Skip to content
CultureTable
Sign in

Legal · Privacy Policy

Privacy Policy

Last updated

We collect what we need to host a dinner well, and nothing more. We don't sell or rent your data, and we don't run advertising. This page lists every place your data flows.

What we collect

  • Account profile: name, email, phone (optional), bio, dietary tags + notes, spice tolerance, profile photo, locale, timezone.
  • Reservations: which dinner, which night, status, party-of-one or partner-link pair, dietary snapshot at RSVP time, payment confirmation reference (we record the method + reference number; we do not store card numbers).
  • Reviews and comments: star ratings, testimonials, per-dish notes, comment threads — all attributed to your account.
  • Catering inquiries: name, email, phone, event details you provided.
  • Newsletter: email + name + opt-in source. Bounces and engagement metrics if you open or click an email.
  • Operational logs: request IDs, IP addresses, user-agent strings, audit-log rows for admin actions. Used for debugging and security investigations; auto-pruned over time.

Where it lives

  • Cloudflare D1 (SQLite) — primary database. Region: ENAM (Eastern North America). Data is encrypted at rest by Cloudflare.
  • Cloudflare R2 — profile photos, dinner photography, pamphlet uploads. Public read; no listing, paths are not indexed.
  • Cloudflare Workers — the application itself. Runs on Cloudflare's edge.
  • Cloudflare Web Analytics — aggregate page views. Cookieless, no fingerprinting, no cross-site tracking.
  • Postmark — transactional email (RSVP confirmations, login codes, invites) and newsletter sends. They retain a copy of each email for ~45 days for delivery debugging.

What we don't do

  • We don't sell, rent, or trade your data.
  • We don't run third-party ad tracking. There are no Facebook pixels, Google Ads tags, or similar tags on the site.
  • We don't profile you for retargeting or for lookalike audiences.
  • We don't share dietary data, partner-link information, or per-dish reviews with anyone outside the host team. Per-dish reviews are explicitly internal.

Cookies

We set two cookies, both strictly necessary for the site to function — no consent banner is required because neither tracks you across sites or for advertising:

  • ct_session — your authentication session (JWT, HttpOnly + Secure, SameSite=Lax). Lets you stay signed in.
  • ct_csrf — CSRF defense token used to validate state-changing form submissions.

Email

Two streams: transactional (RSVP confirmations, password resets, invites — we send these regardless of marketing preferences because they're operational) and newsletter (broadcasts you opt into). Every newsletter has a one-click unsubscribe at the bottom. Unsubscribing only affects newsletters, not transactional mail tied to a reservation or account action you initiated.

Your rights

Whether you live in a jurisdiction that grants statutory data rights (GDPR, CCPA, etc.) or not, the same rules apply here:

  • Access — write to us and we'll give you everything we have on you, in JSON.
  • Correction — fix it yourself on your profile, or write to us.
  • Deletion — write to us. We will deactivate your account immediately, anonymize your reviews and comments (or delete them at your preference), and purge personal fields within 30 days. Some operational records (audit logs, payment confirmation references) are retained for one year for tax/dispute reasons, then purged.
  • Portability — request an export and we'll send a JSON archive.
  • Objection — opt out of newsletters via the unsubscribe link, or write to us.

Children

CultureTable is not intended for users under 18. We do not knowingly collect data from anyone under 18.

Changes

Material changes to this policy will be announced via the newsletter and an in-site banner before taking effect. The "last updated" stamp above always reflects the current version.

Contact

culturetable@menz0.com for any of the rights above, any questions, or any concern. We respond within a few days, usually faster.