tabloa
Back to home

Tabloa Privacy Policy

Last updated: [day/month/year]

This is a courtesy English translation of our Spanish-language Privacy Policy. In case of any discrepancy, the Spanish version prevails.

1. Purpose

This Privacy Policy explains how Tabloa collects, stores, uses, transmits, transfers, protects, and deletes personal data across our website, platform, contact channels, and related services.

2. Scope

This Policy applies to personal data of:

  • website visitors
  • sales prospects
  • customers
  • admin users
  • the customer's employees or collaborators
  • vendors and partners
  • anyone contacting Tabloa via email, WhatsApp, forms, chat or other channels
  • individuals whose data is registered by customers inside the platform

3. Tabloa's role with respect to data

Tabloa may act as data controller or data processor depending on context.

Tabloa acts as controller when handling data from its commercial relationship with customers, users, prospects, vendors or website visitors.

Tabloa acts as processor when handling personal data that a customer registers inside the platform — for example employee, consumer, vendor or third-party data tied to the restaurant. In those cases the customer is the controller and must hold the relevant legal authorizations.

4. Data we may collect

Tabloa may collect the following personal data:

  • name and surname
  • identification document where necessary
  • email
  • phone number
  • role or position
  • company, restaurant or business the user belongs to
  • billing data
  • data required to process payments through external providers
  • business address
  • information sent through support requests
  • messages sent via WhatsApp, email, forms or chat
  • IP address
  • browser, device, OS and technical usage data
  • cookies and similar technologies
  • sign-in, activity, audit and security logs
  • operational information registered in the platform

Tabloa does not seek to collect sensitive data. Where sensitive data is ever processed, express authorization will be requested when required by law, and the data subject will be informed that they are not obligated to authorize such processing.

5. Purposes of processing

Tabloa may process personal data for the following purposes:

  • create and administer user accounts
  • deliver the contracted service
  • manage authentication, security and access control
  • process payments, billing, subscriptions and collections
  • provide technical support and customer service
  • respond to requests, queries, complaints or claims
  • send operational, administrative, technical and security communications
  • send commercial, promotional or educational communications when authorized
  • improve the platform, its features and user experience
  • perform usage analytics, campaign measurement and internal statistics
  • prevent fraud, abuse, attacks, security incidents or misuse
  • comply with legal, contractual, accounting and tax obligations
  • keep records of terms acceptance, authorizations and transactions
  • perform backups
  • respond to requests from competent authorities

6. Authorization

When required by law, Tabloa will request prior, express and informed authorization to process personal data.

Authorization may be collected through web forms, acceptance checkboxes, contracts, data messages, electronic communications or other mechanisms that allow later verification.

7. Rights of data subjects

Data subjects have the right to:

  • know, update and rectify their data
  • request proof of the authorization granted
  • be informed about the use of their data
  • file complaints with the relevant data protection authority
  • revoke authorization or request data deletion when applicable
  • freely access their personal data as provided by law

8. Channels to exercise rights

Data subjects may exercise their rights by writing to:

Email: privacy@tabloa.com

Suggested subject: Personal data request

Requests must include at minimum:

  • full name
  • identification if applicable
  • contact email
  • clear description of the request
  • supporting documents when needed

Tabloa may request additional information to verify the requester's identity or to properly understand the request.

9. Processing of data registered by customers

When a customer registers personal data of their employees, consumers, vendors or third parties in Tabloa, the customer represents that they hold the necessary authorizations and comply with applicable data protection laws.

In those cases Tabloa will process the information solely to deliver the service, maintain security, perform backups, provide support, comply with legal obligations and execute the customer's instructions.

10. Information security

Tabloa implements reasonable administrative, technical and organizational security measures to protect personal data against loss, unauthorized access, misuse, alteration, disclosure or destruction.

These measures may include access controls, encryption where applicable, backups, monitoring, audit logs, environment separation, credential management and secure development practices.

No system is fully infallible. While Tabloa takes reasonable protection measures, absolute security cannot be guaranteed against events outside its reasonable control.

11. Vendors and third parties

Tabloa may share or transmit personal data to providers necessary for service operation, such as:

  • infrastructure and hosting providers
  • cloud storage
  • payment gateways
  • email providers
  • analytics tools
  • authentication services
  • monitoring and support tools
  • accounting, administrative or legal providers
  • competent authorities when legally required

Tabloa will seek that such third parties adopt adequate confidentiality and security measures.

12. International data transfers

Some Tabloa providers may be located outside Colombia. In those cases data may be processed or stored in other countries, complying with the conditions required by applicable law and seeking adequate protection measures.

13. Data retention

Personal data will be retained for as long as necessary to fulfill the purposes described in this Policy, the contractual relationship, legal, accounting, tax, audit, security or defense obligations.

When data is no longer necessary, Tabloa may delete, anonymize or block it as appropriate.

14. Cookies and similar technologies

Tabloa may use cookies and similar technologies to operate the website, maintain sessions, remember preferences, analyze service usage, improve user experience and measure campaigns.

Users can configure, block or delete cookies through their browser. Some features may be affected if essential cookies are disabled.

15. Commercial communications

Tabloa may send commercial, promotional or educational communications when authorized by the user or when an applicable legal basis exists.

Users may opt out via the mechanisms enabled by Tabloa.

16. Minors

Tabloa is aimed at business customers and users involved in operating restaurants, bars, cafes and similar businesses.

Tabloa does not knowingly collect data from minors. If a customer registers data of minors, the customer is responsible for holding the relevant authorizations and meeting legal requirements.

17. Changes to this Policy

Tabloa may modify this Privacy Policy. Changes will be published on the website or communicated by reasonable means when substantial.

Continued use of the platform after publication of changes implies awareness of the updated version.

18. Contact

For any privacy or personal data protection inquiry, you can write to:

privacy@tabloa.com