Hospitality Reservation System

Menu

Now Available

Privacy Policy

Updated December 1st, 2025

1. Introduction

1.1 Under data protection laws, we are required to provide you with certain information about who we are, how we process your personal data and for what purposes, and your rights in relation to your personal data.

1.2 We are committed to protecting your personal data and respecting your privacy.

1.3 This Privacy Policy explains how Jollo Connect GmbH (“Jollo”) collects, processes, and shares information received from its website (“Website”) and mobile application software (“App”);

1.4 This policy, combined with our Terms of Use, as well as any additional terms incorporated by reference into the Terms of Use, applies to your use of:

  1. the App and any services that are accessible through the App (“Services”), made available for download on your device from an authorised distributor;
  2. the Website.

1.5 Our Services are not intended for children and we do not knowingly collect data relating to children.
Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

2. Important Information and Who We Are

2.1 Jollo Connect GmbH assists businesses in the hospitality sector by enabling customers to make, modify, or cancel reservations. Our services include providing a reservation management system, waiter configurations, and offering a user portal as an additional booking method. Furthermore, we also enable venues to manage table prices, guest lists, and member lists. When you make a reservation, we collect information about you to fulfil your request.

2.2 Jollo (referred to as “we”, “us” or “our” in this policy).

3. Contact Details

3.1 Our full details are:

  1. Full name of legal entity: Jollo Connect GmbH
  2. Email: customerservice@jollo.tech
  3. Postal address: Dammstrasse 19, Zug, CH-6300, Switzerland

3.2 If you have any concerns about our use of your personal information, you can make a complaint to us via the email cited above.

3.3 You also have the right to make a complaint to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues. The ICO’s address: Water Lane, Wycliffe House Wilmslow – Cheshire SK9 5AF UNITED KINGDOM.

4. Changes to the Privacy Policy

4.1 We keep our privacy policy under regular review.

4.2 Changes to this Privacy Policy may occur as we see fit, and the updated effective date will be specified.

4.3 Any modifications to the Privacy Policy concerning how we collect, use, or share personal data will be posted on this page and may also be displayed on-screen. Your consent to the revised terms may be required to continue your usage of our Services.

5. Third Party Links

5.1 Our Services may contain links that provide access to external websites or services of our partners. Please note that these websites and any services that may be accessible through them have their own privacy policies and we do not accept any responsibility or liability for these policies or for any personal data, such as Contact Data, that may be collected through these websites or services. Before providing any personal data, we recommend reading the privacy policies of these external websites or services carefully.

6. The Data We Collect About You

6.1 It is important that the personal data we hold about you is accurate and up to date. Please keep us informed if your personal data changes during our relationship with you.

6.2 We may collect, use, and share Aggregated Data for the purpose of analysing statistics or for any other relevant purposes. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity.

6.3 We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

6.4 The following data is being collected and processed to provide you with our Services, and comply with legal obligations:

Categories of Personal Data

  1. Identity Data: [first name, last name, account number]
  2. Contact Data: [phone numbers, email address]
  3. Financial Data: [credit and/or debit payment card details]
  4. Transaction Data: includes [details about in-App purchases, purchase history]
  5. Venue Data: includes [booking ID, date, time, table number, table guestlist, table cost, table
    clearance]
  6. Content Data: includes information stored on your device [login information]
  7. Profile Data: includes [your interests, preference]

7. How Your Personal Data Is Collected

7.1 We process personal data that you directly provide to us after obtaining your consent. This includes the data you share with us, such as requesting a demo on the Website, booking on the App, or contacting customer support. Your data is being used in the following ways:

  1. create and register a secure account;
  2. to operate, deliver, and improve the Services we offer;
  3. provide information to the venues we partner with;
  4. display your reservations on your account;
  5. send you service-related emails such as payment confirmations;
  6. follow applicable legal responsibilities;
  7. respond to any questions, and handle any complaints concerning our Service.

7.2 We will also receive your personal data indirectly to accommodate your requests from the following
sources:

  1. venue staff who record your information on the App to secure your reservation [Identity, Contact, Venue, and Profile Data];
  2. venues that accept a reservation directly from a customer via any third-party platform or service we are in contract with [Identity, Contact, Venue, and Profile Data];
  3. [Identity, Contact, Financial, and Transaction Data] from our chosen payment service provider.

8. How We Use Your Personal Data

8.1 We will only use your personal data when the law allows us to do so. We will use your personal data in the following circumstances:

  1. where you have provided consent before the processing;
  2. where we need to perform a contract that we have entered, or about to enter with you;
  3. where it is necessary for our legitimate interests (or those of a third party) given that such processing does not override your rights and interests;
  4. where we need to comply with a legal or regulatory obligation.

9. Purposes for Which We Will Use Your Personal Data

9.1 We are transparent about the data Jollo collects.

9.2 We minimise the collection of data to only what Jollo needs to provide you with our Services.

9.3 The following data is being collected to provide you with our Services, and comply with legal
obligations:

Purpose/ActivityCategories of Data ProcessedLawful Basis for Processing
Installing the App to register and/or log inIdentity, Contact, Content,as a userIdentity, Contact, Content, FinancialYour consent
To deliver the intended purpose of our ServicesIdentity, Contact, Venue, Financial, TransactionYour consent, Performance of a contract with you, Necessary for our legitimate interests (to offer good Services)
To manage our relationship with you including: notifying you about changes to the app or the Services, and respond to your queriesIdentity, Contact, Transaction, Financial, Venue, ProfileYour consent, Performance of a contract with you, Necessary for our legitimate interests (to keep our records updated), Necessary to comply with legal obligations (to inform you of any modifications to our terms and conditions)
Improving services by identifying and fixing problems Testing systemsIdentity, Contact, Venue, Financial, Transaction, Content, ProfileNecessary for our legitimate interests (for running our business, provision of administration and IT services, network security)
Data that has been de-identified and aggregatedAll applicable data categories within the given contextNecessary for our legitimate interests (for the purpose of assessing our Service)

10. Data Controller and Processor

10.1 Under the UK GDPR, Jollo is the controller of personal data for its registered App users and Website visitors. Jollo determines the purposes and means of processing this data.

10.2 Jollo can also act as a data processor on behalf of the venues it partners with, providing venues with services related to processing information they control. The personal data of venue’s guests is governed by their privacy policies.

10.3 Jollo is not liable for any venue’s non-compliance with the applicable personal data privacy laws.

11. Disclosures of Your Personal Data

11.1 When you consent to provide us with your personal data, we also request your consent to share certain categories of data with the third parties listed below:

  1. External Third Parties we cooperate with as detailed in the Glossary;
  2. Venues you engage with for reservations and paying for orders;
  3. third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

12. Cookies

12.1 For more information on cookies and/or similar technologies and the purposes for which they are used, see our Cookie Policy.

13. International Transfers

13.1 Many of our external third parties are based outside the UK so their processing of your personal data will involve a transfer of data outside the UK.

13.2 Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is in place by ensuring at least one of the following safeguards is implemented:

  1. we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data;
  2. when engaging with territories without an adequacy decision, we may use specific contracts that have been approved to provide the same level of protection for personal data as it has in the United Kingdom.

13.3 Contact us if you have any questions about how we transfer your personal data.

14. Data Security

14.1 We store all the information you provide to us on our secure servers. We have implemented the appropriate procedures to safeguard personal data from misuse, unauthorized access, and risk of dataloss.

14.2 Any payment transactions carried out by our chosen third-party provider of payment processing services will be PCI Compliant.

14.3 Jollo itself does not save your credit or debit card details, nor do we have any control over them.

14.4 Where we have given you (or where you have chosen) a password that enables you to use our Services, you are responsible for keeping this password confidential. We ask you not to share the password with anyone.

14.5 Given the vulnerabilities associated with the Information Technology (IT), we cannot guarantee that your personal data is secure.

14.6 If any personal data breach is suspected, we will notify you and any applicable regulator when we are legally required to do so.

15. Data Retention & Your Legal Rights

15.1 We may store your personal information for the duration that your account remains active.

15.2 We are subject to legal retention requirements and retain [Identity, Contact, Financial, and Transaction] data to comply with accounting or other regulations.

15.3 Personal data may be retained to exercise or defend legal claims.

15.4 We will delete unneeded data and ensure that it is not kept for a period longer than necessary for processing purposes. Contact us to learn more about our criteria for retention periods for different aspects of your personal data.

Your Legal Rights:
15.5 You are able to exercise the following rights by contacting us at customerservice@jollo.tech. We may not comply with your request if we are required to process the data for legal reasons.

You have the following rights under data protection laws in relation to your personal data:

  1. The right to access and request a copy of your personal data;
  2. The right to ask us to rectify personal data that is inaccurate. You also have the right to request that we complete information you think is incomplete;
  3. The right to ask us to restrict the processing of your data in certain circumstances, such as when you want us to establish the accuracy of the data;
  4. The right to transfer personal data to you or a third party via machine-readable format;
  5. The right to object to the processing of your data, if we process your personal data based on Legitimate Interests;
  6. The right to delete your personal data in certain circumstances, such as if there is no valid reason for us to continue its processing;
  7. The right to withdraw consent at any time. This will not affect the lawfulness of any processing carried out before you withdraw your consent. Consequently, we may not be able to provide certain products or services to you.

16. Glossary

16.1 Lawful basis (or bases)

  1. Consent means processing your personal data where you have signified your agreement by a statement or clear opt-in to processing for a specific purpose. Consent will only be valid if it is freely given, specific, informed and unambiguous indication of what you want.
  2. Legitimate Interest means our business conducting and overseeing operations to provide you with optimal services, products, and secure experiences. We prioritize your rights when processing personal data for our legitimate interests and do not use your data in ways that would compromise your interests. If you seek further insight into how we weigh our legitimate interests against potential impacts on you for specific activities, don’t hesitate to contact us.
  3. Performance of Contract means processing your data when it is necessary for the performance of a contract that we have either entered into with you, or are in the process of entering into. For example, processing personal data to provide a product or service.
  4. Comply with a legal obligation means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.

16.2 External Third Parties:

  1. Service providers [acting as sub-processors] who offer technical support, support the provision of our Services, and provide support for any other requests;
  2. Payment providers, such as Stripe, to process payments in accordance with their privacy policies;
  3. Professional advisers [acting as processors or joint controllers] including lawyers, bankers, auditors and insurers based Inside or outside of the UK who provide [consultancy, banking, legal, insurance and accounting services] when professional services are needed;
  4. HM Revenue and Customs, regulators and other authorities acting as processors or joint controllers based in the UK who require reporting of processing activities in certain circumstances.