Privacy Policy

Last updated: May 2025  ·  Tablemonk is a product of Klik 'm aan (KVK 92220010)

Tablemonk ("we", "us", "our") is a reservation management platform for restaurants. This privacy policy explains what personal data we collect, why we collect it, and how we handle it. It applies to all users of tablemonk.com, the Tablemonk dashboard, and the embeddable reservation widget.

1. Who is responsible?

The data controller is:

Klik 'm aan
KVK: 92220010
The Netherlands

2. What data do we collect?

Restaurant owners (account holders)

When you create and use a Tablemonk account, we collect:

• Name and email address
• Password (stored in hashed form, never readable)
• Restaurant name, email address, phone number, and physical address
• Billing address and country (required for subscription billing)
• Time zone and language preference
• Account activity data (login timestamps, subscription status)
• Acceptance of these terms and this privacy policy (date and version tracked)

Guests making a reservation

When a guest submits a reservation via the Tablemonk widget, the following data is collected on behalf of the restaurant:

• Name
• Email address
• Phone number
• Party size and requested date/time
• Optional notes (e.g. dietary wishes, special requests)

This data is stored by Tablemonk and is accessible to the restaurant that owns the widget. Tablemonk acts as a data processor for this data; the restaurant is the data controller.

Website visitors

We use Umami Analytics to measure page visits on tablemonk.com. Umami is privacy-friendly: it does not use cookies and does not collect any personally identifiable information.

3. Why do we use your data?

4. Third parties

We share data with the following third-party service providers:

• Stripe (stripe.com) — payment processing and subscription management. Your billing address and payment method are handled by Stripe. We do not store full card details. Stripe Privacy Policy
• Mailgun (mailgun.com) — transactional email delivery (account activation, password reset). Emails are processed in the EU region.
• widget.tablemonk.com — our own infrastructure that serves the embeddable reservation widget to visitors of restaurant websites.

We do not sell personal data to third parties.

5. Data retention

• Account data is retained for as long as your account is active. Upon deletion, data is removed within 30 days, except where we are legally required to retain it (e.g. invoice records for 7 years under Dutch tax law).
• Guest reservation data is stored as long as the restaurant's account is active. Restaurants can delete individual reservations at any time.

6. Your rights

Under the GDPR you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your data ("right to be forgotten")
• Restrict or object to processing
• Data portability — receive your data in a structured format
• Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at . We will respond within 30 days.

If you believe we are handling your data incorrectly, you have the right to file a complaint with the Dutch data protection authority: Autoriteit Persoonsgegevens.

7. Security

We take appropriate technical and organizational measures to protect personal data, including encrypted connections (HTTPS), hashed passwords, and access controls. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

8. Changes to this policy

We may update this privacy policy from time to time. We will notify account holders of material changes by email. The latest version is always available at tablemonk.com/privacy.

9. Contact

Questions about this privacy policy? Contact us at .