Privacy Policy

Last updated: June 2026

This Privacy Policy explains how Upsoma Restro ("we", "us", "our") collects, uses, and protects information when you use our restaurant management platform and marketing website. By using our services you agree to the practices described here.

1. Information we collect

We collect the following categories of information:

  • Restaurant account data — name, contact details, outlet addresses, GST details and login credentials of restaurant owners and staff.
  • Customer order data — when a guest places an order through a table QR code, we collect their name, mobile number, ordered items and bill amount on behalf of the restaurant.
  • Demo & sales enquiries — name, phone, optional email and address submitted through our "Book a Demo" form.
  • Technical data — IP address, browser type and usage analytics to keep the service secure and reliable.

2. How we use information

  • To operate core features: ordering, kitchen display, billing, inventory and analytics.
  • To help restaurants understand their guests and improve their service.
  • Marketing on behalf of restaurants — customer order data (such as name and mobile number) may be used by the restaurant to send promotional and re-engagement messages about local offers via WhatsApp, RCS or SMS. Restaurants are responsible for obtaining the consent required by applicable law before sending such messages.
  • To respond to demo requests and provide customer support.
  • To detect, prevent and address security or technical issues.

3. Marketing communications & opt-out

Guests can opt out of promotional messages at any time by replying with the opt-out keyword provided in the message (for example "STOP") or by contacting the restaurant. We provide tools for restaurants to honour these opt-outs.

4. Data sharing

We do not sell personal information. We share data only with: (a) the restaurant that the data belongs to; (b) trusted service providers (such as cloud hosting, image storage and messaging API providers) who process data on our behalf; and (c) authorities where required by law.

5. Data retention & security

We retain data for as long as needed to provide the service and meet legal obligations. Each restaurant's data is logically isolated, access is role-based, and we apply industry standard security measures including encryption in transit and validated server-side pricing.

6. Your rights

Depending on your jurisdiction, you may have the right to access, correct, or delete your personal data. To exercise these rights, contact us at [email protected].

7. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by the "Last updated" date above.

8. Contact

Questions about this policy? Email [email protected].