Privacy Policy

Last Updated: April 9, 2026  |  Effective Date: April 9, 2026

1. Who We Are

This Privacy Policy is issued by Astarte Technologies (operating as “Astarte”, “we”, “us”, or “our”), a corporation registered in the Province of Alberta, Canada. We operate a QR-based restaurant payment and analytics platform under the domain astarte.ca.

Our designated Privacy Officer can be reached at privacy@astarte.ca or cade@astarte.ca. Our mailing address is: Calgary, Alberta, Canada.

This Policy is governed by the Personal Information Protection and Electronic Documents Act (PIPEDA), Alberta’s Personal Information Protection Act (PIPA), and — where applicable — Quebec’s Act respecting the protection of personal information in the private sector (Law 25 / Bill 64).

2. Scope of This Policy

This Policy applies to all personal information collected, used, and disclosed by Astarte in connection with the operation of the Astarte platform. It covers two distinct groups of individuals:

Restaurant Owners and Staff (“Merchants”)

Individuals and businesses that register for an Astarte account to manage their restaurant’s QR payment flow, menu, analytics, and customer interactions. Merchants enter into a direct relationship with Astarte and bear primary responsibility for their own compliance when collecting customer data through the platform.

Restaurant Customers (“Customers”)

Individuals who scan a QR code at a participating restaurant table to view their bill, select a tip, split payment, browse the menu, or submit feedback. Customers interact with Astarte’s platform ephemerally — we minimize data collection and never require account creation.

This Policy does not apply to third-party services integrated with Astarte (such as Helcim for payment processing) that have their own privacy policies. We encourage you to review those policies independently.

3. Information We Collect

3.1 — From Restaurant Owners and Staff

• Account information: Full name, business email address, and phone number, collected at registration.
• Restaurant details: Restaurant name, civic address, province, and CRA tax registration number (for tax configuration purposes).
• Helcim API credentials: API login and API token provided by the Merchant’s Helcim account. These credentials are stored encrypted at rest and are never written to application logs or transmitted in plaintext.
• Usage and activity data: Login timestamps, dashboard navigation events, feature usage, device type, browser version, and IP address.
• Billing and plan data: Invoice history, current subscription plan, and billing status. Astarte does not store or process credit card information for Merchant billing — invoices are paid separately.

3.2 — From Restaurant Customers

• Email address (optional): Collected only if you voluntarily provide it for the purpose of receiving a digital receipt. You are never required to provide your email. If provided, it is used solely to send a single receipt email.
• Payment information: All payment card data (card number, PAN, CVV, expiry) is processed exclusively and directly by Helcim Inc. via their HelcimPay.js hosted payment iframe. Astarte never sees, stores, transmits, or logs any card data whatsoever. Astarte is not a payment service provider and is not in the payment data flow.
• Transaction details: Tip amount, transaction total, and payment method type (e.g., credit, Interac EFT, Google Pay) — used for receipt generation and restaurant analytics.
• Table number: The table identifier associated with your QR code scan, used to link your payment to the correct restaurant session.
• Language preference: The language you select or that is inferred from your browser, used to display the interface in your preferred language. Stored per-session only.
• Device and browser information: Device type (mobile, tablet, desktop) and browser version, collected for session analytics and to optimize the mobile-first customer experience.
• Feedback: Any star rating or written feedback voluntarily submitted after a transaction. Feedback is provided to the restaurant and included in aggregate analytics.

4. How We Use Your Information

We collect and use personal information only for the purposes for which it was collected, consistent with the reasonable expectations of the individual, and as permitted by applicable Canadian privacy law.

• Platform operation: To create and maintain Merchant accounts, authenticate users, configure restaurant settings, and deliver the core QR payment and management functionality.
• Payment facilitation: To initiate a Helcim checkout session on behalf of the Merchant. Astarte passes a checkout token to the customer’s browser — card data flows directly between the customer and Helcim and never passes through Astarte’s servers.
• Receipt delivery: To send a transaction receipt to a Customer’s email address, if voluntarily provided. Receipt emails are sent once and the email address is not used for any other marketing or communications purpose.
• Merchant communications: To send daily and weekly summary emails to restaurant owners containing aggregated transaction data, tip totals, peak hours, language breakdown, and AI-generated insights. Owners may manage notification preferences from their dashboard.
• Analytics and insights: To generate restaurant-level analytics including revenue trends, peak hours, and language demographics. Analytics are aggregated at the restaurant level and do not identify individual customers.
• Menu translation: To translate restaurant menu item names into French, Arabic, Simplified Chinese, and Punjabi. Only menu item text is sent to our translation partner (DeepL SE) — no personal data is included.
• Security and fraud detection: To detect and prevent unauthorized access, abuse, and fraudulent activity on the platform.
• Legal compliance: To meet our obligations under applicable Canadian law, including tax reporting and record-keeping requirements.
• Product improvement: To understand feature usage and improve the platform using aggregated, non-identifying usage data.

5. Information Sharing and Disclosure

Astarte does not sell, rent, or trade your personal information to any third party for commercial or marketing purposes. We share personal information only as described below.

• Helcim Inc. (Calgary, Alberta, Canada) — Our payment processing partner. Helcim is PCI DSS Level 1 certified and processes all customer card payments directly. Astarte shares only the minimum information required to create a checkout session (e.g., transaction amount, currency). Helcim’s privacy policy governs all card data they process: helcim.com/legal/privacy.
• DeepL SE (Cologne, Germany) — Our menu translation partner. Only menu item names (plain text) are transmitted to DeepL for translation into supported languages. No personal data — no names, emails, or payment information — is ever sent to DeepL. DeepL SE operates under the EU General Data Protection Regulation (GDPR) and EU-Canada Standard Contractual Clauses, providing an adequate level of protection for any data transferred outside Canada.
• Oracle Cloud Infrastructure (Toronto, Ontario, Canada) — Our cloud hosting provider. All platform data is hosted exclusively in the ca-toronto-1 region, meaning your data remains on Canadian soil. Oracle’s data processing terms apply to infrastructure-level access.
• Law enforcement and legal process: We may disclose personal information to government authorities, law enforcement agencies, or courts where required by a valid court order, search warrant, subpoena, or other lawful legal process under Canadian law. We will notify affected individuals to the extent permitted by law.
• Business transfers: In the event of a merger, acquisition, or sale of all or substantially all of Astarte’s assets, personal information may be transferred to the successor entity, subject to equivalent privacy protections and notice to affected individuals.

6. Data Retention

We retain personal information only as long as necessary for the purposes for which it was collected, or as required by law. Our retention schedule is as follows:

• Merchant account data (name, email, restaurant details): Retained while the account is active, plus 7 years following account termination to satisfy Canadian federal and provincial accounting and tax record-keeping requirements.
• Transaction data (amounts, tips, payment method type, table number): Retained for 7 years from the transaction date, as required by the Income Tax Act (Canada) and applicable provincial tax regulations (CRA requirement).
• Personal profile data (Merchant account name, email, restaurant details): Retained while the account is active, then 90 days after account closure, after which personal profile fields are permanently purged. Financial records required by law (e.g., invoices) are retained for 7 years.
• Customer email addresses: Retained for 90 days following the transaction for which the email was provided (to allow for receipt re-delivery if needed), then permanently purged from our systems.
• Audit logs (security-sensitive actions such as payments, refunds, and authentication events): Retained for 2 years to support fraud investigation and legal compliance.
• Session data and access logs: Retained for 30 days after session expiry on a rolling basis, then automatically purged.
• Aggregated analytics data (restaurant-level revenue, tip averages, peak hours, language breakdown): Retained indefinitely. This data contains no personal information and cannot be used to identify any individual.

7. Your Rights Under PIPEDA and Alberta PIPA

Subject to applicable exceptions under PIPEDA and Alberta’s Personal Information Protection Act (PIPA), you have the following rights with respect to your personal information:

• Right of access: You may request access to the personal information we hold about you, along with information about how it has been used and disclosed.
• Right to correction: You may request that we correct any personal information that is inaccurate, incomplete, or out of date.
• Right to withdraw consent: Where we rely on your consent as the legal basis for processing your personal information, you may withdraw that consent at any time. Withdrawal may limit our ability to provide certain services. Note that withdrawal does not affect processing carried out prior to withdrawal, and does not apply where processing is required by law.
• Right to complain: You have the right to file a complaint with the Office of the Privacy Commissioner of Canada (OPC) at www.priv.gc.ca, or with the Office of the Information and Privacy Commissioner of Alberta (OIPC) at www.oipc.ab.ca.

To exercise any of these rights, please contact us at privacy@astarte.ca. We will respond to verified requests within 30 days. We may require proof of identity before processing a request.

8. Quebec Residents — Additional Rights Under Law 25

If you are a resident of Quebec, you benefit from additional rights under the Act respecting the protection of personal information in the private sector (Law 25, as amended by Bill 64), which took effect in phases between 2022 and 2023.

• Right to data portability: You may request that we provide you with a copy of your personal information in a structured, commonly used, technological format that allows re-use. This right applies to information you have provided to us directly.
• Right to be informed of automated decision-making: Where we make decisions about you exclusively through automated means (including AI-generated insights that affect your Merchant account), you have the right to be informed of this and to request human review.
• Right to de-indexation: Where applicable, you may request the removal or suppression of personal information about you from publicly accessible or search-indexed sources.
• Right to withdraw consent for sensitive uses: Quebec residents have an explicit right to withdraw consent to the collection, use, or disclosure of sensitive personal information at any time.

To exercise any Quebec-specific rights, please contact privacy@astarte.ca with the subject line “Quebec Law 25 Request.” We will acknowledge receipt within 10 business days and respond fully within 30 calendar days.

9. Security Measures

Astarte implements administrative, technical, and physical safeguards appropriate to the sensitivity of the personal information we hold.

• Encryption in transit: All communications between your browser and the Astarte platform are encrypted using TLS 1.3.
• Encryption at rest: The database hosting personal information is encrypted at rest using AES-256 through Oracle Cloud Infrastructure’s block storage encryption.
• Authentication security: Access tokens expire after 15 minutes. Refresh tokens expire after 30 days. Bcrypt hashing (cost factor 12) is used for all stored passwords. A token blacklist prevents reuse of revoked credentials.
• API credential protection: Helcim API credentials stored in our database are encrypted before storage and are never written to application logs or error reports.
• Access controls: Employees and contractors with access to personal data are granted minimum necessary access and are bound by confidentiality agreements.
• Security audits: We conduct regular security reviews and vulnerability assessments of our platform.
• Breach notification: In the event of a breach of security safeguards involving personal information that poses a real risk of significant harm, Astarte will notify affected individuals and the Office of the Privacy Commissioner of Canada (OPC) within 72 hours of becoming aware of the breach. Notification will also be made to the appropriate provincial privacy commissioner as required by applicable law. Breach records are maintained for a minimum of 24 months.

10. Cookies and Local Storage

Astarte does not use advertising cookies, third-party tracking cookies, or cross-site tracking technologies of any kind.

• localStorage (access tokens): Merchant access tokens and refresh tokens are stored in the browser’s localStorage for session management. This data is local to your browser and is never transmitted to third parties.
• Session state: Temporary session state for the customer payment flow (e.g., selected tip amount, split configuration) is stored in memory or sessionStorage and is discarded when you close your browser tab.
• No analytics trackers: We do not use Google Analytics, Meta Pixel, or any third-party behavioural analytics scripts.
• No advertising: Astarte does not serve advertisements and does not share any data with advertising networks.

11. Children’s Privacy

The Astarte platform is not directed at individuals under 18 years of age. We do not knowingly collect personal information from minors. If you believe that a minor has submitted personal information to us without appropriate parental consent, please contact us at privacy@astarte.ca and we will promptly delete that information.

12. Cross-Border Data Transfers

The majority of personal information collected by Astarte is stored and processed on servers located in Canada (Oracle Cloud ca-toronto-1, Toronto, Ontario).

A limited cross-border transfer occurs when menu item text (not personal data) is sent to DeepL SE in Germany for translation. DeepL is subject to European GDPR standards and does not retain submitted text beyond the processing of the translation request, per their data processing agreement.

When personal information is transferred outside Canada, we take steps to ensure it receives comparable protection as required by PIPEDA Principle 4.1.3.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, applicable law, or platform features. For material changes — those that meaningfully affect how we collect, use, or share personal information — we will:

• Notify all registered Merchant account holders by email at least 30 days before the changes take effect.
• Update the “Last Updated” date at the top of this Policy.
• Post a notice on the Astarte platform dashboard for the 30-day notice period.

Your continued use of the Astarte platform after the effective date of any updated Policy constitutes your acceptance of the revised terms. If you do not agree with the changes, you must stop using the platform and request account termination.

14. Commercial Electronic Messages (CASL)

We send commercial electronic messages (CEMs) — including daily revenue summaries and monthly invoices — only to restaurant owners and managers who have registered for the Astarte platform. By registering, you provide express consent under Canada’s Anti-Spam Legislation (CASL). You may withdraw consent and unsubscribe from non-transactional messages at any time by:

• Clicking the unsubscribe link in any commercial electronic message; or
• Emailing cade@astarte.ca with subject line “Unsubscribe.”

Transactional messages (receipts, payment confirmations, security alerts, and account-critical notices) cannot be opted out of while you have an active account, as they are necessary for the operation of the Service and do not require consent under CASL.

15. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or your personal information, please contact our Privacy Officer:

• Privacy inquiries: privacy@astarte.ca
• General contact: cade@astarte.ca
• Mailing address: Astarte Technologies, Calgary, Alberta, Canada

You also have the right to contact the Office of the Privacy Commissioner of Canada (www.priv.gc.ca) or the Office of the Information and Privacy Commissioner of Alberta (www.oipc.ab.ca) if you believe your privacy rights have been violated.