Privacy Policy

SERVIRIS provides hospitality software, landing pages, APIs, digital menu tools, blog content, contact forms and related services for restaurants, cafes, bars, hotels, venues and other service businesses.

This Privacy Policy applies to personal data processed by SERVIRIS when you visit our website, contact us, create or manage an account, use our APIs or services, receive transactional messages from us, or interact with our analytics and cookie tools.

Some businesses use SERVIRIS to publish menus, business details, products, prices, allergens, translations, images and other customer-facing information. Those businesses remain responsible for the data and content they choose to publish or collect through their own use of the platform.

We may provide localized user interfaces for convenience, but legal notices are intentionally maintained in English so the meaning remains consistent.

The data we collect depends on how you use SERVIRIS. We limit collection to data that is needed for the relevant purpose, where technically and commercially reasonable.

• Account and business data: name, email address, phone number, role, business name, business address, billing details, login identifiers, workspace settings and service preferences.
• Contact form data: first name, last name, email, phone, message, page URL, selected language, consent checkbox status, timestamps and related technical metadata.
• Business content: menus, categories, products, tags, allergens, translations, prices, images, logos, descriptions, SEO data, QR settings and other content uploaded or configured by a business.
• Technical data: IP address, device and browser information, referrer, pages viewed, actions taken, diagnostic logs, error events, session identifiers and security signals.
• Cookie and analytics data: consent preferences, analytics events, marketing or advertising signals where you have allowed them, and similar technologies explained in this policy.
• Payment and billing data: billing contact details, invoices, subscription status and payment processor references. Payment card details are handled by payment processors where applicable.
• Suppression and blacklist data: email address, email hash, source URL, reason, timestamp, IP address and user agent where needed to prevent future unwanted contact.

We use personal data to operate, secure, support and improve SERVIRIS, to communicate with users, to process requests, to comply with legal obligations and to protect legitimate business interests.

• Provide accounts, workspaces, APIs, landing pages, digital menu features and related services.
• Respond to contact requests, demos, support messages, legal notices, privacy requests and business enquiries.
• Send service messages, security notices, contact-form confirmations and administrative communications.
• Maintain fraud prevention, abuse detection, spam controls, honeypot checks, validation checks and other safeguards.
• Measure website performance and product usage through optional analytics when consent is available.
• Improve user experience, diagnose issues, monitor reliability and build features requested by customers.
• Comply with accounting, tax, data protection, consumer, court, regulatory or other legal obligations.
• Enforce agreements, investigate misuse, preserve evidence, resolve disputes and protect SERVIRIS, users and third parties.

Where the GDPR or similar laws apply, we rely on one or more legal bases depending on the activity.

• Contract: to provide the services, accounts, APIs, support, billing and service communications you request.
• Legitimate interests: to secure the services, prevent abuse, improve reliability, respond to business enquiries, keep basic records and protect legal rights, provided those interests are not overridden by applicable rights.
• Consent: for optional analytics, marketing storage and other processing where consent is legally required.
• Legal obligation: to comply with tax, accounting, court, regulatory, security and data protection requirements.
• Vital or public interests: only where strictly required by law or emergency circumstances.

SERVIRIS uses cookies, local storage and similar technologies for essential operation, security, preferences, analytics and, where enabled, marketing or advertising measurement.

Essential and security storage may be active by default because the site needs them to function, remember consent choices and prevent abuse. Optional analytics and marketing storage are set to denied by default and are only updated if you accept them or save custom preferences.

We may use Google Tag Manager and Google Analytics to understand website traffic, content performance, device types, page interactions and technical behavior. Consent preferences are stored locally in your browser under the SERVIRIS consent preference key and can be changed through the cookie settings button in the footer.

• Essential: needed for the website, language behavior, security, forms and consent state.
• Analytics: helps us understand aggregate usage and improve pages and products when accepted.
• Marketing: may help measure campaigns or advertising performance when accepted.
• Decline or withdraw: you can decline optional categories or change your settings later. Browser settings may also block or delete cookies.

Our contact form includes safeguards such as required fields, an acceptance checkbox, server-side validation, honeypot spam protection and blacklist checks. These safeguards reduce abuse but cannot guarantee that every submitted name, email, phone number, company detail or message is accurate.

When someone submits a contact form, SERVIRIS may send an internal notification and may send a copy or confirmation to the email address entered in the form. If the entered address belongs to another person, that person may receive the message by mistake because the sender provided incorrect information.

If you receive a SERVIRIS contact-form copy or message because another person used your email address, you can use the removal or blacklist link where included, or email privacy@serviris.com or support@serviris.com. We may add your address or a hashed version of it to a suppression list so future contact attempts are blocked.

Businesses using SERVIRIS may collect or publish information about their own customers, guests, menus, reservations, orders, employees, products, allergens, prices, translations and venue details. In those cases, the business is generally responsible for deciding what data is collected, why it is collected and how it is presented to its customers.

SERVIRIS may act as a processor, service provider or technical vendor for data handled on behalf of a business customer, depending on the feature and relationship. The business must provide its own legally required notices, consents, age checks, allergen disclosures, food information, alcohol-sale notices and customer-facing policies where applicable.

We do not sell personal data. We may share personal data only where needed for the purposes described in this policy or where required by law.

• Hosting and infrastructure providers that help run the website, APIs, databases, storage, logs and security systems.
• Email and communication providers that send contact-form copies, transactional emails, support messages and notifications.
• Analytics and tag tools such as Google Tag Manager and Google Analytics where enabled and permitted by consent settings.
• Payment and billing providers where subscriptions, invoices, tax records or payments are used.
• Professional advisers such as accountants, lawyers, auditors, insurers and security consultants where needed.
• Authorities or legal parties when required by law, court order, regulatory request or to protect rights, safety and security.
• Business transfers if SERVIRIS is involved in a merger, acquisition, restructuring, investment, sale of assets or similar transaction.

SERVIRIS may use service providers or infrastructure located outside your country. Where personal data is transferred internationally, we use safeguards required by applicable law, such as appropriate contractual commitments, adequacy decisions, technical security measures or other lawful transfer mechanisms.

We keep personal data only for as long as needed for the purposes described in this policy, unless a longer retention period is required or permitted by law.

• Account and business records are retained while the account is active and for a reasonable period after closure for backup, legal, accounting, dispute and security purposes.
• Contact-form messages are retained for support, sales, abuse prevention and legal record purposes.
• Technical logs are retained for security, debugging, analytics and reliability for periods appropriate to the risk and purpose.
• Suppression or blacklist records may be kept for as long as needed to prevent future unwanted contact and protect the recipient.
• Some deleted data may remain temporarily in backups or logs before scheduled deletion or overwrite.

We use administrative, technical and organizational measures designed to protect personal data, including access controls, validation checks, spam protections, secure transport where configured, separation of operational roles, logging and monitoring.

No website, API, email system, database or internet transmission is completely secure. SERVIRIS cannot guarantee absolute security, but we work to reduce risk and respond to suspected issues appropriately.

Depending on where you live and which law applies, you may have rights to access, correct, delete, restrict, object to processing, transfer your data, withdraw consent and lodge a complaint with a supervisory authority.

To exercise rights, contact privacy@serviris.com. We may need to verify your identity and may refuse or limit a request where permitted by law, such as where we must keep records, protect another person, preserve security evidence or comply with legal obligations.

SERVIRIS services are intended for businesses and adults. They are not directed to children. We do not knowingly collect personal data from children for account creation or business use.

Businesses using SERVIRIS are responsible for complying with local laws about minors, age-restricted goods, advertising, consent, parental requirements and the sale or display of alcohol or other restricted products.

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a new last updated date. Material changes may also be notified through the service or by email where appropriate.

For privacy questions, data requests, suppression requests, wrong-email reports or legal notices, contact privacy@serviris.com or support@serviris.com.

Postal reference: SERVIRIS, Athens, Greece.