Privacy Notice

This Privacy Notice explains how Cagenda ("Cagenda", "we", "us") collects, uses, shares, and protects personal data when you use our café and restaurant operating system (the "Service"). Cagenda is the data controller for personal data processed through the Service.

1. Data we collect

• Account data: name, email address, login credentials, business name, role.
• Operational data: menu items, orders, tables, inventory, shifts, receipts, expenses.
• Customer support data: messages, attachments, and contact details you submit.
• Usage and device data: log data, device identifiers, IP address, browser type, pages viewed.
• Cookies: essential cookies for sign-in and security; optional analytics cookies where permitted.

Payment card details are collected directly by our payment provider, Paddle, and are not stored by Cagenda.

2. How we use data

• Create and manage your account and provide the Service.
• Process and fulfil orders placed via the Service.
• Provide customer support and respond to enquiries.
• Detect, prevent, and address fraud, abuse, and security incidents.
• Improve, troubleshoot, and develop new features.
• Send service-related communications and, where permitted, marketing.
• Comply with legal obligations.

3. Legal bases

We process personal data on the bases of (a) performance of a contract with you, (b) our legitimate interests in operating and securing the Service, (c) compliance with legal obligations, and (d) your consent, where required (e.g. for non-essential cookies or marketing).

4. Sharing

We share personal data with:

• Service providers / subprocessors (hosting, database, analytics, email, support tooling) acting on our instructions.
• Paddle, our Merchant of Record, for the sale of subscriptions, payment processing, billing, invoicing, tax compliance, and subscription management.
• Professional advisers such as lawyers, accountants, and auditors.
• Authorities when required by law or to protect our rights, users, or the public.

5. International transfers

Where we transfer personal data outside the UK/EEA, we rely on appropriate safeguards such as Standard Contractual Clauses or an adequacy decision.

6. Retention

We retain personal data for as long as your account is active and as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. When no longer needed, data is deleted or anonymised.

7. Your rights

Subject to applicable law, you have the right to access, rectify, erase, restrict, port, or object to processing of your personal data, and to withdraw consent at any time. You may also lodge a complaint with your local data protection authority. We respond to verified requests within one month.

8. Security

We apply appropriate technical and organisational measures, including encryption in transit, access controls, and least-privilege practices.

9. Cookies

We use essential cookies required to operate the Service and may use analytics cookies to understand usage. You can manage cookies in your browser settings.

10. Contact

Questions or requests? Contact Cagenda through the in-app support channel or via the contact details on our website.