Privacy Policy
Effective date: 8 June 2026
1. About this policy
Windsor Digital Pty Ltd ("Windsor Digital", "we", "us") operates an online ordering platform for independent hospitality venues in Australia. This Privacy Policy explains how we collect, use, disclose, and protect your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
This policy applies to all users of our platform, venue owners, staff members, and customers placing orders.
2. What personal information we collect
Customers
- Name (required to identify your order for pickup)
- Email address (optional, only collected if you want a receipt)
- Order contents, total amount, and order time
- Table number (if ordering from a dine-in table)
- Date of birth, only when your order includes alcohol, collected to support age verification (see Section 5a)
- Order notes and special requests you choose to enter
Venue owners & staff
- Name and email address (for account registration)
- Business name, address, phone, ABN, and trading hours
- Stripe payment account information (managed by Stripe, see Section 6)
We do not collect credit card numbers or payment card data. All payments are processed by Stripe. Windsor Digital never sees or stores your full card details.
3. How we collect personal information
- Directly from you when you place an order or register an account
- Automatically through our platform when you use our services (e.g. page views for aggregate analytics; IP address for security and rate-limiting)
We do not collect personal information from third parties unless you have authorised that collection or we are required to by law.
4. Why we collect and use personal information
| Purpose | Information used |
|---|---|
| Fulfilling your order | Name, order contents, table number |
| Sending your receipt | Email address (only if provided) |
| Processing payment | Passed to Stripe (we do not store card data) |
| Age-verification support for alcohol orders | Date of birth (alcohol orders only) |
| Operating the venue dashboard | Venue owner name, email, business details |
| Security and abuse prevention | IP address, request metadata (rate-limiting) |
| Platform analytics (aggregate, not personal) | Anonymous page views, order counts |
| Legal and compliance obligations | Order records (retained for tax purposes) |
We use customer information only for the purpose it was provided or a directly related purpose you would reasonably expect. We do not use customer email addresses for marketing.
5. Data retention
We minimise the personal information we retain in accordance with APP 11 (security of personal information):
- Customer names, email addresses, and dates of birth are automatically de-identified 90 days after your order is placed, replaced with generic identifiers that cannot be linked back to you. We do not use customer email addresses for marketing.
- Order financial records (items ordered, totals, and transaction IDs) are retained for 5 years to satisfy Australian tax record-keeping requirements under the Income Tax Assessment Act 1997. These records do not contain personal contact details after de-identification.
- Venue owner account data is retained while the account is active. Upon account deletion, personal data is removed; order totals and financial records are retained for tax compliance.
You may request deletion of your personal information at any time by contacting management@windsordigital.com.au. Deletion requests are subject to our legal retention obligations for financial records.
5a. Alcohol and age verification
If a venue offers alcohol, we collect your date of birth at checkoutas a supporting record for the venue's legal age-verification obligation. Final age verification occurs at handover, when the venue's staff sight valid photo identification. We do not use your date of birth for any other purpose. It is stored only against your order (and as a salted, non-reversible hash in our liquor compliance audit log) and is de-identified on the same 90-day cycle as your other details.
6. Third-party service providers
We share personal information with the following providers only to the extent necessary to operate our platform:
- Stripe, payment processing. Customer payment data is handled directly by Stripe and subject to Stripe's Privacy Policy. Stripe is certified PCI-DSS Level 1.
- Supabase, database hosting. Data is stored in servers located in Australia (ap-southeast-2, Sydney).
- Resend, transactional email delivery for order receipts.
- Vercel, platform hosting and content delivery.
- Stack Auth, user authentication and session management for venue owner and staff accounts.
- Anthropic, AI menu-photo import. A venue may upload a menu photo, which is processed by the Claude Vision API to draft menu items.
- Upstash, rate-limiting and abuse prevention (processes IP addresses).
We do not sell your personal information to third parties. We do not share your information with advertising networks.
7. Overseas disclosure
Some of our service providers are located, or process data, overseas, primarily the United States (Stripe, Resend, Vercel, Stack Auth, and Anthropic). Our database hosting (Supabase) is onshore in Sydney, Australia.
Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure the recipient handles it consistently with the Australian Privacy Principles (for example, through each provider's data-processing agreement), and we remain accountable for that information. By providing your personal information you acknowledge it may be disclosed to recipients in the countries named above.
8. Security
We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access. These steps include:
- Encrypted data transmission (HTTPS/TLS)
- Access controls limiting data access to authorised personnel
- Database-level security using Supabase Row Level Security
- Length limits and validation on user-submitted fields
- No storage of card numbers or payment credentials
No method of electronic transmission is completely secure. In the event of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme.
9. Marketing and newsletter
If you opt in to our newsletter (for example, via our marketing website), we collect your email address to send you updates about Windsor Digital. This is separate from order receipts. You can unsubscribe at any time using the link in any newsletter email or by contacting us. We do not add ordering customers to a marketing list.
10. Your rights under the Australian Privacy Principles
You have the right to:
- Access the personal information we hold about you
- Correct personal information that is inaccurate, out of date, or incomplete
- Request deletion of your personal information (subject to our legal retention obligations)
- Complain about a breach of the APPs
To exercise any of these rights, contact us at management@windsordigital.com.au. We will respond within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner.
11. Cookies and tracking
Our platform uses cookies and local browser storage only for essential functions such as maintaining your session and cart state. We do not use third-party advertising cookies or cross-site tracking.
12. Collection notice
At the point we collect your information (checkout and account sign-up) we also provide a short notice of who we are, why we collect it, the third parties and overseas recipients it may be disclosed to, and the consequences if it is not provided (for example, we cannot process your order or support age verification). That notice links back to this policy.
13. Changes to this policy
We may update this Privacy Policy from time to time. The effective date at the top of this page indicates when the policy was last revised. Continued use of our platform after changes are posted constitutes acceptance of the revised policy. For material changes, we will notify venue owners via email.
14. Contact us
Windsor Digital Pty Ltd
Australia
Email: management@windsordigital.com.au