Privacy Policy

1. Data Controller

The Batlr application is published by Lucas Khoury, an individual.

Data protection contact: privacy@batlr.app

2. Data Collected

2.1 Restaurant Operator Data (app user)

• First name, last name, email address
• Establishment name and address
• Professional phone number
• Payment information (for paid modules — processed by Stripe, never stored on our servers)

2.2 Restaurant Customer Data

• First name, last name, phone number, email address
• Reservation history and preferences
• Tags and notes (allergies, VIP, preferences — entered by the restaurant operator)
• Payment data (card hold via the Payments module — processed by Stripe)

2.3 Technical Data

• Anonymized device identifier
• Application and operating system version
• Anonymized crash logs

3. Purposes of Processing

• Providing and improving the Batlr service
• Managing reservations and the floor plan
• Customer relationship management (CRM)
• Sending confirmations, reminders, and reservation-related communications (Online Reservations module)
• Processing payments and billing for no-shows (Payments module)
• Customer support
• Aggregated and anonymized usage statistics

4. Legal Bases

• Performance of the contract: processing necessary for the provision of the service
• Legitimate interest: service improvement, fraud prevention
• Legal obligation: retention of billing data
• Consent: sending marketing communications (opt-in)

5. Data Sharing

Your data is never sold. It may be shared with:

• Stripe — payment processing (PCI DSS Level 1 certified)
• Cloud host — data storage (servers located in the European Union)
• Email/SMS provider — sending confirmations and reminders

All our subcontractors are bound by contractual commitments compliant with GDPR.

6. Retention Period

• Account data: retained as long as the account is active, then 3 years after the last activity
• Reservation data: 3 years
• Billing data: 10 years (legal obligation)
• Technical logs: 12 months

7. Your Rights

In accordance with GDPR, you have the following rights:

• Right of access to your data
• Right of rectification
• Right to erasure ("right to be forgotten")
• Right to data portability
• Right to object to and limit processing
• Right to withdraw your consent at any time

To exercise these rights, contact us at privacy@batlr.app. We will respond within 30 days.

You may also file a complaint with the CNIL (the French Data Protection Authority), or with your local equivalent data protection authority in your jurisdiction.

8. Account Deletion

You may request the deletion of your account and all your data at any time:

• From the application: Settings → Account → Delete my account
• By email to privacy@batlr.app

More details on our dedicated account deletion page.

Deletion takes effect within 30 days. Data subject to legal retention obligations (billing) will be kept for the required duration and then deleted.

9. Security

We implement appropriate technical and organizational measures: encryption in transit (TLS) and at rest, strict access control, regular audits.

10. Cookies

The batlr.app website uses only cookies strictly necessary for the operation of the site. No advertising or tracking cookies are used.

11. Changes

This policy may be updated. In case of a substantial change, we will notify you by email or through the application.

12. Contact

For any questions about this policy: privacy@batlr.app