Privacy policy

Privacy Policy


Effective Date: 17 January 2025
Last Updated: 17 January 2025

1. Introduction

Welcome to RSRV, operated by P.K. PROJECT-X VENUE-RESERVE LTD (“RSRV,” “we,” “us,” or “our”). We respect your privacy and are committed to safeguarding your personal data in accordance with this Privacy Policy.

By using our RSRV App or accessing our RSRV website (collectively, the “Service”), you acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy and our Terms of Service (“TOS”) (which form an integral part of your agreement with us). If you do not agree, please discontinue using the Service.

2. Who We Are

  • Data Controller: P.K. PROJECT-X VENUE-RESERVE LTD.

  • Contact Information:

We do not currently have a designated Data Protection Officer (DPO). All privacy-related inquiries can be directed to the above email address.

3. What Data We Collect

We collect several types of information from and about our users, including:

3.1 Account Data

  • Venue Owners:

    • Email

    • Encrypted password

    • Business details (venue name, latitude/longitude, textual address, PO Box, venue capacity)

    • Phone number

    • Social media links for Instagram and Facebook (optional)

  • Customers:

    • Username

    • Email

    • Encrypted password

    • Verified phone number (required to make reservations)

    • (Optional) real-time location (if user grants permission)

Purpose:

  • To create/manage user profiles and enable venue reservation features.

  • To allow Venue Owners to post their venue details and contact information.

  • To facilitate location-based event listings, if location permissions are granted.

3.2 Reservation Data

  • Reservation Details: Date, time, venue, table type (Normal/VIP), number of people, and optional event info (dress code, entry price, etc.).

  • Manual Reservations: Venue Owners may collect Customer data (e.g., phone number) offline and input it manually.

Purpose:

  • To fulfill reservation requests, keep track of event capacity, and facilitate necessary communications between Customers and Venue Owners.

  • To manage any standard or custom fees set by the Venue Owner (e.g., the default €3 per person service fee when payment is live).

3.3 Usage Data & Technical Information

  • Device/Log Data: IP address, device type, operating system, in-app actions (e.g., booking or canceling reservations), error logs.

  • Push Notification Tokens: If you opt in to receive push notifications, we collect a unique token to send reminders, updates, or offers.

Purpose:

  • To ensure correct Service functionality, troubleshoot technical issues, and send relevant or requested notifications.

3.4 User-Generated Content

  • Venue Media: Venue photos, social media links, event photos, etc.

  • Feedback: Venue Owners and Customers can each submit up to three pieces of feedback per month.

Purpose:

  • To display venue information (photos, social media) and event details to users.

  • To allow feedback and reviews, subject to moderation.

3.5 Location Data

  • Customers: We may request real-time location access (optional) to show nearby venues/events. Declining may limit distance-based features.

  • Venue Owners: Provide location details (latitude/longitude, textual address, city, P.O. Box) to display on a map for Customers.

Purpose:

  • Location-based filtering for user convenience (e.g., nearest events/venues).

  • Accurate map pins for Venue listings.

3.6 Additional Metadata

  • Username Change History: We track when a username was last changed.

  • Account Status: Banned or active status (for policy enforcement, e.g., repeated no-shows).

4. How We Use Your Data

  1. Account Management: Creating, securing, and maintaining your user account.

  2. Reservations: Enabling table/event bookings, cancellations, phone number verification, and no-show policies.

  3. Notifications: Sending push notifications/alerts about reservations, events, weekly reminders, and updates:

    • Toggles are disabled by default and must be enabled by the user in App Settings (or device settings).

  4. Moderation & Policy Enforcement: Monitoring user-generated content for TOS violations and taking measures (like account bans for repeated no-shows).

  5. Legal & Compliance: Retaining certain data for accounting or dispute resolution if/when payment functionality is live.

  6. Analytics & Service Improvement: Using Firebase Analytics and Google Analytics for performance metrics and crash reports.

5. Third-Party Services & Sub-Processors

5.1 Hosting and Cloud Services

We use Google Cloud and Firebase to store user data (including passwords, reservation data) in secure databases. All data in transit uses secure (HTTPS) protocols.

5.2 Analytics

We rely on Firebase Analytics and Google Analytics to collect aggregated app usage statistics and crash reports.
These may gather certain device identifiers and approximate location if permission is granted.

5.3 Push Notifications

Implemented via Firebase. We store device-specific tokens to send notifications if you choose to enable them.

5.4 External CRM or Marketing Tools

Currently none. If we integrate any in the future, we will update this policy and seek any necessary consent.

6. Data Retention & Deletion

  1. Reservation Data:

    • Retained indefinitely to provide statements or records once payments are introduced.

    • Venue Owners may keep historical reservation details offline (e.g., for legal compliance); RSRV is not responsible for how we handle external or exported records.

  2. User Account Data:

    • On account deletion, we remove your personal details (email, phone number, username, password) from our servers.

    • Historical reservations or events may still reflect your attendance in a Venue Owner’s exported or offline data.

  3. Events:

    • Expired events are removed from public view daily. Venue Owners may still access historical data internally.

  4. No Automated Inactivity Purge:

    • We do not automatically delete inactive accounts currently.

7. Tracking, Cookies, and Web Components

  • Mobile App: We do not use traditional cookies, but do collect analytics data via Firebase and Google Analytics.

  • Website: Our informational website may use standard cookies for session management and analytics.

    • Functional Cookies: Required for basic site operation.

    • Analytics Cookies: Track visits and usage patterns (via Google Analytics).

  • No Targeted Ads: We do not use advertising cookies or serve behavioral ads.

  • Cookie Consent: By continuing to use our website, you agree to any applicable cookies. You can usually manage or disable cookies in your browser settings.

8. Lawful Bases for Processing

  1. Performance of a Contract: Creating accounts, handling reservations, verifying phone numbers, enabling push notifications (if opted in).

  2. Legitimate Interests: Moderating content, preventing fraud/abuse, improving and analyzing our services.

  3. Legal Obligations: Maintaining reservation/payment data for accounting or dispute resolution if required by law.

  4. Consent:

    • Location sharing, push notifications, or similar optional features.

    • You can withdraw consent at any time in your device or app settings.

9. Children’s Privacy

  • Our Service is not intended for children under 13. If we discover anyone under 13 has provided personal information, we will promptly suspend and delete the account.

  • Venue Owners are responsible for enforcing local age restrictions on their premises (e.g., alcohol-serving events).

10. Notifications & User Choices

  • Venue Owners:

    • Can enable (or leave disabled) toggles for weekly reminders (Thursday/Sunday), general updates/offers, and event reminders (reservations/cancellations).

  • Customers:

    • Can enable (or leave disabled) toggles for event and reservation notifications.

  • Forgot Password: Users can reset passwords via the “Forgot Password” option.

  • Change Username: Users can update their username in Settings.

  • Delete Account: Users can delete their accounts in Settings (with permanent removal of personal data from our servers, except historical event logs needed for Venue Owners’ records).

  • Privacy Policy / TOS Access: In-app Settings > Privacy Policy & Terms of Service.

  • Push Notifications: Disabled by default; users may enable them.

  • Marketing Emails: Currently not in use; if this changes, we will seek opt-in.

11. Offline Data & Venue Owner Liability

  • Manual Reservations: Venue Owners may input Customer details offline. RSRV is not responsible for how Venue Owners store or process that offline data.

  • Independent Controllers: Venue Owners are considered separate data controllers of any personal data they export or manage outside our platform.

12. Complaints & Dispute Process

  • Contact Us First: project-x@venue-reserve.com. We typically respond within 2 days.

  • Supervisory Authority: In Cyprus, contact:

    • Commissioner for the Protection of Personal Data

    • Address: 1 Iasonos Street, 1082 Nicosia, Cyprus

    • Phone: +357 22818456

    • Email: commissioner@dataprotection.gov.cy

    • Website: http://www.dataprotection.gov.cy

  • You may also lodge a complaint with a supervisory authority in your EU country of residence.

13. International Data Transfers

  • Data Location: Primarily stored in Firebase/Google Cloud servers, which may reside in the EU or elsewhere.

  • Safeguards: We implement Standard Contractual Clauses (or equivalent measures) to ensure adequate protection when transferring data outside the EU.

  • Venue Owner Storage: Venue Owners may export or keep offline records of reservations. RSRV does not control those exported data sets.

14. Future Payments & Refunds

  • Payment Processing: Not yet active. References to fees (e.g., a default €3 fee) will only apply once payment functionality is officially launched.

  • Refund Policy: Will be clarified upon enabling payments.

15. Versioning & Policy Changes

  • We maintain a revision log. Any material changes to this Policy will be communicated (e.g., an in-app notification), and continued use of our Service after updates signifies acceptance of the revised terms.

16. Disclaimer on On-Site Activities

  • RSRV only handles reservations. We do not oversee on-premise venue operations, including alcohol service or recreational drug use. Any incidents or liabilities related to intoxication, illegal substances, or other in-venue conduct are the sole responsibility of the Venue Owner and/or attendees.

  • For additional disclaimers regarding liability and venue incidents, please see our TOS.

17. Contact Us

If you have any questions, concerns, or wish to exercise data protection rights, please contact us:

You can also find help and support within the app (Settings > Help & Support).

Important Note
This Privacy Policy covers only how we collect, use, and protect personal data. For rules governing user conduct, disclaimers, liability, fees, bans, venue policies, and other legal aspects, please refer to our Terms of Service (“TOS”).

Thank you for using RSRV!
© 2025 P.K. PROJECT-X VENUE-RESERVE LTD. All Rights Reserved.