Skip to main content
DigiSolut
Legal

Privacy Policy

Last update: April 2026

DigiSolut treats the protection of your personal data as a priority. This policy explains which data we collect, why, how long we keep it, and how to exercise your rights.

1. Controller

The data controller is DigiSolut (digisolut.com). Contact: privacy@digisolut.com.

2. Data we collect

  • Professional account: first/last name, email, hashed password, phone, associated venue.
  • Bookings: guest name, email, phone, party size, date/time, preferences, notes.
  • Contact messages: name, email, optional phone, message content.
  • Technical data: IP address, user agent, application logs, cookies (see Cookie Policy).
  • Billing data: legal name, VAT number, address, payment history (via our provider).

3. Purposes and legal bases

  • Providing the SaaS service (contract performance);
  • handling bookings and communicating with end-guests (legitimate interest of restaurant operators);
  • billing and accounting obligations (legal obligation);
  • service improvement, aggregated analytics (legitimate interest);
  • commercial communications (consent, revocable at any time).

4. Retention periods

  • Active account: during the contract, then 3 years after last login.
  • Bookings: 3 years for evidence and statistics.
  • Non-converted contact messages: 3 years after last exchange.
  • Invoicing: 10 years (accounting obligation).
  • Cookies: as set out in the cookie policy.

5. Recipients and processors

Your data is processed by DigiSolut staff and by processors strictly bound by contract:

  • infrastructure host (Europe);
  • transactional email provider;
  • payment gateway;
  • privacy-respectful analytics.

No data is ever sold to third parties.

6. International transfers

Your data is hosted in the European Union. Any transfer outside the EU would be framed by Standard Contractual Clauses or another safeguard permitted by the GDPR.

7. Your rights

You have the rights of access, rectification, erasure, restriction, objection and portability, as well as the right to define post-mortem directives. To exercise your rights, write to privacy@digisolut.com. You may also lodge a complaint with the competent supervisory authority (in France, the CNIL).

8. Security

We apply appropriate technical and organisational measures: encryption in transit (HTTPS), hashed passwords (bcrypt), role-based access control, admin access logging, encrypted backups.

9. Changes

This policy may evolve. Any material change will be announced on the site and, where relevant, by email.