PPlatoOS
Legal

Privacy Policy

We take privacy seriously. This policy explains what we collect, why we collect it, and the choices you have.

Last updated: June 7, 2026

1. Who we are

PlatoOS ("PlatoOS", "we", "us", "our") is a hospitality technology company that builds software for restaurants, cafés, takeaways, pubs, food halls and other hospitality businesses. This policy applies to platoos.com and to the PlatoOS family of products, including Plato Reserve, Plato Orders and Plato Menu (the "Services").

2. Information we collect

We collect the following categories of information:

  • Account data — name, business name, email address, phone number, and login credentials.
  • Customer data — information about diners and customers that you process through the Services (such as reservation names, contact details, order history, dietary preferences).
  • Payment data — limited transaction details processed by our PCI-DSS compliant payment partners. We do not store full card numbers.
  • Usage data — device, browser, IP address, pages visited, and interactions with the Services.
  • Communications — messages you send us via forms, email or chat.

3. How we use information

  • To provide, operate, secure and improve the Services.
  • To process bookings, orders, payments and refunds on your behalf.
  • To communicate with you about your account, support requests and product updates.
  • To comply with legal obligations and prevent fraud or abuse.

4. Legal bases (UK / EU GDPR)

We rely on the following legal bases: performance of a contract, legitimate interests (e.g. securing the Services), consent (e.g. marketing emails and non-essential cookies), and legal obligations.

5. Sharing your information

We share data only with:

  • Sub-processors who help us run the Services (hosting, analytics, email, payments).
  • Authorities, when required by law or to protect our rights.
  • A successor entity in the event of a merger, acquisition or restructuring.

We never sell personal data.

6. International transfers

Where personal data is transferred outside the UK or EEA, we rely on appropriate safeguards such as the UK IDTA or EU Standard Contractual Clauses.

7. Data retention

We retain personal data only for as long as needed to deliver the Services, comply with legal obligations, resolve disputes and enforce our agreements.

8. Your rights

Depending on your location you may have rights to access, correct, delete, restrict or port your personal data, and to object to certain processing. To exercise these rights contact us at privacy@platoos.com.

9. Security

We use industry standard technical and organisational measures to protect personal data, including encryption in transit, access controls, and regular security reviews.

10. Children

The Services are not intended for children under 16 and we do not knowingly collect their data.

11. Changes to this policy

We may update this policy from time to time. Material changes will be communicated via the Services or by email.

12. Contact

Questions? Email privacy@platoos.com or visit our contact page.