Privacy Policy

1. Introduction

Excuseme ("the Service") is a Shopify app that provides a table ordering system for restaurants. This Privacy Policy explains what information the Service collects, how it is used, and how it is protected.

2. Information We Collect

2.1 Store Information

• Shopify store domain name
• API access token (obtained through Shopify OAuth)
• Product information (products tagged for table ordering)

2.2 Order Information

• Table number
• Order details (product name, quantity, amount)
• Order status

2.3 Staff Information

• Staff name and email address
• Login credentials (passwords are stored as hashes)

2.4 Waitlist Information

• Phone number (used for check-in identification and repeat customer analysis)
• Party size and seat type preference

2.5 Information We Do Not Collect

The Service does not collect customers' personal information (name, address, payment details, etc.). Table ordering is conducted anonymously.

3. How We Use Information

• Providing and operating the table ordering service
• Order integration with Shopify POS
• Staff-based order management
• Waitlist management and seat assignment optimization
• Service improvement and bug fixes

4. Information Sharing

The Service does not share information with third parties except in the following cases:

• Order information integration through Shopify API (limited to the scope necessary for service provision)
• When disclosure is required by law

5. Data Storage and Deletion

• Data is stored encrypted on secure servers
• Store data is automatically deactivated when the app is uninstalled
• All data is completely deleted in response to Shopify data deletion requests (shop/redact)
• Completed order data is automatically anonymized after 90 days

6. Security

• HTTPS encrypted communication
• Shopify HMAC signature verification for webhooks
• Hashed password storage
• CSRF protection
• XSS prevention

7. GDPR & Data Subject Rights

In accordance with the EU General Data Protection Regulation (GDPR), we guarantee the following rights:

• Right of access to data
• Right to rectification
• Right to erasure (right to be forgotten)
• Right to data portability

To exercise these rights, please contact us using the information below.

8. Contact

For privacy-related inquiries, please use our contact form.