Privacy Policy

01Overview

This Privacy Policy explains how isReserved collects, uses, and protects personal information when users access our staff management app and guest-facing pages.

02Information for Guest Users

Guest pages may collect the information needed to process waitlist/reservation requests, such as name, phone number, party size, preference, notes, and reservation date/time. We also use browser storage to keep confirmation status and active entry context.

03Information for Staff Users

Staff access may include Google login-based account data (such as email, profile information, role, and branch access scope), plus operational data needed to manage guests and branch settings.

04Cookies and Local Storage

We use cookies and web storage (localStorage/sessionStorage) for session handling and service operation.

Specifically, third-party vendors, including Google, use cookies to serve ads based on a user's prior visits to isReserved or other websites. Google's use of advertising cookies enables it and its partners to serve ads to users based on their visit to your sites and/or other sites on the Internet.

Users may opt out of personalized advertising by visiting Google Ads Settings or www.aboutads.info.

05How We Use Information

Data is used to provide core features, maintain account and access controls, process waitlist or reservation workflows, improve service reliability, and respond to support requests.

06Data Sharing and Retention

We do not sell personal data. Information may be shared only when required by law, with service providers supporting operations, or with user consent. Data is retained only as long as needed for service and compliance purposes.

Unless a longer retention period is required by applicable law, personal and operational data (including guest booking details, support inquiries, and related service records) is retained for up to 12 months from the last related activity. Session and browser storage items used for confirmation flow are retained until expiration, user reset/clear, or a maximum of 12 months.

Under applicable data protection laws (including PDPA-related requirements where applicable), we process personal data for clear service purposes and take reasonable steps to protect stored information.

We may share information with third-party service providers (such as payment gateways and analytics providers) strictly for the purpose of fulfilling service operations and improving user experience.

07Contact Us

Under the Personal Data Protection Act (PDPA), you have the right to access, correct, or limit the processing of your personal data.

If you have any questions about this Privacy Policy or wish to exercise your rights regarding your personal data under the PDPA, please contact us via our Contact Us page or email us at [email protected].