RENDEZA

Privacy Policy

Last Updated: January 11, 2026

1. Introduction

Welcome to Rendeza ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience on our website and in using our services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

By using our website and services, you consent to the data practices described in this Privacy Policy. If you do not agree with the data practices described in this policy, you should not use our website or services.

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when you:

  • Fill out our contact form or free trial form
  • Communicate with us via email or other channels
  • Subscribe to our services

This information may include:

  • Contact Information: Name, email address, phone number, and postal address
  • Reservation Preferences: Preferred days and times, number of guests, dining companions (spouse, family, friends, etc.), and dietary preferences or restrictions
  • Additional Information: Any other information you choose to provide in messages or forms, such as preferred cuisine types, restaurant preferences, or special requests
  • Subscription and Payment Information: When you subscribe to our service, we collect billing information, payment method details (processed securely through our payment processors), subscription plan details, billing address, and transaction history

2.2 Automatically Collected Information

When you visit our website, we may automatically collect certain information about your device and browsing behavior, including:

  • Device Information: IP address, browser type and version, operating system, device identifiers
  • Usage Data: Pages visited, time spent on pages, clickstream data, referring/exit pages, date and time of visits
  • Location Data: General geographic location based on IP address

2.3 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to collect and store information about your preferences and browsing behavior. Cookies are small data files stored on your device that help us improve your experience. We use cookies for:

  • Analytics and performance monitoring (via Vercel Analytics)
  • Website functionality and user preferences
  • Understanding how visitors interact with our website

You can control cookies through your browser settings, but disabling cookies may limit your ability to use certain features of our website.

2.4 Payment and Subscription Information

When you subscribe to our services, we collect and process payment and subscription-related information, including:

  • Payment Method Information: Credit card numbers, debit card numbers, bank account information, and other payment details (processed securely through PCI DSS compliant payment processors)
  • Billing Information: Billing name, billing address, and billing contact information
  • Subscription Details: Subscription plan type, subscription start and end dates, renewal dates, subscription status, and payment frequency
  • Transaction Records: Payment history, invoice records, transaction IDs, refund information, and chargeback data
  • Account Information: Account creation date, account status, subscription preferences, and cancellation information

Important: We do not store full credit card numbers or CVV codes on our servers. All payment card information is processed and stored securely by our PCI DSS compliant payment processors. We only store tokenized payment information necessary for subscription management.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Provision: To provide, maintain, and improve our restaurant reservation services, including making reservations on your behalf and communicating with restaurants
  • Payment Processing: To process payments, manage subscriptions, handle billing, send invoices and receipts, manage renewals, and process refunds or cancellations
  • Subscription Management: To manage your subscription account, process subscription changes, handle upgrades or downgrades, manage trial periods, and communicate subscription-related information
  • Communication: To respond to your inquiries, send you service-related information, updates, and administrative messages, including billing notifications and subscription reminders
  • Personalization: To personalize your experience and provide recommendations based on your preferences
  • Fraud Prevention: To detect, prevent, and address fraud, unauthorized transactions, and security threats related to payments and subscriptions
  • Analytics: To analyze usage patterns, improve our website functionality, and enhance user experience
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, tax requirements, financial regulations, or governmental requests
  • Protection: To detect, prevent, and address technical issues, security threats, or violations of our terms of service

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We work with third-party service providers who perform services on our behalf, including:

  • Payment Processors: For processing payments, managing payment methods, handling subscriptions, and processing refunds. These processors are PCI DSS compliant and handle all sensitive payment card information securely. We do not store full payment card details on our servers.
  • Resend: For sending transactional emails and communications
  • Geoapify: For address autocomplete and geocoding services
  • Vercel Analytics: For website analytics and performance monitoring

These service providers are contractually obligated to protect your information and may only use it for the purposes we specify. Payment processors are required to comply with PCI DSS (Payment Card Industry Data Security Standard) requirements and other applicable financial regulations.

4.2 Restaurant Partners

We may share necessary information (such as name, reservation details, and contact information) with restaurant partners to make and manage your reservations.

4.3 Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to the same privacy protections.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using secure protocols (HTTPS/TLS)
  • Encryption of sensitive data at rest
  • Secure storage of personal information with access controls
  • PCI DSS compliance for payment data (via our payment processors)
  • Regular security assessments, vulnerability scans, and updates
  • Access controls, authentication procedures, and role-based access restrictions
  • Secure payment processing through PCI DSS compliant third-party payment processors
  • Regular monitoring and logging of access to sensitive information

Payment Data Security: We do not store full credit card numbers, CVV codes, or other sensitive payment card data on our servers. All payment card information is processed and stored securely by our PCI DSS compliant payment processors. We only store tokenized payment references necessary for subscription management.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Factors we consider when determining retention periods include:

  • The nature and sensitivity of the information
  • The purposes for which we process the information
  • Legal, contractual, or regulatory requirements (including tax and financial record-keeping requirements)
  • Our legitimate business interests
  • Active vs. inactive subscription status

Payment and Subscription Records: We retain payment and billing records as required by law, typically for at least 7 years for tax and accounting purposes, even after subscription cancellation. Transaction records, invoices, and payment history are retained in accordance with applicable financial regulations and tax requirements.

When we no longer need your information (subject to legal retention requirements), we will securely delete or anonymize it in accordance with our data retention policies.

7. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

7.1 General Rights

  • Access: Request access to the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information, subject to legal retention requirements
  • Portability: Request transfer of your data to another service provider
  • Objection: Object to processing of your personal information in certain circumstances
  • Restriction: Request restriction of processing in certain circumstances

7.2 California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following additional rights:

  • Right to Know: Request information about the categories and specific pieces of personal information we collect, use, disclose, and sell
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: Exercise your privacy rights without discrimination
  • Right to Correct: Request correction of inaccurate personal information

We do not sell your personal information. You may exercise your California privacy rights by contacting us at the information provided in Section 11.

7.3 European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom (UK), you have rights under the General Data Protection Regulation (GDPR), including:

  • Right of access, rectification, erasure, and restriction of processing
  • Right to data portability
  • Right to object to processing based on legitimate interests
  • Right to withdraw consent where processing is based on consent
  • Right to lodge a complaint with a supervisory authority

Our legal basis for processing your personal information includes: (1) your consent, (2) performance of a contract, (3) compliance with legal obligations, (4) protection of vital interests, (5) public interest, and (6) legitimate business interests.

7.4 Exercising Your Rights

To exercise any of these rights, please contact us using the information provided in Section 11. We will respond to your request within the timeframes required by applicable law. We may need to verify your identity before processing your request.

8. Children's Privacy

Our services are not directed to children under the age of 13 (or 16 in the EEA/UK). We do not knowingly collect personal information from children under these ages. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.

We comply with the Children's Online Privacy Protection Act (COPPA) and applicable laws regarding children's privacy.

9. Third-Party Links and Services

Our website may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

We use the following third-party services that may collect information about you:

  • Payment Processors: For processing payments, managing subscriptions, and handling billing. These services are PCI DSS compliant and handle payment card information securely. Common processors include Stripe, PayPal, or similar services. Review their privacy policies on their respective websites.
  • Vercel Analytics: Website analytics service. You can learn more about their practices at vercel.com/legal/privacy-policy
  • Geoapify: Address autocomplete service. Review their privacy policy at geoapify.com/privacy-policy
  • Resend: Email delivery service. Review their privacy policy at resend.com/legal/privacy-policy

When you make a payment through our website, your payment information is collected and processed directly by our payment processors. We do not have access to your full payment card details, as this information is handled securely by the payment processor in compliance with PCI DSS requirements.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using our services, you consent to the transfer of your information to these countries.

We take appropriate safeguards to ensure that your personal information receives an adequate level of protection, including using standard contractual clauses approved by relevant authorities where applicable.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated Privacy Policy on this page with a new "Last Updated" date
  • Sending you an email notification if you have provided us with your email address
  • Providing a prominent notice on our website

Your continued use of our services after any changes to this Privacy Policy constitutes acceptance of those changes. We encourage you to review this Privacy Policy periodically.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Rendeza

Email: contact@rendeza.com

For privacy-related inquiries, please include "Privacy Inquiry" in the subject line of your email.

13. Do Not Sell My Personal Information (California)

We do not sell your personal information. We do not sell, rent, or trade your personal information to third parties for their marketing purposes. If this practice changes in the future, we will update this Privacy Policy and provide you with appropriate opt-out mechanisms as required by law.

California residents can request information about our information-sharing practices by contacting us at the email address provided above.

14. Additional Information

This Privacy Policy is effective as of the date listed at the top of this page. This policy supplements, but does not replace, any other privacy notices or agreements we may provide to you in connection with specific services or transactions.

If any provision of this Privacy Policy is found to be invalid or unenforceable, the remaining provisions will continue to be valid and enforceable to the fullest extent permitted by law.

← Back to Home