1. Information We Collect
When you use QRmesa to pay your restaurant bill, we may collect:
- Payment information: Transaction amounts, tip amounts, and payment status. Credit card data is handled directly by our PCI-compliant payment processors (Clover, Square, or Stripe) and is never stored on our servers.
- Email address: If you choose to receive a receipt, we collect the email address you provide.
- Session data: Temporary session tokens to link your device to your table and bill during your visit.
2. How We Use Your Information
- To process your payment through the restaurant's POS system
- To send you a receipt if you provide your email address
- To provide restaurant administrators with payment reports
- To maintain and improve the service
3. Information Sharing
We share your payment information with:
- The restaurant whose bill you are paying
- Payment processors (Clover, Square, or Stripe) to complete your transaction
- Email delivery services (SendGrid) if you request a receipt
We do not sell your personal information to third parties.
4. Data Retention
Payment records are retained for the duration required by applicable financial regulations. Session data is automatically expired within 2 hours. Receipt email addresses are stored alongside the payment record.
5. Data Security
We protect your data using industry-standard security measures including HTTPS encryption, encrypted token storage, and PCI-compliant payment processing. We do not store credit card numbers on our servers.
6. Your Rights
You may request access to, correction of, or deletion of your personal data by contacting us at privacy@qr-mesa.com.