Privacy Policy
Last reviewed: March 2026
This privacy policy explains how TabWall ("we", "us", "the platform") collects, uses, and protects your personal data. TabWall is a consumption tracking platform used by community clubs and event organisers to manage beverage service at their events.
We have written this policy in plain language so that everyone can understand it, regardless of their technical background.
Who Is Responsible for Your Data?
The data controller is the organisation (club, association, or event organiser) that uses TabWall to run their events. They decide what data is collected and why.
TabWall acts as a data processor on behalf of each organisation. We provide the technology platform, but the organisation is responsible for how they use it.
If you have questions about your data, please contact the organisation that invited you to their event first. You can also reach us at privacy@tabwall.de.
What Data Do We Collect?
1. Account and Identity Data
When you sign up or join an event, we collect:
- Your name and email address — so we can identify you and send you a one-time login code
- One-time passwords (OTPs) — temporary codes sent to your email for logging in; these are deleted after use
2. Biometric Data (Face Recognition)
If the event uses face recognition, we may collect:
- Face photos — pictures of your face used to create a mathematical representation
- Face embeddings — a mathematical representation (not a photo) used to recognise you
This is sensitive data under EU law (GDPR Article 9). We only collect biometric data with your explicit consent before any photo is taken. You can withdraw your consent at any time (see "Your Rights" below).
Face embeddings are stored separately from your name and email, linked only by an internal token. This means even if someone accessed the embeddings, they could not easily connect them to your identity.
3. Consumption Data
When drinks are served at an event, we record:
- What was consumed — the beverage name and quantity
- The price at the time — locked in when the drink is served, even if prices change later
- When it happened — date and time
- Who consumed it and who served it — so the organiser can track tabs and settle payments
4. Payment and Settlement Data
When the event ends or payments are made:
- Cash transactions — amounts received and settled
- Settlement records — who paid and how much
5. Organisation and Membership Data
If you belong to a club or organisation using TabWall:
- Your membership in one or more organisations
- Your role (owner, admin, or member)
- Location associations — which venues you have access to
6. Session and Authentication Data
To keep you logged in securely:
- Session tokens (JWT) — stored in your browser as cookies
- Language preference — which language you use the platform in
For a full list of cookies used by TabWall, see our Cookie Notice.
7. Subscription and Billing Data
If your organisation subscribes to a paid plan:
- Billing and payment data is processed by Stripe, our payment provider
- We do not store your credit card details — Stripe handles all payment security (PCI-DSS compliant)
- We only store a reference to your Stripe subscription
8. Google Sheets Sync Data
If an organisation enables Google Sheets integration:
- Consumption data is synced to an external Google Sheets document controlled by the organisation
- The organisation decides what data is shared and is responsible for that Google Sheet
Why Do We Process Your Data?
| Data | Purpose | Legal Basis |
|---|---|---|
| Name, email, OTPs | Account creation, login, identification | Contract performance |
| Face photos and embeddings | Recognising you at events (hands-free check-in) | Explicit consent (GDPR Art. 9(2)(a)) |
| Consumption data | Tracking tabs, settling payments, event reporting | Contract performance / Legitimate interest |
| Payment and settlement data | Processing and recording payments | Contract performance |
| Organisation and membership data | Managing access and roles | Contract performance |
| Session tokens | Keeping you logged in | Legitimate interest |
| Stripe billing data | Processing subscriptions and payments | Contract performance |
| Google Sheets sync | Exporting event data as configured by the organiser | Legitimate interest of the organisation |
How Long Do We Keep Your Data?
- Event-scoped guest biometric data (face photos and embeddings for guests who only join a single event) — automatically deleted when the event closes
- Persistent guest biometric data — kept until an admin deletes it or you withdraw consent
- Registered user biometric data — kept until you delete it yourself or withdraw consent
- Face photos — deleted after the event closes plus a short configurable dispute window, then automatically purged
- Consumption data — retained as long as needed for settlement and accounting purposes
- Account data — retained while your account exists
- One-time passwords — deleted immediately after use or expiry (10 minutes)
Your Rights
Under the General Data Protection Regulation (GDPR), you have the following rights:
- Access — You can ask to see what data we hold about you
- Correction — You can ask us to correct inaccurate data
- Deletion — You can ask us to delete your data (subject to legal retention requirements)
- Restrict processing — You can ask us to limit how we use your data
- Data portability — You can ask for your data in a machine-readable format
- Object — You can object to certain types of processing
- Withdraw consent — If you gave consent for biometric data, you can withdraw it at any time
Self-Service Options
- Registered users can delete their own face data at any time through the platform
- Admins can delete guest face data on behalf of the guest
- Event-scoped guests have their face data automatically deleted when the event closes
Withdrawing your biometric consent triggers an immediate deletion of all your face embeddings and photos.
To exercise any of these rights, contact the organisation that manages your event, or email us at privacy@tabwall.de.
Who Has Access to Your Data?
We use the following service providers (subprocessors) to operate TabWall:
| Provider | Purpose | Location |
|---|---|---|
| Hetzner | Hosting and infrastructure | Germany (EU) |
| Stripe | Payment processing | USA (with EU data protection) |
| Sheets sync (only if configured by the organisation) | USA (with EU data protection) | |
| ML inference service | Face recognition processing | As configured |
For a full and current list of subprocessors, see our Subprocessor Disclosure page.
Service Limitations and Disclaimers
Please be aware of the following important limitations:
- TabWall is provided "as-is" without warranty of any kind, whether express or implied
- We do not guarantee uptime — the platform may experience downtime or interruptions at any time, and there is no Service Level Agreement (SLA)
- Internet connectivity is the venue's responsibility — TabWall has no control over and is not responsible for network availability at your event location
- TabWall is a consumption tracking aid, not a certified billing system or point-of-sale — it does not replace the organiser's responsibility to track and settle consumption accurately
- We are not liable for: data loss due to outages, incorrect consumption records, incorrect settlement summaries, or any financial loss arising from system unavailability
- The organiser retains ultimate responsibility for consumption tracking, settlement, and dispute resolution at their events
- Technical safeguards exist (such as Google Sheets fallback and admin panel access) but these are not guaranteed to prevent all data loss scenarios
For the full limitation of liability terms, please see our Terms of Service.
Changes to This Policy
We may update this privacy policy from time to time. When we make significant changes, we will update the "Last reviewed" date at the top of this page.
We recommend checking this page periodically to stay informed.
Contact
For any questions about this privacy policy or your personal data:
- Email: privacy@tabwall.de
- Organisation contact: Please reach out to the organisation that manages your event for data-specific questions
- Related documents: Terms of Service · Data Processing Agreement · Subprocessor Disclosure · Cookie Notice
This privacy policy was last reviewed in March 2026. We recommend professional legal review before commercial launch.