Tableau by Anwer Solangi

Privacy Policy

Effective: May 1, 2026  ·  Last updated: May 2026

Overview

This Privacy Policy explains how Anwer Solangi ("I", "my", or "me"), the individual developer of Tableau, collects, uses, and protects information when you use the Tableau restaurant management suite — including the Admin Mobile App, Admin Web Panel, and Customer Web Menu. By using any part of the Tableau suite, you agree to the practices described here.

Tableau is a restaurant management system built for two groups of users: (1) restaurant owners and staff who use the Admin Mobile App and Admin Web Panel to manage orders, menus, tables, and staff; and (2) restaurant customers who use the Customer Web Menu by scanning a QR code at their table — without creating an account or downloading any app.

The source code for the Tableau suite is also available for purchase on CodeCanyon. Developers and agencies who purchase and self-host the suite operate as independent data controllers for their own deployments and are responsible for maintaining their own privacy policies.

Who I Am

Tableau is designed, developed, and operated by Anwer Solangi, an independent software developer based in Karachi, Pakistan. I build and maintain all three applications in the Tableau suite — the Admin Mobile App, the Admin Web Panel, and the Customer Web Menu — as an individual, not as a registered company or studio.

This privacy policy is published at tableau.anwersolangi.com/privacy and applies to all applications in the Tableau suite. You can contact me at any time using the details in the section below.

For GDPR purposes, I act as the data controller for personal data collected through the Tableau suite. Third-party services listed in this policy (Firebase, AdMob, RevenueCat, ImageKit) act as data processors under their respective terms of service and data processing agreements.

Data We Collect

A. Restaurant Owners & Staff (Admin App / Admin Panel)

When you register and use the Tableau Admin Mobile App or Admin Web Panel, we collect:

  • Account information: Email address, display name, and profile photo — provided directly or via Google Sign-In.
  • Restaurant information: Restaurant name, description, logo, cover photo, operating hours, currency settings, and billing configuration.
  • Menu data: Food categories, item names, descriptions, prices, and item images uploaded via ImageKit.
  • Table data: Table names, capacity, QR codes, and current session status.
  • Order data: All order records including items ordered, quantities, special instructions, timestamps, order status history, and total amounts.
  • Staff data: Staff email addresses, display names, assigned roles, and active/inactive status.
  • FCM device tokens: Push notification device tokens stored to enable real-time order alerts — refreshed on each app launch and automatically removed on delivery failure.
  • Analytics data: Revenue summaries, order counts, and peak-hour aggregations derived from your order history.
  • Promotion data: Discount configurations, codes, usage counts, and validity periods.
  • Review data: Customer star ratings and written feedback associated with your restaurant.

B. Customers (Customer Web Menu — via QR scan)

Customers using the Customer Web Menu do not create accounts and are not required to provide any personal information. We collect only:

  • Anonymous session token: A Firebase anonymous authentication token created automatically per table session, used to associate orders with the correct table. This token is not linked to any personal identity.
  • Order data: Items selected, quantities, special instructions per item, and the table and restaurant the order belongs to.
  • Review data: Optional post-meal star ratings and written comments, submitted anonymously.
  • Waiter call events: A timestamp and table identifier when a customer taps the waiter call button.
No personal data is required from customers. The Customer Web Menu is intentionally designed to be completely anonymous — no name, no email, no account, no app download. Customers are identified only by their table session token for the duration of their visit.

C. Data Collected Automatically (All Users)

  • IP address: Collected automatically by Firebase, AdMob, and ImageKit for security, fraud prevention, and CDN routing. May be used to estimate general geographic location.
  • Device identifiers: Android Advertising ID (AAID) and iOS Identifier for Advertisers (IDFA), collected by Google AdMob for ad delivery and frequency capping. These can be reset or deleted via your device settings.
  • App usage data: Screens visited, features used, session duration, and crash/diagnostic reports — collected via Firebase and used to maintain and improve the service.
  • Purchase history: In-app subscription status and receipt validation data, processed via RevenueCat (see RevenueCat section below).

How I Use Your Data

  • To provide the service: Processing orders, sending push notifications, displaying menus, managing tables, staff access, and operating the restaurant management system.
  • To deliver advertising:Google AdMob uses device identifiers and usage data to serve relevant ads within the Admin Mobile App. You may opt out of personalised advertising at any time via your device's advertising settings.
  • To process subscriptions: RevenueCat validates App Store and Play Store receipts to grant and manage access to paid features within the app.
  • To deliver images via CDN:Images uploaded by restaurant owners (menu items, restaurant logos) are stored on and served through ImageKit's CDN infrastructure.
  • To maintain security: Detecting fraud, preventing abuse, and ensuring the integrity of order data and restaurant accounts.
  • To improve the service: Aggregated and anonymised usage analytics help us understand how the app is used and identify areas for improvement.
  • To send push notifications: FCM device tokens are used exclusively to deliver order alerts, status updates, and waiter call notifications to the correct staff devices.
  • To comply with legal obligations: Retaining records as required by applicable law and responding to lawful requests from authorities.

Third-Party Services

Tableau integrates several third-party services that collect or process data as part of their normal operation. Each service is disclosed below with the specific data it handles.

Google AdMob

Third-Party Processor

Purpose: Advertising — serves ads within the Admin Mobile App to support free-tier access. AdMob uses device identifiers and usage signals to deliver relevant ads and measure their performance.

Data collected or processed:

  • Android Advertising ID (AAID) / iOS IDFA — for ad targeting and frequency capping
  • IP address — to estimate geographic location for ad targeting
  • App usage interactions — to measure ad performance
  • Device information — manufacturer, model, OS version
  • Non-user-related crash logs — for SDK diagnostics
  • Coarse location (derived from IP) — for regional ad delivery
Google Privacy Policy →
Opt out of personalised advertising: On Android, go to Settings → Privacy → Ads → Opt out of Ads Personalisation. On iOS, go to Settings → Privacy & Security → Apple Advertising → Personalised Ads (off). You can also reset or delete your advertising ID entirely from the same settings menus.

All data collected by the Google Mobile Ads SDK is encrypted in transit using TLS. If your app targets child-directed audiences, the advertising ID is not transmitted and personalised advertising is disabled in compliance with COPPA and Google's Families Policy.

Google Firebase

Third-Party Processor

Purpose: Backend infrastructure — provides authentication, real-time database (Firestore), push notifications (FCM), and app analytics. Firebase is the primary backend for all three Tableau applications.

Data collected or processed:

  • Firebase Auth: email, display name, profile photo URL, UID, sign-in method
  • Firestore: all restaurant, order, menu, table, staff, and review data you create
  • Firebase Cloud Messaging (FCM): device push notification tokens
  • Firebase Analytics: app events, session duration, screen views (anonymised)
  • Crash Reporting: device model, OS version, and stack traces on crash
  • IP address: collected automatically on all Firebase requests
Firebase Privacy Information →

All Firestore data is stored in Google Cloud's infrastructure. Firestore security rules are configured to enforce role-based access — staff can only access the restaurant they belong to, and customers can only read their own session and orders. Analytics data is used only for aggregate reporting and is not shared with third parties for advertising.

RevenueCat

Third-Party Processor

Purpose: Subscription management — validates App Store and Google Play receipts, manages entitlements, and syncs subscription status across devices. RevenueCat acts as a data processor on our behalf.

Data collected or processed:

  • Anonymous App User ID — an anonymised identifier linked to your subscription (not your email or name unless you provide it)
  • Purchase history — App Store or Google Play receipt data for validation and fraud prevention
  • Subscription status — current plan, expiry, and entitlement state
  • App version and platform — iOS or Android, app version number
  • Device locale — for currency and regional pricing
RevenueCat Privacy Policy →
RevenueCat does not collect your name, email, or contact information unless you explicitly provide it. Purchase data is linked to an anonymous App User ID and is used solely for receipt validation and subscription management. RevenueCat is SOC 2 Type II certified and GDPR-compliant. To request deletion of your RevenueCat data, contact me and I will submit a deletion request via the RevenueCat dashboard.

ImageKit

Third-Party Processor

Purpose: Media CDN — stores and delivers all restaurant images (menu item photos, restaurant logos, cover photos) via a global Content Delivery Network with automatic format optimisation.

Data collected or processed:

  • Uploaded image files — menu item photos, logos, and cover images uploaded by restaurant owners
  • IP addresses — logged by the CDN for access and abuse prevention
  • Request metadata — image dimensions, format, transformation parameters
ImageKit Privacy Policy →

Images are uploaded from the server side via a signed authentication token — your ImageKit private key is never exposed to the browser or the mobile app. Uploaded images are publicly accessible via their CDN URL (required for the customer menu to display them). If you delete a menu item or restaurant, the associated images should be manually removed from your ImageKit media library.

Data Sharing

I do not sell your personal data. I share data only in the following circumstances:

  • With third-party processors: Firebase, AdMob, RevenueCat, and ImageKit receive data as described in the sections above, under their respective terms of service.
  • Within your restaurant:Staff members you invite can see order data, menu data, table data, and other operational information within your restaurant's scope — based on the role you assign them.
  • With legal authorities: I may disclose data if required to do so by law, court order, or in response to a valid request from a government authority.
  • In a business transfer: If I transfer or sell the Tableau product, user data may be transferred as part of that transaction, with notice provided to affected users beforehand.
  • With your explicit consent: For any other purpose not described here, I will ask for your consent before sharing your data.

Data Retention

  • Account data: Retained for as long as your account is active. Deleted within 30 days of account deletion request.
  • Restaurant and order data: Retained in Firestore for as long as your restaurant account is active. Deletion requests remove all associated Firestore documents.
  • FCM tokens: Automatically refreshed on each app launch and removed when delivery fails, indicating the token is no longer valid.
  • Anonymous customer session data:Order records are retained for the restaurant's records. The anonymous session token expires after the table session ends and cannot be used to re-identify a customer.
  • AdMob data:Governed by Google's data retention policies. Google may retain advertising identifiers for up to 60 days for fraud detection.
  • RevenueCat data: Purchase history is retained for the duration of your subscription and thereafter as required for receipt validation and legal compliance. Contact me to request deletion.
  • Uploaded images: Images stored on ImageKit remain until manually deleted from your ImageKit dashboard or via the API.

Children's Privacy

The Tableau Admin Mobile App and Admin Web Panel are intended for use by restaurant owners and staff who are 18 years of age or older. I do not knowingly collect personal information from children under 13 (or under 16 in the EEA).

The Customer Web Menu is designed for use by restaurant customers of any age, but it collects no personal data. All customer interactions are anonymous. If you are a parent or guardian and believe your child under 13 has provided personal data, please contact me immediately and I will delete it promptly.

In compliance with Google's Families Policy and COPPA, the Admin Mobile App does not serve personalised advertising to users identified as children or users of unknown age. The Android Advertising ID is not transmitted for child-directed requests.

GDPR — European Economic Area Users

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) and equivalent laws.

Legal Bases for Processing

  • Contract performance: Processing your account data, restaurant data, and order data is necessary to provide the Tableau service you signed up for.
  • Legitimate interests: Security monitoring, fraud prevention, and aggregate analytics are necessary for the legitimate interests of operating a safe and improving service.
  • Consent:Personalised advertising via AdMob is based on your consent, which you can withdraw at any time via your device's advertising settings.
  • Legal obligation: Retaining certain records as required by applicable law.

Consent for Advertising (EEA/UK/Switzerland)

Under the EU ePrivacy Directive and GDPR, users in the EEA, UK, and Switzerland must be given the opportunity to consent to personalised advertising before their advertising ID is used. The Admin Mobile App implements Google's User Messaging Platform (UMP SDK) to display a consent form to users in these regions on first launch. You can withdraw or update your consent at any time via the app's settings.

If you are in the EEA and have questions about my data processing or wish to exercise your rights, contact me at the address in the section.

CCPA — California Residents

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you specific rights regarding your personal information.

  • Right to know: You can request information about the categories of personal information I collect, the purposes for which I use it, and the categories of third parties with whom I share it.
  • Right to delete: You can request deletion of your personal information, subject to certain exceptions (e.g., data I am required to retain by law).
  • Right to opt out of sale: I do not sell your personal information. RevenueCat, the subscription processor, confirms it does not sell or share CCPA personal data.
  • Right to non-discrimination: I will not discriminate against you for exercising your CCPA rights.

To exercise any of these rights, contact me at the address below. I will respond within 45 days as required by CCPA.

Your Rights

Regardless of your location, you have the following rights in relation to your data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal data.
  • Deletion: Request deletion of your personal data and restaurant account. I will delete your Firestore data, Firebase Auth account, and submit deletion requests to RevenueCat within 30 days.
  • Portability: Request your data in a machine-readable format where technically feasible.
  • Objection: Object to processing based on legitimate interests, including profiling for advertising.
  • Withdraw consent: Withdraw consent for personalised advertising at any time via your device settings, without affecting the lawfulness of processing before withdrawal.
  • Complaint: Lodge a complaint with your local data protection authority if you believe I have not handled your data in compliance with applicable law.

Security

  • Encryption in transit: All data transmitted between your device and Firebase, RevenueCat, AdMob, and ImageKit is encrypted using TLS.
  • Firestore security rules: Role-based access control rules restrict what each user role can read or write. Restaurant data is fully isolated between accounts.
  • Server-side secrets: Private keys for Firebase Admin SDK and ImageKit are stored as server-side environment variables and are never exposed to the client or mobile app.
  • Anonymous customer sessions: Customer orders are linked only to an anonymous session token, not to any personally identifiable information.
  • FCM token hygiene: Push notification tokens are automatically rotated and invalid tokens are removed on failed delivery.

While I implement industry-standard security measures, no system is completely secure. If you discover a security vulnerability in the Tableau suite, please contact me responsibly at the address below rather than disclosing it publicly.

Changes to This Policy

I may update this Privacy Policy from time to time to reflect changes in practices, third-party services, or applicable law. When I make material changes, I will update the "Last updated" date at the top of this page and, where appropriate, notify registered users via push notification or email.

Continued use of the Tableau suite after a policy update constitutes your acceptance of the updated policy. I encourage you to review this page periodically.

Contact

If you have any questions, requests, or concerns about this Privacy Policy or how I handle your data, please reach out directly:

Anwer Solangi
Role: Independent Developer
Location: Karachi, Pakistan
I aim to respond to all privacy-related enquiries within 5 business days. For GDPR data subject access requests, I will respond within 30 days as required by law.

This policy was last updated in May 2026 and became effective on May 1, 2026. Prior versions of this policy are available upon request.

Note: This privacy policy is provided for informational purposes. It does not constitute legal advice. If you have specific legal concerns about data protection compliance in your jurisdiction, please consult a qualified legal professional.