This Privacy Policy explains the method for collection, use, and disclosure of your personal data by Tabsquare Pte. Ltd and its related companies (collectively, “Tabsquare“) when using this website (“Site“) provided by Tabsquare, purpose of use of such personal data, and method for handling of such personal data.
Tabsquare recognizes the importance of protecting the personal data collected from you in your usage of the Site, and takes reasonable steps to maintain the security, integrity and privacy of any personal data collected in accordance with this privacy policy.
Tabsquare is a service provider for AI-Powered in-restaurant technology solutions that leverage data and deep learning algorithms in the F&B industry. We provide an engaging dining experience for restaurants’ customers and help restaurants to eliminate the unwanted dilemma of operations.
If you have any questions about data protection at Tabsquare, you can contact our data protection officer at any time by sending an email to [email protected].
While visiting the Site, you agree to this privacy policy. This privacy policy applies to all personal data obtained by us through your use of the Site. It does not apply to any websites controlled by third parties not affiliated with us that the Site may link to (“Third Party Sites”). The relevant privacy policies set out in the respective Third Party Sites shall apply in those cases.
(a) Right to access
You have the right to be informed which data we store about you and how we process this data.
We will respond to your access request as soon as practicable, in any case within thirty (30) days upon receiving your access request. We will also inform you within the timeframe if we are unable to adhere to your request (with reasons) or require additional time to effect the request.
(b) Right to rectification
If you notice that stored data is incorrect, you can always ask us to correct it.
We will respond to your correction request as soon as practicable, in any case within thirty (30) days upon receiving your correction request. We will also inform you within the timeframe if we are unable to adhere to your request (with reasons) or require additional time to effect the request.
(c) Right to withdraw your consent to the processing of your personal data
You can withdraw your consent to our collection, use and disclosure of your personal data at any time for any or all of the purposes stated in this privacy policy. Upon receiving your withdrawal request, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. Please note that depending on the nature and scope of your request, we may not be in a position to continue providing our services to you and we shall, in such circumstances, notify you before completing the processing of your request.
We will endeavour to process your request within ten (10) business days upon receipt, and will notify you accordingly if we require additional time.
To exercise your rights, you may send in your request via email to [email protected] at any time and we will process such requests in accordance with this privacy policy and our obligations under applicable laws.
We may charge you a reasonable fee for the handling and processing of your requests to access your personal data, and will inform you of the amount charged in advance.
In this section you can find general information about the categories of personal data we process about you. For your understanding, personal data is information that directly identifies you (such as your name) or enables us to indirectly identify you.
Our data processing activities on the Site can be summarized by reference to the following:
(a) contact form on www.tabsquare.ai
This includes your name, email address and telephone number.
Why do we process this category?
For contacting you for the products and services provided by Tabsquare. This processing is based on our legitimate interest in accordance with the Singapore Personal Data Protection Act 2012 (“PDPA”) to be able to contact you immediately and process your request.
(b) Fraud detection, prevention and security of our platform
This includes your device ID, device identification, operating system and corresponding version, time of access, configuration settings, and your IP address.
Why do we process this category?
Each time you access the Site, this information is stored by us for technical reasons. We also use parts of this information to detect suspicious behaviour at an early stage and to protect the Site. Further, in order to protect the Site from possible attacks, we continuously monitor the activities on the Site. To keep the Site secure and guarantee you a safe ordering experience, we use various technical measures to ensure that suspicious behavior patterns are detected at an early stage and prevented as early as possible. To achieve this goal, several software-based monitoring mechanisms run in parallel and prevent potential attackers from damaging the Site.
If any such decision leads to a negative result for you and you do not agree with the outcome, you can contact us at [email protected] .
In this case, we will individually assess the circumstances of your case. All of our fraud detection and prevention algorithms are always open to human review. If you think that a mistake has been made we are happy to look into it and make corrections, if necessary.
(c). Mergers & acquisitions, change of ownership
In the event of a merger with or acquisition by another company, we will disclose certain limited information to that company. Prior to disclosure, we will ensure that the recipient company undertakes to protect your personal data to a comparable standard to that under the PDPA and this privacy policy, and also that the company complies with applicable data protection laws and regulations. We will endeavour to keep the extent of the data shared with the other company to the absolute minimum required in order to conclude the transaction.
We never give your data to unauthorized third parties. However, in order to run our business efficiently, we obtain the services of selected service providers and give them limited and strictly monitored access to some of our data, in order to fulfil the purposes stated in this privacy policy. Before we forward personal data to these partner companies for processing on our behalf, each individual company undergoes an audit. All data recipients must meet the legal data protection requirements and undertake to protect your personal data to a comparable standard as required under the PDPA and other relevant data protection laws.
(a)Tabsquare’s affiliates
We are part of an international group of companies with legal entities in many parts of the world. We may share your personal data with Tabsquare’s affiliates as required to fulfil the Purposes outlined above, including for an efficient use of resources, ensuring that our business processes are functioning properly, to assist with customer support requests, conduct legal assessments or implement IT and platform security measures.
All Tabsquare’s affiliates are bound by strict intra-group data transfer agreements which comply with applicable data processing laws and principles and which apply whenever personal data is shared with affiliated companies.
(b)Service Providers and data processors
We use different service providers and data processors for our daily processing activities. These service providers and data processors process your personal data in accordance with the applicable local data protection laws and requirements and are permitted to process personal data only according to our instructions. Our services providers and data processors have no claims whatsoever to process your personal data for their own, independent purposes. We also monitor our processors and include only those who meet our data protection standards.
You have already learned about some of the parties we use as service providers above. Our user platforms and databases run on cloud resources provided by the EU subsidiaries of Google and Amazon Web Services (AWS). Because we use different data processors and change them from time to time, it is not possible for us to identify all individual recipients of personal data in this privacy policy. However, if you are interested, we will be happy to disclose the name of the processor(s) in use at that time upon request.
(c)Third parties
In addition to data processors, we also work with third parties, to whom we also transmit your personal data, but who are not bound by our instructions. These are, for example, our consultants, lawyers or tax consultants who receive your data from us on the basis of a contract and process your personal data for legal reasons or to protect our own interests. We do not sell or rent your personal data to third parties under any circumstances. This will never take place without your explicit, informed consent.
(d)Prosecuting authorities, courts and other public bodies
Unfortunately, it can happen that a few of our customers and service providers do not behave fairly and want to harm us. In these cases, we are not only obliged to hand over personal data to public authorities due to legal obligations, it is also in our interest to prevent damage and to enforce our claims and to reject unjustified claims.
We may also share your personal data with law enforcement agencies, government and regulatory bodies to meet applicable legal or regulatory obligations.
We generally delete your data after the purposes stated in this privacy policy have been fulfilled. The exact deletion rules are defined in our global policies and supporting local retention schedules. Different deletion rules apply depending on the purpose of the processing. Within our deletion concepts we have defined various data classes and assigned regular maximum retention and deletion periods to them. When the retention period has expired, the stored data will be deleted accordingly. If you have not used your user account on our platform for a period of more than three years, we will delete your personal data to make sure to comply with the principle of storage limitation.
In addition to the deletion rules we have defined ourselves, there are other legal retention periods which we must also observe. For various legal documents, such as invoices or business letters, applicable laws define minimum retention periods. For example, tax data must be kept for a period of between six and ten years or even longer in some cases. These special retention periods vary according to local legal requirements.
Furthermore, we will continue to store your data if we have a right to do so in accordance with applicable local laws. This applies in particular if we need your personal data for the establishment, exercise or defence of legal claims.
Your personal data may be disclosed or transferred to relevant third parties outside of your country as required under law, pursuant to relevant contractual relationship (for example, where Tabsquare appoints third party service providers) or for the purposes stated above (or directly related to those purposes). We will ensure that your personal data transferred outside your country is adequately protected with appropriate safeguards. By providing your personal data to us via this Site, you consent to the transfer of your personal data in accordance with this privacy policy.
We reserve the right to change this privacy notice to ensure compliance with relevant legal and statutory provisions, including the PDPA. We will inform you of any significant changes, such as changes of purpose or new purposes of processing.