Privacy Policy

Data controller and processor

Dinnerchamp operates in two capacities depending on the category of data:

For restaurant accounts:

Dinnerchamp (operated by Daniel Wellsted, Barcelona, Spain) is the data controller for personal data provided by restaurant owners and staff — including name, email address, venue details, and subscription information. Contact: hello@dinnerchamp.com.

For diner data:

Where Dinnerchamp processes personal data of diners (including name, email address, visit history, and reward status), it does so as a data processor acting on behalf of the restaurant. The restaurant is the data controller for its diners’ personal data and is responsible for establishing a valid legal basis for that processing.

Diners who wish to exercise their GDPR rights in respect of data held by a restaurant should contact that restaurant directly. Dinnerchamp will assist the restaurant in responding to such requests in accordance with its obligations as data processor.

Data we collect

As data controller (restaurant accounts):

Restaurant owners and staff: name, email address, venue details, subscription and billing information.

As data processor (on behalf of restaurants):

Diners: name, email address, phone number (optional), visit history, loyalty progress, reward status, and language preference. This data is processed on the instructions of the relevant restaurant.

Legal basis for processing

Restaurant account data (controller):

We process this data on the legal basis of contract performance — to provide the Dinnerchamp service you have signed up for — and legitimate interest to operate, secure, and improve the platform.

Diner data (processor):

As a data processor, Dinnerchamp processes diner data on the documented instructions of the restaurant (data controller). The restaurant is responsible for identifying and maintaining a valid legal basis for processing diner data — typically legitimate interest or contract performance with the diner.

Sub-processors

• Supabase — database hosting (EU region)
• Resend — transactional email delivery
• Render — application hosting (EU region)

Data retention

Restaurant account data:

Retained for as long as the account is active. Accounts closed or deleted are purged within 30 days, unless retention is required by law (e.g. billing records).

Diner data (processed on behalf of restaurants):

Retained for the duration of the restaurant’s agreement with Dinnerchamp plus 30 days. Upon termination, the restaurant may request a data export before deletion. Anonymised or aggregated analytics data containing no personal data may be retained indefinitely.

Your rights under GDPR

If you are a restaurant owner or staff member:

You may exercise your GDPR rights (access, rectification, erasure, portability, restriction, objection) by contacting hello@dinnerchamp.com.

If you are a diner:

Your personal data is controlled by the restaurant whose loyalty programme you have joined. To exercise your GDPR rights, contact the restaurant directly. Dinnerchamp will assist the restaurant in responding within 5 business days of a written request.

You may also contact Dinnerchamp at hello@dinnerchamp.com if you need help identifying the appropriate restaurant contact.

Cookies

We use essential cookies only: authentication session and language preference. We do not use tracking or advertising cookies. See our cookie notice for details.

Updates to this policy

We may update this policy as the service evolves. Material changes will be communicated in advance by email or in-app notice.