NexTable logo
For Restaurants

NexTable Privacy Policy

Last Updated: December 02, 2025

Introduction

This Privacy Policy describes how NexTable Limited and its subsidiaries (collectively, "NexTable," "we," "our," or "us") collect, use, process, and share personal information. This Policy applies to visitors and users (individually, "you") of NexTable's websites, applications, and other services (collectively, our "Services").

NexTable is a leading restaurant discovery and booking platform operating across West Africa, helping connect diners with over 8,000 restaurants across Lagos, Abuja, Accra, and other major cities. Your use of our Services is subject to this Privacy Policy and our Terms of Service.

2. Information We Collect

2.1 Information You Provide Directly

When you use our Services, we collect information you voluntarily provide:

Account Information

  • Name, email address, phone number
  • Password (encrypted) or authentication via OTP
  • Profile photo (optional)
  • Primary dining location
  • Birthday and anniversary dates (optional)
  • Professional status (if applicable)

Authentication Information

  • One-Time Passwords (OTPs) sent via SMS or email
  • Verification codes for account security
  • Login timestamps and device information
  • Authentication method preferences

Dining Preferences

  • Favorite cuisines and restaurants
  • Dietary restrictions and preferences
  • Preferred dining times and party sizes
  • Special occasion information

Reservation Information

  • Booking details (date, time, party size)
  • Special requests or requirements
  • Guest information (when booking for others)
  • Cancellation and modification history

Communication Content

  • Reviews and ratings you submit
  • Messages to restaurants through our platform
  • Customer support inquiries
  • Feedback and survey responses

Payment Information (when required)

  • Payment card details (processed securely through third-party processors)
  • Billing address
  • Transaction history

2.2 Information Collected Automatically

Device and Usage Information

  • IP address and approximate location
  • Device type, operating system, and browser
  • Unique device identifiers
  • App version and usage statistics
  • Pages visited and features used
  • Search queries and filters applied
  • Click-through rates and interaction data

Location Information

  • City-level location from IP address
  • Precise location (only with your permission)
  • Restaurant proximity data for recommendations

Cookie and Tracking Information

  • Session cookies for authentication
  • Preference cookies for language and settings
  • Analytics cookies for service improvement
  • Marketing cookies (with consent)

2.3 Information from Third Parties

OAuth Providers

  • Profile information from Google
  • Basic profile data (name, email, profile picture)

Restaurant Partners

  • Dining history and preferences
  • Loyalty program information (where applicable)
  • Feedback provided directly to restaurants

Payment Processors

  • Transaction confirmation and status
  • Anti-fraud verification data

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Service Delivery

  • Process and manage restaurant reservations
  • Send booking confirmations via email and SMS
  • Provide personalized restaurant recommendations
  • Enable communication between you and restaurants
  • Maintain your saved restaurants and preferences
  • Process payments when required

3.2 Authentication and Security

  • Send OTP codes via SMS or email for secure login
  • Verify your identity during account creation and login
  • Provide two-factor authentication for enhanced security
  • Validate phone numbers and email addresses
  • Detect and prevent unauthorized account access
  • Maintain audit logs of authentication attempts

3.3 Communication

  • Send reservation reminders and updates
  • Notify you of booking changes or cancellations
  • Provide customer support
  • Send service-related announcements
  • Marketing communications (with consent)

3.4 Improvement and Personalization

  • Analyze usage patterns to improve our Services
  • Develop new features and functionality
  • Personalize search results and recommendations
  • Conduct research and analytics
  • Test and optimize user experience

3.5 Safety and Security

  • Detect and prevent fraud
  • Verify user identity
  • Enforce our Terms of Service
  • Comply with legal obligations
  • Protect rights and safety of users

3.6 Marketing (with consent)

  • Send promotional offers and newsletters
  • Inform you about new restaurants and features
  • Share special dining events and opportunities
  • Provide partner offers (with explicit consent)

4. Information Sharing

We share your information in the following circumstances:

4.1 With Restaurants

When you make a reservation, we share:

  • Your name and contact information
  • Party size and special requests
  • Dining preferences and restrictions
  • Reservation history (for restaurant groups)

4.2 Service Providers

We work with third-party providers for:

  • SMS and email delivery (Twilio, SendGrid)
  • OTP generation and delivery services
  • Payment processing (Paystack, Flutterwave)
  • Cloud hosting and storage
  • Analytics and monitoring
  • Customer support tools

OTP Service Providers

We use Twilio for secure delivery of OTP codes via:

  • SMS to your registered phone number
  • WhatsApp messages (where available)
  • Email as a fallback option

These providers only receive the minimum information necessary (phone number or email) to deliver the OTP and do not store your authentication codes.

4.3 Legal Requirements

We may disclose information when required by:

  • Court orders or legal processes
  • Law enforcement requests
  • Regulatory compliance
  • Protection of rights and safety

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity.

4.5 Aggregated Data

We share anonymized, aggregated data for:

  • Industry reports and trends
  • Restaurant performance metrics
  • Market research

5. Data Retention

We retain your information for as long as:

  • Your account remains active
  • Necessary to provide our Services
  • Required for legal obligations
  • Needed for legitimate business purposes

You can request deletion of your account and associated data at any time, subject to legal retention requirements.

6. Data Security

We implement appropriate technical and organizational measures to protect your information:

  • Encryption of data in transit and at rest
  • Secure authentication mechanisms
  • Regular security audits and assessments
  • Access controls and monitoring
  • Employee training on data protection
  • Incident response procedures

6.1 OTP Security Measures

  • OTP codes are generated using cryptographically secure methods
  • Codes expire automatically after 5 minutes
  • OTPs are never stored in plain text
  • Each OTP can only be used once
  • Rate limiting prevents brute force attempts
  • Failed authentication attempts are logged and monitored
  • Account lockout after multiple failed attempts

While we strive to protect your information, no system is completely secure. We encourage you to:

  • Keep your phone number and email secure
  • Never share OTP codes with anyone
  • Report suspicious activity immediately
  • Use strong passwords where applicable

7. Your Rights and Choices

7.1 Access and Correction

You can access and update your information through your account settings or by contacting us.

7.2 Data Portability

You can request a copy of your data in a structured, machine-readable format.

7.3 Deletion

You can request deletion of your account and personal information, subject to legal requirements.

7.4 Marketing Opt-Out

You can opt-out of marketing communications:

  • Click "unsubscribe" in emails
  • Update preferences in account settings
  • Reply STOP to SMS messages

7.5 Cookie Preferences

You can manage cookie preferences through your browser settings or our cookie preference tool.

8. International Data Transfers

As we operate across West Africa, your information may be transferred between:

  • Nigeria
  • Ghana
  • Other countries where we operate

We ensure appropriate safeguards are in place for international transfers in compliance with applicable laws.

9. Children's Privacy

Our Services are not directed to children under 16. We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us immediately.

10. Regional Considerations

10.1 Nigeria

We comply with the Nigeria Data Protection Regulation (NDPR) and recognize your rights under Nigerian data protection laws.

10.2 Ghana

We comply with the Data Protection Act, 2012 (Act 843) of Ghana and respect your rights under Ghanaian law.

10.3 Other Jurisdictions

We respect applicable data protection laws in all countries where we operate.

11. Third-Party Services

Our Services may contain links to third-party websites and services. We are not responsible for their privacy practices. We encourage you to review their privacy policies.

12. Updates to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes through:

  • Email notification
  • In-app notifications
  • Notice on our website

Continued use of our Services after changes indicates acceptance of the updated policy.

13. Contact Information

Email: info@mynextable.com

Address: NexTable Limited, Lagos, Nigeria

This Privacy Policy is effective as of [Date] and supersedes all previous versions.