RestaurantManager
Legal & Compliance

GDPR Readiness

Last updated: January 2026

RestaurantManager™ is designed with a future GDPR-ready architecture so we can serve customers and data subjects in the European Economic Area as we expand internationally.

Core Principles

  • Lawful basis: processing personal data only where a lawful basis applies.
  • Purpose limitation: collecting data only for clearly specified purposes.
  • Data minimization: collecting only what is necessary to deliver the service.
  • Storage limitation: retaining personal data only as long as necessary.
  • Integrity and confidentiality: applying appropriate security safeguards.

Data Subject Rights

  • Right of access to personal data we process about you.
  • Right to rectification of inaccurate or incomplete personal data.
  • Right to erasure (subject to legal exceptions).
  • Right to restrict or object to certain processing.
  • Right to data portability where applicable.

International Transfers

Where personal data of EEA residents is transferred outside the EEA, we will rely on appropriate safeguards, including Standard Contractual Clauses, as they become applicable to our offerings.

Data Processing

When RestaurantManager™ acts as a processor on behalf of a business customer (controller), processing is governed by a Data Processing Addendum that will be made available for customers requiring one.

Contact

Questions about our GDPR posture or data protection practices can be sent to privacy@restaurantmanager.com.

This document is maintained by RestaurantManager and applies to use of the RestaurantManager platform, websites, applications, and related services. For questions, contact legal@restaurantmanager.com.