Privacy policy

Taresense is a software platform that lets independent restaurants run their website, online ordering, customer CRM, menu management, reservations, and invoicing from one place. We act as a data processor on behalf of each restaurant tenant: their customers’ personal data is theirs, not ours, and we handle it under their direction.

This policy describes how we handle two categories of people: (a) operators — restaurant owners and staff who sign up to run a restaurant on Taresense; and (b) diners — customers who place an order or book a reservation on a restaurant’s storefront.

When you create an operator account we store your email address, a hash of your password, and any name + role you tell us. We never store passwords in plaintext.

When you create a restaurant on the platform we store every field you enter — restaurant name, address, phone, hours, menu items, prices, staff memberships, your custom domain (if any), and the content of your website.

We use a session cookie to keep you signed in. We use Sentry for error monitoring; PII fields are scrubbed before they reach Sentry.

When a diner places an order or books a reservation on a Taresense-hosted storefront, we collect their name, email, phone (if provided), order or reservation details, and any notes they include. This data belongs to the restaurant. We process it on the restaurant’s behalf to fulfill the order, send confirmations, and surface the data on the restaurant’s dashboard. We do not use it for advertising, we do not share it across restaurants, and we do not sell it.

Taresense does not process customer payments. Diners pay the restaurant in person at pickup or on delivery. We never see, store, or transmit card data — no full PANs, no last-fours, nothing payment-related ever flows through our systems.

We share infrastructure and tooling with a small number of subprocessors under data-processing agreements:

• Vercel — application hosting + custom domain provisioning
• Neon — Postgres database
• Stripe — payment processing for our subscription billing only (operators paying us $39/$89/Custom). Diner payments never flow through Taresense.
• Resend — transactional email
• Sentry — error monitoring (PII scrubbed)
• Anthropic — vision-LLM extraction for menu uploads (data sent during onboarding only)

We do not sell data to third parties. We do not run advertising trackers on the marketing site or operator dashboard. Tenant storefronts inherit no third-party trackers from us by default — restaurants who choose to add Google Analytics or Meta Pixel to their own storefront do so under their own privacy disclosures.

We retain operator and tenant data for as long as the account is active. When you cancel, we keep your data accessible for 60 days (so you can re-import or change your mind), then delete it.

Aggregated, fully anonymized usage metrics may persist beyond that window for product improvement.

Operators can export everything they’ve given us as JSON or CSV from Account → Download my data, and can permanently delete their account from the same page.

Diners who want a copy or deletion of their data should contact the restaurant they ordered from — that restaurant is the data controller. We will honor any operator-issued export or delete request within 30 days.

EU/UK residents have rights under the GDPR including access, rectification, erasure, and portability. California residents have parallel rights under the CCPA. To exercise any of these, email privacy@taresense.com.

We set a single httpOnly session cookie to keep operators signed in. We do not use advertising or analytics cookies on the operator-facing dashboard. The Sentry error monitor sets a session-replay cookie which is stripped when an operator opts out via their browser’s privacy controls; explicit consent banner ships in a future release.

Taresense is a B2B product not directed at users under 16.

We’ll post material changes here at least 14 days before they take effect, and email account holders.

privacy@taresense.com