Privacy Policy

Last updated: May 02, 2026

1. Introduction

ServeNest ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our restaurant management platform.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data Controller

ServeNest
United Kingdom
Email: privacy@servenest.co.uk

3. Information We Collect

Personal Information

  • Name, email address, phone number
  • Business information (company name, address)
  • Payment information (processed securely via Stripe)
  • Account credentials (password - encrypted)

Usage Data

  • Order history and transaction data
  • Menu configurations and settings
  • Analytics and usage patterns
  • Device and browser information

Cookies & Tracking

We use essential cookies for platform functionality and optional analytics cookies (with your consent) to improve our services.

4. How We Use Your Data

  • Service Provision: To provide, maintain, and improve our platform
  • Communications: To send order notifications, updates, and support messages
  • Analytics: To understand usage patterns and improve our services
  • Marketing: To send promotional content (only with your consent, you may opt out anytime)
  • Compliance: To comply with legal obligations and prevent fraud

Under UK GDPR, we process your data based on:

  • Contract: To fulfill our service agreement with you
  • Consent: For marketing communications and optional cookies
  • Legitimate Interest: For analytics and service improvement
  • Legal Obligation: To comply with UK laws and regulations

6. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

  • Active Accounts: Duration of account plus 6 months after closure
  • Financial Records: 7 years (UK tax law requirement)
  • Marketing Data: Until you withdraw consent

7. Your Rights

Under UK GDPR, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Data Portability: Receive your data in a portable format
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for marketing at any time

To exercise these rights, contact us at privacy@servenest.co.uk

8. Third-Party Services

We share data with trusted third parties:

  • Stripe: Payment processing (PCI-DSS compliant)
  • Email Providers: For transactional and marketing emails
  • Analytics Tools: For platform improvement
  • Cloud Hosting: For secure data storage

All third parties are contractually obligated to protect your data and comply with UK GDPR.

9. Security Measures

We implement industry-standard security measures:

  • SSL/TLS encryption for data transmission
  • Encrypted database storage
  • Regular security audits and penetration testing
  • Access controls and authentication
  • 24/7 monitoring and incident response

10. International Data Transfers

Your data is primarily stored in the UK. If we transfer data internationally, we ensure adequate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the UK government
  • Your explicit consent where required

11. Contact & Complaints

For privacy-related questions or to exercise your rights:

Email: privacy@servenest.co.uk

If you're not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Website: www.ico.org.uk
Helpline: 0303 123 1113

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or platform notification. Continued use of our services after changes constitutes acceptance of the updated policy.