We’ll only ever collect, use and share your information in ways that are described in this policy
We're committed to the confidentiality and security of the personal data you give us.
Update your profile and communication preferences at any time
Along with our Terms and Conditions, this policy explains how we collect and handle your information across all of our websites, mobile apps and other services. We’ll review this policy from time to time to make sure it’s up-to-date. If we make changes, we’ll post the latest version here. When we make significant changes, we’ll let you know when you next access our services, or by other communications.
We only use your information where you've given us your consent, where its necessary to deliver the services you've requested, where it’s necessary to exercise or comply with legal rights or obligations, or for normal business purposes of the kind set out in this policy.
When we need to do so to deliver our services or facilitate the performance of a contract you've entered – or are entering – into, such as making a booking with us or a restaurant.
To improve or optimise our services and to otherwise protect or further our legitimate interests. This includes pretty serious reasons like fraud prevention and security but also fun ones like product enhancement so we can keep making First Table even better for our diners.
Everyone who uses our services will have bits and pieces of information about them collected, stored and processed. However, we don't collect more information than we need.
We only keep your data for as long as we need it, or are required to for legal reasons. We’ll then either delete it or anonymise it so it doesn’t identify you. We treat data differently depending on what it’s used for, but you can ask us to delete your personal data at any time.
We share your information only where you ask us to, where it’s a necessary part of doing business with you and providing you with the services, or where we need to for legal reasons. Restaurants you book with via First Table will collect your data in line with their own policies. Sometimes restaurants that advertise via our services may also collect your information. Finally, companies that help us deliver our services will also collect and use your data on our behalf.
We share information relating to our users with selected third parties who provide us with a variety of different services that support the delivery of our services (let's call them "Third Party Processors"). These Third Party Processors range from providers of technical infrastructure to customer service and authentication tools. We require any Third Party Processor which handles information on our behalf to do so pursuant to contractual terms which require that the information is kept secure, is processed in accordance with applicable data protection laws, and used only as we have instructed and not for that Third Party Processor’s own purposes (unless you have explicitly consented to them doing so).
Third Party Processors may be located in, or process your information, outside of the country in which you are based. Where our use of a Third Party Processor involves the transfer of personal data from within Europe to a location outside of the European Economic Area, we will put in place appropriate measures to ensure that the personal data is adequately protected in that location, most often by applying European Commission-approved standard contractual clauses alongside robust security checks.
The types of Third Party Processors we may share elements of your personal data with include:
We will share personal data with third parties where you expressly authorise us to, such as where we run a promotion in conjunction with a partner and you instruct us to share your email address with that third party for the purpose of receiving promotional emails.
Certain information may also be collected from you by third parties such as advertisers, marketing networks and affiliates using cookies and similar technologies. For example your IP address and events relating to your activity like searches you have carried out or pages you have viewed on First Table may be collected and transmitted to these third parties to allow them to serve relevant advertising to you across the web. The information that is collected in this way will never include your name, contact details or other information that would enable you to be identified in the offline world.
We may disclose your information where necessary to enforce our Terms of Service or other agreements, or to a prospective or ultimate buyer if First Table itself (or part of our business) is sold. We may also disclose your information if necessary to prevent, detect or prosecute illegal or suspected illegal activities, including fraud, or to prevent other damage or where necessary in response to legally binding requests, legal action against us, or to enforce our rights and claims.
Safeguarding your privacy is embedded in our culture and we use a combination of industry-standard methods to protect it.
Keeping your personal data secure is our highest priority. We limit access to only those First Table group employees who have to come into contact with your information to do their jobs and deliver our services.
Unfortunately, no website or app can guarantee complete security but we have created an organisation-wide security programme designed to keep your personal data as safe as possible. It uses a range of technical, organisational and administrative security measures and best-practice techniques, depending on the type of data being processed. For example, the computer systems we use to store your data have access limitations and in-cloud based servers that use industry-standard disc encryption. We use TLS and HTTPS encryption to protect your personal data when we transfer it across the internet. And we carry out security assessments on Third Party Processors who handle your data.
To make sure we maintain a culture of ‘Privacy by Design’, we provide thorough data protection and privacy training to all First Table group employees. We develop our services with the goal of using the minimum amount of personal data possible, including through use of data minimisation techniques like anonymisation and pseudonymisation. Also, whenever we develop or update our services in ways that involve the collection or use of new forms of personal data, we conduct a privacy impact assessment to understand, and reduce, the likelihood of any unintended impact on you.
Your data is securely stored in data centres around the world - the exact location depends on where you are when you use First Table. Your data will only be processed by suppliers who provide appropriate contractual safeguards for the information they process. Sometimes your data may be stored in countries with different levels of security to your own but we always make sure their standards meet ours.
We use a combination of cookies and other technologies such as pixels/web beacons and tracking codes to collect information for use in line with the purposes set out in this policy.
If you’ve got a First Table account, you can access, edit, download or delete the key personal data associated with your profile at any time by going to your Profile. From here you can also manage your subscription and marketing preferences.
You also have rights in relation to the personal data we have about you, which we explain in more detail below. You can exercise these rights by getting in touch with us via our Help Centre.
First Table is provided by First Table Limited, a company registered in New Zealand.
First Table Limited is the Data Controller of any information collected from you by us.
Our company number is: 1984426
Our registered office address is: 18/193 Glenda Drive, Queenstown 9348, New Zealand.
The best way to contact us is via our Contact Us page.
You have the right to ask us for a copy of your personal data; to correct, delete or restrict processing of your personal data; and to obtain the personal data you have provided to us in a structured, machine readable format. In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement). Where we have asked for your consent, you may withdraw consent at any time. If you ask to withdraw your consent to First Table processing your data, this will not affect any processing which has already taken place at that time.
These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law or have compelling legitimate interests to keep. If you have unresolved concerns, you have the right to complain to a data protection authority.
If you are able to establish that any of your personal information which has been stored and recorded by us is not accurate, complete or up-to-date, then you should notify us and we will take all reasonable steps to correct the information so that it is accurate, complete and up-to-date.
First Table uses secure third-party gateways to process credit card information and does not store or process credit cards itself.
Payments are processed by Stripe. Any credit card details stored for recurring payments are done so on Stripe's system. No credit card information is stored by First Table. Payments must be received prior to reservations being confirmed.
Go ahead, we'll get back to you as soon as possible!