Subprocessors
Last updated: 2026-04-23 · Next review: 2026-07-15
Table Menu engages the following third-party service providers (subprocessors) to operate the platform. Each subprocessor has a contractual obligation to protect personal information at a standard comparable to Table Menu's own practices, consistent with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), Principle 4.1.3.
Some subprocessors are located in the United States. Personal information transferred to these providers may be subject to access by US authorities under applicable US law. Table Menu mitigates this risk through data minimization, encryption in transit and at rest, and contractual safeguards with each provider.
This list is reviewed and updated on a quarterly basis. Operators are notified at least fourteen days before a new subprocessor begins processing personal information, or immediately if an existing subprocessor is replaced due to a security or compliance concern.
| Provider | Service | Data accessed | Location | DPA |
|---|---|---|---|---|
| Supabase | Database, authentication, and file storage | Operator and guest data including names, email addresses, order history, loyalty records, and phone numbers | Canada (ca-central-1, primary) and United States (control plane) | View DPA |
| Stripe | Payment processing and subscription billing | Billing information, payment method tokens, and transaction records | United States | View DPA |
| Stripe Connect | Payout processing for restaurant operators | Operator bank account details, KYC identity documents, and payout history | United States | View DPA |
| Clover / Fiserv | Optional point-of-sale integration | Order data and item-level transaction records for restaurants using Clover POS | United States | View DPA |
| Twilio | SMS one-time passwords for guest phone verification | Guest phone numbers and SMS message content (OTP codes only, not retained) | United States (Canadian carrier routing) | View DPA |
| Vercel | Application hosting and global content delivery | Request and response data in transit; application logs | United States (with global CDN edge nodes) | View DPA |
| Sentry | Error monitoring and performance tracing | Stack traces, request metadata, and anonymized user identifiers in error context | United States | View DPA |
| Apple / PassKit | Apple Wallet loyalty pass issuance | Guest name (optional), loyalty tier, pass identifier, and device push token | United States and global Apple infrastructure | View DPA |
| Google Wallet | Google Wallet loyalty pass issuance | Guest name (optional), loyalty tier, and pass identifier | United States | View DPA |
| Anthropic | AI-powered admin features (menu board design, text generation) | Admin-submitted prompts containing menu and branding content (no guest data) | United States | View DPA |
| Google Gemini (Vertex AI) | Menu board background image generation | Admin-submitted prompts containing menu descriptions and style instructions (no guest data) | United States | View DPA |
Subprocessor change notification
Table Menu notifies affected restaurant operators by email at least fourteen (14) days before a new subprocessor begins processing personal information. If a subprocessor must be replaced urgently due to a security incident or service failure, notice is provided as soon as practicable and no later than the date the new subprocessor begins processing. This page is updated at the same time.
Questions
For questions about this subprocessor list or our data processing practices, contact privacy@tablemenu.app.