1. Who We Are
Nestvid Limited is a company registered in England and Wales. Our trading name is TableMind. Our contact address for all data protection matters is admin@tablemind.co.uk. We are registered with the Information Commissioner’s Office (ICO) as a data processor.
2. Data We Collect and Why
2.1 Venue operator and staff data
We collect the following data about venue operators and staff who use the Platform:
- Name, email address, and phone number: for account creation, platform access, and support communications.
- Business name, address, and Companies House number: for invoicing, legal compliance, and service delivery.
- Payment information: collected and held by GoCardless and Stripe. We do not store full card or bank details on our systems.
- Platform usage data: which features are used, when, and by whom, for support, security, and product improvement.
- Communications: emails and messages sent to our support address, retained for support and record purposes.
Lawful basis: contract performance (Article 6(1)(b) UK GDPR) and legitimate interests (Article 6(1)(f) UK GDPR).
2.2 Guest data (processed on behalf of venues)
When a venue uses TableMind, we process the following categories of guest personal data on their behalf:
- Identity data: first name, last name.
- Contact data: email address, phone number, postal address (for physical sends).
- Visit data: booking dates, party size, occasion, table preference, average spend, visit count.
- Preference data: dietary requirements, allergy information, wine preferences, seating preferences.
- Staff notes: free-text notes added by venue staff after service. May include sensitive personal information such as health-related dietary needs, life events, and personal circumstances.
- Communication history: records of WhatsApp, SMS, and email messages sent to guests through the Platform.
- Review data:Google reviews matched to guest profiles where the reviewer’s name corresponds to a profile in the database.
We process this data solely on the instructions of the venue. We do not use guest personal data for our own marketing, profiling, or commercial purposes. The venue is responsible for ensuring a lawful basis exists for this processing under UK GDPR, typically legitimate interests or explicit consent.
3. How We Use Personal Data
3.1 Venue operator and staff data
We use this data to:
- Deliver and maintain the Platform.
- Process payments and issue invoices.
- Provide customer support.
- Send service communications (not marketing) relating to platform updates, maintenance, and your subscription.
- Comply with our legal obligations.
3.2 Guest data
We process guest data on behalf of venues to:
- Build and maintain guest profiles within the Platform.
- Generate pre-service staff briefings.
- Trigger and fulfil milestone communications and physical sends.
- Match Google reviews to guest profiles.
- Generate analytics and retention reports for the venue.
- Detect lapse risk and generate win-back campaign content.
4. Data Sharing and Sub-processors
We share personal data with the following categories of third parties only where necessary to deliver the Platform:
| Sub-processor | Purpose | Data shared | Location |
|---|---|---|---|
| Neon | Managed PostgreSQL database hosting | All platform data | EU region |
| Vercel | Application hosting and edge delivery | No personal data stored at rest | EU / US |
| OpenAI | AI briefing and review response generation | Guest notes and profile data (de-identified prompts) | US (SCCs apply) |
| Google (Gmail SMTP) | Delivery of venue operator access-code emails | Venue operator email address only | EU / US |
| Google (Business Profile API) | Review management | Review responses only | EU / US |
| Meta (WhatsApp Business API) | Guest outreach messaging | Phone numbers and message content | US (SCCs apply) |
| Twilio | SMS fallback | Phone numbers and message content | EU / US |
| GoCardless | Direct debit collection | Bank account and mandate data | UK / EU |
| Stripe | Setup fee payment processing | Card data (PCI-DSS compliant) | EU / US |
| Majestic Wine | Birthday wine fulfilment | Guest name and delivery address | UK |
| Papier Business | Card printing and posting | Guest name, delivery address, card message | UK |
We do not sell, rent, or otherwise share personal data with any party not listed above. We require all sub-processors to comply with UK GDPR through appropriate contractual protections including Standard Contractual Clauses (SCCs) where data is transferred outside the UK.
5. Data Retention
5.1 Venue operator and staff data is retained for the duration of the subscription and for 6 years thereafter for tax and legal compliance purposes, in line with HMRC requirements.
5.2 Guest data is retained for as long as the venue subscription is active. Upon cancellation, we provide a full data export to the venue within 5 working days and delete all guest data from our systems within 30 days, except where retention is required by law.
5.3Message logs (email, and SMS or WhatsApp where the venue has enabled those channels) are retained for the duration of the venue subscription and deleted alongside the rest of the venue’s data on cancellation, unless retention is required by law.
5.4 We use soft deletion for guest records: deletion requests flag the record as deleted and exclude it from all further processing while we hold a short recovery window in case of accidental deletion. Permanent purge takes place at the end of the recovery window, on subscription cancellation, or on written request from the venue, whichever is sooner.
6. Your Rights Under UK GDPR
As a data subject, you have the following rights:
Right of access. You have the right to request a copy of the personal data we hold about you (as a venue operator or staff member) or that we hold about a guest on behalf of a venue.
Right to rectification. You have the right to request correction of inaccurate personal data.
Right to erasure. You have the right to request deletion of your personal data where we have no legitimate reason to continue processing it. For guest data, this right is exercised by contacting the venue (the data controller) directly.
Right to restriction. You have the right to request that we restrict processing of your data in certain circumstances.
Right to data portability. You have the right to receive your personal data in a structured, machine-readable format.
Right to object. You have the right to object to processing based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds.
Right to withdraw consent. Where processing is based on consent, you have the right to withdraw that consent at any time. This includes opting out of guest communications via the one-tap opt-out included in all messages sent through the Platform.
To exercise any of these rights, contact us at admin@tablemind.co.uk. We will respond within one calendar month. You also have the right to lodge a complaint with the Information Commissioner’s Office at ico.org.uk.
7. Cookies and Website Data
7.1 Our marketing website (tablemind.co.uk) may use cookies for analytics and to improve the user experience. A cookie consent banner will request your consent before any non-essential cookies are set.
7.2 The Platform application uses a single signed session cookie (named tm_venue) necessary for authentication. This is an essential cookie and does not require consent.
8. Security
We implement the following technical and organisational measures to protect personal data:
- Sensitive secrets such as Google OAuth refresh tokens are encrypted at the application layer using AES-256-GCM with a key held outside the database. Database storage is encrypted at rest by our managed PostgreSQL host (Neon).
- All data in transit is encrypted using TLS.
- Role-based access controls (owner and member roles, with per-page permissions) ensure staff see only the data relevant to their role.
- OAuth tokens and API keys are stored encrypted and never committed to source control.
- Database hosted in an EU region.
- Managed backups with point-in-time recovery provided by our database host.
- Authentication events tracked on each access code, including last-used timestamps; revoked codes cannot be reused.
- Staff access to the Platform governed by per-staff access codes delivered by email and validated server-side on every request.
9. International Data Transfers
Some of our sub-processors (including OpenAI and, where the venue has enabled them, Meta/WhatsApp and Stripe) are based in the United States. Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner. A copy of the relevant SCCs is available on request.
10. Children’s Data
The Platform is not intended for use in connection with individuals under the age of 16. Venues must not use the Platform to process personal data of guests under 16 without appropriate verified parental consent. If we become aware that data relating to a child under 16 has been processed without consent, we will take steps to delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email at least 30 days before they take effect. The current version of this policy is always available at tablemind.co.uk/privacy.
12. Contact and Complaints
For all data protection enquiries, requests, and complaints, please contact us at admin@tablemind.co.uk.
If you are not satisfied with our response, you have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk or by calling 0303 123 1113.