Privacy Policy — Café Partners (Business)

This Privacy Policy explains how The Café Compass (“we”, “us”, “our”) collects, uses, and protects your data when you use our business platform for cafés, including our web dashboard and mobile app (together: the “Services”). We are committed to protecting your privacy and processing your data in accordance with the General Data Protection Regulation (GDPR) and Dutch law.

1. About Us

The Café Compass is operated by a sole proprietorship (eenmanszaak) registered in the Netherlands.
Trade name: The Café Compass
Legal form: Eenmanszaak
KvK (Chamber of Commerce) number: 98487310
Registered address: Keizersgracht 452, 1016GD Amsterdam, The Netherlands
Contact: business@thecafecompass.com

2. Data We Collect

We collect the following data:

• Café details: name, address, phone, email
• Owner/manager contact details: name, email, phone
• Logo and images of the café
• Payment and payout details (e.g., IBAN for Stripe Connect payouts)
• Offer details created by the café (discounts, campaigns, rules)
• Transaction data: revenue, payouts, and service fees
• Analytics and technical information (dashboard usage, cookies, crash logs)
• Identifiers (account ID and device identifiers)

2a. Device Permissions

When you use the mobile app, the following device permissions may be requested:

• Camera — used only for scanning QR codes and uploading photos.
• Photo library / files — used only to upload logos or promotional images.

You can change or revoke these permissions at any time in your device settings.

3. Purposes of Processing

We process your data in order to:

• Provide access to your business account and dashboard
• Enable you to create, edit, and publish offers
• Process transactions, fees, and payouts via Stripe
• Send invoices, service updates, and legal/financial information
• Promote your café on the user platform (public profile, logo, offers, address)
• Send newsletters and marketing communications (if opted in)
• Improve and secure our Services
• Prevent fraud and abuse
• Comply with legal and tax obligations

4. Legal Basis

We process personal data based on the following legal grounds:

• Performance of a contract (e.g., payouts, transactions, offers)
• Legal obligations (e.g., tax law requiring us to keep records)
• Legitimate interest (e.g., fraud prevention, analytics, service improvement)
• Consent (e.g., marketing communications, optional cookies)

5. Sharing of Data

We do not sell your data. We may share your data with trusted service providers that help us operate our Services, such as:

• Stripe (payments, fees, and payouts via Stripe Connect)
• Supabase (database, authentication, hosting)
• Vercel (website hosting)
• Spryng (SMS verification for OTP)
• Analytics and error monitoring providers
• Accountants or bookkeepers (for tax compliance)

These providers act as data processors under GDPR and only process data on our instructions. Some providers may process data outside the EU, where we rely on safeguards such as Standard Contractual Clauses.

6. Café Rights

Under GDPR you have the right to:

• Access your data
• Request correction of incorrect data
• Request deletion of your account and data (except where retention is required by law)
• Restrict or object to processing
• Request portability of your data

You can delete your account directly from within the app under Profile → Settings → Delete Account, or by contacting us at business@thecafecompass.com. Financial data and invoices will be retained as required by law (7 years).

7. Security

We take appropriate technical and organizational measures to protect your data against loss or unlawful processing. Data is transmitted securely over SSL/TLS and stored in secure environments provided by our service providers.

8. Data Retention

We keep your data only as long as necessary for the purposes described above or as required by law. For example, financial transaction data, invoices, and payouts are kept for 7 years under Dutch tax law.

9. Complaints

If you have questions or complaints, contact us at business@thecafecompass.com. You also have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

10. Changes

We may update this Privacy Policy from time to time. Updates will be published on this page with the revision date. Please review it regularly.

11. Data Linked to You (Apple App Store disclosure)

As required by Apple’s App Store privacy policy, the following types of data may be collected and linked to your identity when using the Café Compass Business app:

• Contact information (name, email address, phone number)
• Financial information (payouts, Stripe Connect data, fees)
• Identifiers (account ID, device identifiers)
• Usage data (dashboard interactions, crash logs)

This data is used only to operate and improve the app’s core business features. We do not use it for advertising or cross-app tracking, and we do not sell personal data.

Last updated: 6 December 2025