top of page

Privacy Policy

Last updated: 31 May 2026

 

 

1. Introduction

 

Tableworx (Pty) Ltd ("Tableworx", "we", "us", or "our") provides a cloud-based point-of-sale (POS) platform for restaurants. This Privacy Policy explains how we collect, use, store, share, and protect personal information, and the rights you have in relation to that information.

 

We are committed to processing personal information in accordance with the Protection of Personal Information Act, 2013 (POPIA) of South Africa and, where applicable, the EU General Data Protection Regulation (GDPR).

 

This policy applies to two groups of people:

 

• Diners – individuals who order through a restaurant that uses our POS platform; and

• Clients – the restaurants and their representatives who subscribe to our services.

 

Please read this policy together with any agreement you may have entered into with us.

 

 

2. Who is responsible for your information

 

Tableworx is the responsible party (under POPIA) / data controller (under GDPR) for the personal information described in this policy, except where we process information on behalf of a client restaurant, in which case we act as an operator (under POPIA) / processor (under GDPR) for that restaurant.

 

Company details:

Tableworx (Pty) Ltd

Registration number: 2025/802135/07

Registered office: 10 Hoek Place, Olivedale, Randburg, Gauteng, 2188

 

Information Officer:

Visser Pretorius

Email: privacy@tableworx.co.za

 

 

3. Information we collect

 

3.1 Diner information

 

When a diner orders through a restaurant using our platform, they may opt in to create a profile by authenticating through Google (Firebase Authentication). When they do, we receive and store:

 

• Name

• Email address

• A record of items they have ordered, linked to their profile

 

Diners provide this information voluntarily by choosing to sign in and agreeing to share it. If a diner does not opt in, we do not create a linked profile for them.

 

3.2 Client information

 

When a restaurant becomes a client, we collect:

 

• Business and contact names

• Contact telephone numbers

• Email addresses

• Know-Your-Customer (KYC) documentation required to enable and verify payment processing (which may include identity documents and related verification information)

 

KYC documentation may include sensitive identity information. We collect it only because it is necessary to onboard clients for payments and to meet our legal and regulatory obligations.

 

3.3 Technical information

 

When you use our platform, we may automatically collect technical information such as device and log information needed to operate, secure, and improve the service. See Section 7 for information about cookies and similar technologies.

 

 

4. How we use your information

 

4.1 Diner information

 

We use diner information to:

 

• Maintain a diner profile and link past orders to that profile;

• Generate insights and analytics for the benefit of our clients and our service.

 

A diner's order history is never displayed publicly and is not shown after a diner has left. It is retained and used for data and analytics purposes only.

 

4.2 Client information

 

We use client information to:

 

• Provide, maintain, and support the POS platform;

• Onboard and verify clients for payment processing using KYC documentation;

• Communicate with clients about their account and our services;

• Comply with legal, regulatory, and financial obligations.

 

 

5. Legal basis for processing

 

We process personal information on one or more of the following bases:

 

• Consent – for example, when a diner opts in through Google to share their name and email.

• Performance of a contract – to provide our services to client restaurants.

• Legal obligation – for example, retaining KYC records to meet financial and regulatory requirements.

• Legitimate interests – such as securing, maintaining, and improving our platform, provided these interests are not overridden by your rights.

 

Where we rely on consent, you may withdraw it at any time (see Section 10).

 

 

6. Sharing your information

 

We do not sell your personal information. We may share it with:

 

• Service providers and sub-operators who help us run our platform (for example, cloud hosting and authentication providers such as Google/Firebase).

• Payment and verification partners involved in processing payments and verifying KYC documentation.

• Client restaurants, in respect of the diner profiles and order data associated with their establishment.

• Authorities or regulators, where we are legally required to disclose information.

 

We require parties who process information on our behalf to keep it secure and to use it only for the purposes we specify.

 

 

7. Cookies and similar technologies

 

Our platform uses cookies and similar technologies (such as local storage and authentication tokens) to function and to improve your experience. A cookie is a small file stored on your device.

 

We use the following categories:

 

• Strictly necessary – required for the platform to work, including authentication and session management through Google (Firebase Authentication). These cannot be switched off without affecting core functionality.

• Functional – remember your preferences and settings.

• Analytics and performance – help us understand how our website and platform are used so we can improve them. We use Wix Analytics for this purpose, which may set cookies to collect usage statistics.

 

Where required by law, we ask for your consent before placing non-essential cookies. You can manage or delete cookies through your browser settings, and you can withdraw consent at any time. Disabling certain cookies may affect how the platform works.

 

 

8. International transfers

 

Personal information is primarily processed in South Africa. As we expand into the EU, and where we use service providers located outside your country, your information may be transferred across borders. Where this happens, we take steps to ensure an adequate level of protection in line with POPIA and, where applicable, GDPR (for example, by using recognised transfer safeguards).

 

 

9. Data retention

 

We keep personal information only for as long as necessary for the purposes described in this policy, or as required by law:

 

• Diner profiles and order history are retained for ongoing data and analytics purposes for as long as the associated restaurant remains a client, or until the diner requests deletion (see Section 10).

• Client and KYC information is retained for the duration of the client relationship and for any further period required by applicable financial and regulatory laws.

 

When information is no longer needed, we securely delete or de-identify it.

 

 

10. Your rights

 

Subject to applicable law, you have the right to:

 

• Request access to the personal information we hold about you;

• Request correction of inaccurate or incomplete information;

• Request deletion of your information where there is no legal reason for us to keep it;

• Object to or request that we restrict certain processing;

• Withdraw consent where processing is based on consent;

• Request a copy of your information in a portable format (where GDPR applies);

• Lodge a complaint with a supervisory authority.

 

To exercise any of these rights, contact us at privacy@tableworx.co.za. We may need to verify your identity before responding.

 

 

11. Security

 

We implement appropriate technical and organisational measures to protect personal information against unauthorised access, loss, or misuse. While we take security seriously, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

 

 

12. Children's information

 

Our services are intended for use by businesses and adult diners. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can take appropriate action.

 

 

13. Complaints

 

If you have a concern about how we handle your information, please contact us first at privacy@tableworx.co.za. You also have the right to complain to a supervisory authority:

 

• South Africa: the Information Regulator (South Africa).

• EU (where applicable): your local data protection authority.

 

 

14. Changes to this policy

 

We may update this policy from time to time. When we do, we will revise the "Last updated" date above and, where appropriate, notify you of significant changes.

 

 

15. Contact us

 

If you have any questions about this Privacy Policy or your personal information, please contact:

 

Tableworx (Pty) Ltd

Information Officer: Visser Pretorius

Email: privacy@tableworx.co.za

Registered office: 10 Hoek Place, Olivedale, Randburg, Gauteng, 2188

​

​

​

​

​

bottom of page