Privacy Policy







Bistrochat Privacy Policy



Last Modified: January 9, 2025
This comprehensive Privacy Policy sets forth the policies and procedures of Bistrochat Software Limited (“Bistrochat”, “we”, “our”, “us”) regarding the collection, use, disclosure, and protection of your personal data when you access or use our Services (which include our website, mobile applications, and affiliated platforms). By using our Services, you agree to this Privacy Policy.




Table of Contents



  1. Introduction and Scope
  2. Definitions
  3. Collection of Personal Information
  4. Legal Basis for Data Processing
  5. Use of Personal Information
  6. Disclosure and Sharing of Information
  7. International Data Transfers
  8. Data Retention
  9. User Rights and Choices
  10. Cookies and Similar Technologies
  11. Data Security Measures
  12. Compliance with Applicable Laws
  13. Children's Privacy
  14. Links to Third-Party Websites
  15. Changes to This Privacy Policy
  16. Contact Information




1. Introduction and Scope



This Privacy Policy explains how Bistrochat collects, uses, and protects your personal data in accordance with applicable laws, including those in Hong Kong, the United States, Singapore, Thailand, and the European Union (GDPR). It applies to all data processed in connection with our Services.




2. Definitions



  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Processing: Any operation or set of operations performed on personal data, whether automated or manual.
  • Data Subject: An individual whose personal data is processed.
  • Controller: The entity that determines the purposes and means of processing personal data.
  • Third Parties: Entities external to Bistrochat that may receive personal data.




3. Collection of Personal Information







3.1 Information You Provide


When you register or use our Services, you provide:
  • Account Information: Mobile number, name, email address, and an optional profile picture. Your name and profile picture are public within the app to help contacts identify you.
  • Booking and Loyalty Data: When you book a restaurant or join a loyalty program, your personal data (e.g., name, contact information, booking details) may be shared with the relevant restaurant. For removal of such data, please contact the restaurant directly.
  • Communications: Messages or other information you voluntarily send to us or to restaurants.




3.2 Automatically Collected Information


We automatically collect data as you use our Services:
  • Usage Data: Log files, diagnostic and performance information, crash reports, and service usage statistics.
  • Device Data: Hardware details, operating system information, unique device identifiers, and mobile network data.
  • Location Data: Geolocation information (if enabled) for displaying nearby restaurants and assisting with troubleshooting.
  • Cookies and Tracking: Information via cookies, web beacons, and similar technologies to enhance user experience and analyze service interactions.




3.3 Information from Third Parties


We may also receive personal data from:
  • Contacts: Information shared by individuals in your contact list who use our Services.
  • Third-Party Platforms: Data from social media or other platforms when you choose to register or log in using third-party services.
  • Service Providers: Data provided by partners who support our operations (e.g., infrastructure, analytics, marketing).






Our processing of your personal data is based on:
  • Consent: When you have provided explicit consent for specific processing.
  • Contractual Necessity: Processing necessary to provide you with our Services.
  • Legal Obligations: Compliance with legal and regulatory requirements in jurisdictions including Hong Kong, the USA, Singapore, Thailand, and under the GDPR.
  • Legitimate Interests: Processing essential for our legitimate business interests, provided such interests are balanced against your rights.




5. Use of Personal Information



We use your personal data to:
  • Operate and Enhance Services: Provide, maintain, support, and improve our Services, including customer support and troubleshooting.
  • Process Bookings: Facilitate restaurant reservations, loyalty programs, and messaging services.
  • Personalize Experience: Analyze usage patterns, personalize your experience, and develop new features.
  • Communicate: Send account-related notifications, service updates, security alerts, and promotional communications.
  • Ensure Security: Monitor, detect, and prevent fraud, abuse, and unauthorized access to our Services.
  • Research and Analytics: Conduct research, perform analytics, and gather insights to improve our Services.




6. Disclosure and Sharing of Information



Your personal data may be shared with:
  • Restaurants: To enable bookings and loyalty program participation.
  • Service Providers: Trusted third-party vendors who provide technical, analytical, and marketing services under strict data protection agreements.
  • Legal Authorities: In compliance with legal requests, court orders, or regulatory investigations.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.
  • Aggregated/Anonymized Data: Data that has been aggregated or anonymized, which does not identify you personally.




7. International Data Transfers



In providing our Services, your data may be transferred to and processed in jurisdictions outside your country of residence, including Hong Kong, the United States, Singapore, and Thailand. We take appropriate measures—including standard contractual clauses—to ensure that your personal data is protected in accordance with applicable international data protection laws, such as the GDPR.


8. Data Retention



We retain personal data for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods depend on the nature of the data and applicable laws.


9. User Rights and Choices



Depending on your jurisdiction, you may have rights including:
  • Access: Request a copy of your personal data.
  • Rectification: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your data, subject to legal obligations.
  • Objection: Object to the processing of your data in certain circumstances.
  • Data Portability: Request transfer of your data to another service.
  • Withdrawal of Consent: Withdraw your consent at any time when processing is based on consent.
To exercise these rights, please contact us as provided in Section 16.


10. Cookies and Similar Technologies



We use cookies and related technologies to:
  • Enhance and personalize your experience.
  • Analyze site usage and trends.
  • Deliver targeted advertising and promotional content.
You may adjust your cookie settings through your browser or review our Cookie Notice for more details.


11. Data Security Measures



We employ robust security measures to protect your personal data, including:
  • Encryption: Data encryption during transmission and at rest.
  • Access Controls: Strict access policies and authentication measures.
  • Security Audits: Regular audits and vulnerability assessments.
  • Monitoring: Continuous monitoring of systems to detect and prevent security breaches.
  • Secure Development: Adoption of secure coding practices and regular software updates.


12. Compliance with Applicable Laws



Bistrochat is committed to full compliance with all applicable data protection and privacy laws, including:
  • Hong Kong: Personal Data (Privacy) Ordinance.
  • United States: Relevant federal and state data protection regulations.
  • Singapore: Personal Data Protection Act (PDPA).
  • Thailand: Personal Data Protection Act (PDPA).
  • European Union: General Data Protection Regulation (GDPR).
We continuously review and update our practices to meet evolving legal requirements.


13. Children's Privacy



Our Services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If we discover that we have inadvertently collected such data, we will promptly delete it.




Our Services may include links to third-party websites or services that are not operated by us. Please be aware that we are not responsible for the privacy practices or content of such sites. We encourage you to review the privacy policies of any third-party websites you visit.


15. Changes to This Privacy Policy



We reserve the right to modify this Privacy Policy at any time. Changes will be posted on our website along with an updated “Last Modified” date. Continued use of our Services following any modifications indicates your acceptance of the updated Privacy Policy. We recommend reviewing this document periodically to stay informed about how we protect your data.


16. Contact Information



For any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: For requests concerning the deletion or access of your personal data, please reach out to our Data Protection Officer.
This Privacy Policy is intended to reflect our commitment to protecting your personal data while ensuring full compliance with international data protection laws. Your privacy is our priority, and we continually strive to maintain the highest standards of data security and transparency.