Privacy Policy

1. Introduction

Tattle (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our restaurant feedback platform and related services. We are SOC2 Type 2 compliant, demonstrating our commitment to the highest standards of data security and privacy.

2. Information We Collect

2.1 Information You Provide

• Account information (name, email address, phone number, company details)
• Restaurant and location information
• Guest feedback and survey responses
• Communications with our support team
• Payment and billing information (processed securely through third-party providers)

2.2 Information Collected Automatically

• Device information (IP address, browser type, operating system)
• Usage data (pages visited, features used, time spent on platform)
• Location data (with your permission)
• Cookies and similar tracking technologies

2.3 Guest Feedback Data

When guests provide feedback through our platform, we collect survey responses, ratings, and optional contact information if they choose to provide it for follow-up purposes.

3. How We Use Your Information

We use the collected information to:

• Provide and maintain our services
• Process and analyze guest feedback
• Generate insights and reports for restaurant operators
• Improve our platform and develop new features
• Communicate with you about your account and our services
• Send marketing communications (with your consent)
• Ensure platform security and prevent fraud
• Comply with legal obligations
• Facilitate guest recovery and improve customer satisfaction

4. Data Security

We take data security seriously and are proud to be SOC2 Type 2 compliant. Our security measures include:

• End-to-end encryption for data in transit and at rest
• Regular security audits and vulnerability assessments
• Strict access controls and authentication protocols
• Employee training on data security best practices
• Incident response and disaster recovery procedures
• Compliance with industry standards and regulations

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• With your consent: When you explicitly agree to share information
• Service providers: With trusted third parties who help us operate our platform
• Legal requirements: When required by law or to protect our rights
• Business transfers: In connection with mergers, acquisitions, or asset sales
• Aggregated data: We may share anonymized, aggregated data that cannot identify individuals

6. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations. When determining retention periods, we consider:

• The nature and sensitivity of the information
• Our contractual obligations to you
• Legal and regulatory requirements
• Our legitimate business interests

7. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request a copy of your personal information
• Correction: Request corrections to inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Request your data in a portable format
• Opt-out: Unsubscribe from marketing communications
• Restriction: Request limits on how we use your information

To exercise these rights, please contact us at privacy@gettattle.com.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage patterns, and improve our services. Types of cookies we use include:

• Essential cookies: Required for platform functionality
• Analytics cookies: Help us understand platform usage
• Preference cookies: Remember your settings and preferences
• Marketing cookies: Used for targeted advertising (with consent)

You can manage cookie preferences through your browser settings.

9. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected information from a child under 18, we will delete that information promptly.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable laws.

11. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA), including:

• The right to know what personal information we collect, use, and share
• The right to delete personal information
• The right to opt-out of the sale of personal information (we do not sell personal information)
• The right to non-discrimination for exercising privacy rights

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the “Last updated” date. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us: