GDPR & Your Rights

Controller vs. processor

When a restaurant uses Brite to manage its own guests’ bookings and orders, the restaurant is the data controller for that information and Brite acts as a processor on the restaurant’s behalf. For requests about guest data we may need to route your request to the relevant restaurant, who decides how that data is used.

What we do with your data

BritePOS itself does not sell or share your data with third parties for their own purposes. Card payments are handled by the restaurant’s chosen third-party payment processor (for example Stripe, Mollie, or PayPal); we cannot determine how those independent processors use data they collect directly, and their handling is governed by their own policies. See our Privacy Policy for the full detail.

Your rights under the GDPR

If you are in the EU/EEA or the UK, you have the right to:

• Access — obtain a copy of the personal data we hold about you.
• Rectification — have inaccurate or incomplete data corrected.
• Erasure — ask us to delete your personal data (“right to be forgotten”).
• Restriction — ask us to limit how we process your data.
• Object / opt out — object to processing of your personal data.
• Portability — receive your data in a portable, machine-readable format.
• Withdraw consent — where processing is based on consent, withdraw it at any time.
• Lodge a complaint — with your local data-protection supervisory authority.

How to opt out or make a request

Use the form below, or email privacy@britetele.com. We will verify your identity where appropriate and respond within the time required by applicable law (generally within one month). There is no charge for a request unless it is manifestly unfounded or excessive.

Submit a GDPR request

Complete the form and we’ll handle your request. For guest data held on behalf of a restaurant, tell us which restaurant you visited so we can route it correctly.