Object

You may object to the processing of your personal data:

For direct marketing purposes;
Based on our legitimate interests (unless we have compelling grounds to continue processing).

If you object to marketing, we will immediately stop sending communications unless you later opt back in.

G. Right to Withdraw Consent

If we are processing your data based on your consent (e.g. newsletter subscription), you have the right to withdraw that consent at any time. This will not affect the lawfulness of any processing based on consent before its withdrawal.

To exercise any of these rights, please contact our Data Protection Officer at info@tablein.com. We aim to respond to all requests within 30 days and may request identity verification to ensure your data is protected.

At Tablein, we are deeply committed to upholding your privacy rights and protecting your personal data. Our systems are built on principles of transparency, accountability, and trust — ensuring that both restaurants and guests can interact with confidence and peace of mind.

We continually review and update our privacy practices to remain compliant with global data protection regulations, including the GDPR. Whether you are booking a table or managing reservations through our platform, your data security is our priority.

If you have any questions, concerns, or feedback regarding this Privacy Policy or how your data is handled, please do not hesitate to contact us.

Contact Details:
Data Protection Officer
📧 info@tablein.com
🏢 Tablein.com Limited
K. Donelaičio g. 62, Kaunas, Lithuania

We encourage you to revisit this Privacy Policy periodically, as we may update it from time to time in line with regulatory requirements or improvements in our services.

Last updated: August 2025

6 Restaurant Booking Widgets That Attract Online Reservations

Aug 20, 2025 9:00:00 AM 11 min read

Integrating Custom Booking Widgets into Your Restaurant Website

Aug 14, 2025 7:33:37 PM 10 min read

Which Digital Channels to Leverage for Building Your Restaurant's Brand

Aug 8, 2025 12:32:48 PM 13 min read

Privacy Policy

Who We Are

Supporting content

Data Controller vs. Data Processor