tw

Legal

Privacy Policy

Last updated: March 2026

1. Introduction

table.watch (“we”, “us”, “our”) is committed to protecting your privacy. This policy explains how we collect, use, store, and share your personal data when you use our service.

We are based in the United Kingdom and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data We Collect

When you create an account and use table.watch, we collect:

  • Email address — required for account creation and notifications
  • Name — provided during registration
  • Phone number — optional, only if you opt in to SMS notifications
  • Notification preferences — your chosen notification methods and settings
  • Watchlist data — the restaurants, dates, and party sizes you are monitoring

We do not collect any data beyond what is necessary to provide the service.

3. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Consent — you provide consent when creating your account and opting in to notifications
  • Legitimate interest — we process data as necessary to deliver the service you have signed up for, including monitoring availability and sending notifications

4. How We Use Your Data

Your personal data is used to:

  • Create and manage your account
  • Send notifications when tables become available at restaurants you are watching
  • Communicate important service updates

We will never sell your personal data to third parties. We do not use your data for advertising or profiling purposes.

5. Cookies

table.watch uses only essential cookies required for the service to function. Specifically, we use a Supabase authentication session cookie to keep you signed in.

We do not use analytics cookies, tracking cookies, or any third-party advertising cookies. No cookie consent banner is needed because we only use strictly necessary cookies as defined under UK GDPR.

6. Third-Party Services

We use the following third-party services to operate table.watch. Each processes your data only as necessary to provide their specific function:

  • Supabase — authentication and database hosting
  • Forward Email — email delivery for notifications
  • Twilio — SMS delivery for notifications (only if you opt in)
  • Vercel — website hosting and infrastructure

7. Data Retention

We retain your personal data for as long as your account exists. If you delete your account, we will delete all associated personal data within 30 days, except where we are required by law to retain it longer.

You can request deletion of your data at any time by contacting us or deleting your account through the settings page.

8. Your Rights

Under UK GDPR (Articles 15–22), you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — request correction of inaccurate personal data
  • Erasure — request deletion of your personal data
  • Portability — request your data in a structured, machine-readable format
  • Object — object to the processing of your personal data
  • Restrict processing — request that we limit how we use your data

To exercise any of these rights, contact us at privacy@table.watch. We will respond within 30 days.

9. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. All data is transmitted over encrypted connections (HTTPS) and stored in secure, access-controlled infrastructure.

10. Changes to This Policy

We may update this privacy policy from time to time. If we make material changes, we will notify you by email. Your continued use of the service after any changes constitutes acceptance of the updated policy.

Contact

For any privacy-related questions or to exercise your data rights, contact us at privacy@table.watch.