You can contact our Data Protection Officer at:
As soon as you visit the website or open the app, you send technical information to our web servers. This happens regardless of whether you make a reservation at a restaurant or whether you log in later using an account with us to use the platform. In each case we collect the following access data and web access data (which we refer to collectively as “access data”):
We process access data so that you and other users can use the platform and we can ensure the functionality of the platform. We also process access data to carry out performance analyses on the platform, continuously improve the platform and correct errors to ensure IT security and the operation of our systems, and to prevent or detect misuse, particularly fraud.
In addition, we process access data to adapt the platform to your needs (personalisation). To this end, we also assign you what is known as a “Unique User ID”. With this unique user ID, we can associate your bookings and other interactions.
In addition to the data we receive from all visitors, we also process other data. The exact volume of such data depends on how you use the platform. You can use the platform with or without creating a user account.
If you decide to create a user account and complete the registration form, we will process the following information:
However, you can also use the social login functions on our platform to create your user account. If you choose this feature, send us your user name on the social network of your choice (e.g. Facebook or Google), the e-mail address you use to log in to the social network, and, if applicable, the mobile phone number you have stored on the social network.
The data entered during registration is used for the purpose of providing the platform and informing you by e-mail of all information relevant to the platform or the registration, such as changes to the scope of the platform or technical circumstances.
Booking and reservation data
When you book or reserve, we also process your:
Please do not enter any sensitive personal information in the field “special preferences”.
We process such data in order to be able to handle your reservation, inform you about the status of your reservation, and customise the platform based on your previous reservations and bookings.
Evaluations and reviews
The platform offers you the possibility to use certain social functions: You can leave ratings and reviews for restaurants. You can also subscribe to comments and reviews from other users.
When you use these features, your IP address will be stored when you post a comment or rating. This is a protective measure for us in case someone publishes illegal content, comments and/or contributions (insults, forbidden political propaganda, etc.). In such cases, we must be able to determine the identity of the author, as legal action can be taken based on the content in the comments or posts.
If you would like to subscribe to the following comments, a confirmation email will be sent to confirm that you are actually the owner of the email address you entered. Subscriptions for comments can be deleted at any time. The confirmation e-mail contains the corresponding instructions.
If you wish to participate in our loyalty points program, additional data must be processed in order to provide this service to you. To this end, we will process your reservation and booking history in order to manage your loyalty points and offer you bonuses and other offers.
We do not process any sensitive details about card payments ourselves, but use secure payment providers who do this for us. The payment data you enter is encrypted in your browser by the payment provider in a way that only the payment provider can access, while we only receive non-sensitive data (payment method) and references that confirm that you have made a payment. We do not store any other payment information in our system.
Newsletters & promotional e-mails
If you wish to receive the newsletter, we need a valid email address and information that confirms that the subscriber is the owner of the email address or that the owner of the email address used for the subscription agrees to receive the newsletter. No further information is collected. This particular data is used exclusively for dispatch of the newsletter.
When subscribing to the newsletter, we store the IP address of the respective user and the date of the subscription. The storage of this data serves the sole purpose of proof in cases where a third party misuses an e-mail address and subscribes to the newsletter without the knowledge of the owner of the respective e-mail address.
Customer support requests
Perhaps you would like to ask our customer service for assistance or make a complaint. In this case, we will process your IP address and contact information as well as the content of your request in order to respond to your request.
Since our platform serves as an intermediary between you and the restaurant where you make your reservation, we also process data that we receive from our partner restaurants. Similarly, we may receive information from third party platforms where a reservation made by you on that third party platform is made by Quandoo. The data in question comprises:
We possibly process your data for additional purposes.
These include the following:
When processing your personal data, we rely on local data protection law and use your personal data only for the fulfilment of our services.
In this context, we refer in detail to the following legal foundations:
Fulfilment of our contractual obligations towards you
At the same time, the processing serves to make the platform available within the scope of performance under our contract with you. Accordingly, in most cases the processing is justified not only with your consent, but also because it is necessary to fulfil our contract with you. For example, if you make a reservation at a restaurant via our platform, we need to process the reservation data to secure your reservation.
Our legitimate interests
There are also cases in which we would be entitled to process your data without your consent if this is necessary to protect our legitimate interests (or those of third parties). In this respect, the purposes described above, for which we process your data, in many cases also represent legitimate interests. This means that we may process the data necessary to ensure the security of our IT systems in any case, even if you have not given or withdrawn your consent to such processing. This also refers to the prevention of abuse of our platform or the personalisation of advertising for your interests (referred to as direct marketing).
In addition, we are required by law to provide certain information to the law enforcement or tax authorities upon request in individual cases.
We treat your personal data with care and confidentiality and pass such data on to third parties only to the extent described below and no further. We only transmit data to public authorities if there is a legal obligation to do so as a result of a request for information from the competent authority.
Beyond statutory obligations to public authorities, we will only share your information with other users of the platform, with our third-party providers who assist us in providing the platform, or within the Quandoo Group of Companies.
Other users of the platform
We transfer the booking and reservation data via the platform to our partner restaurants to enable reservations to be made at their restaurants. We also share your loyalty points with the restaurants to ensure the smooth running of these programs. Restaurants will receive your account information (except your password) and any ratings or reviews you enter into the platform’s system. Ratings and reviews will also be published on the platform so that they can be seen by all remaining users (including visitors without an account on the platform).
Other third parties
Within the Quandoo Group of Companies
We are part of a worldwide group of affiliated companies of Quandoo GmbH, KulturBrauerei, Schönhauser Allee 36, 10435 Berlin, Germany (“Quandoo DE”). Quandoo DE itself is a wholly owned subsidiary of Recruit Holdings Co., Ltd, 8-4-17 Ginza, Chuo-ku, Tokyo 104-0061 Japan (“Recruit”). Accordingly, we are obliged to provide Quandoo DE or Recruit with certain information either in accordance with legal reporting requirements or in the normal course of business as a global company. As a rule, all business intelligence data is anonymised to ensure that your right to privacy is respected. However, Quandoo DE or Recruit may also have access to personal, non-anonymised information, such as an internal audit or an audit required by public authorities.
We process and store your personal data as long as this is necessary for compliance with our contractual or statutory obligations. We therefore store the data as long as our contractual relationship with you exists and after termination only to the extent that and as long as the applicable laws require. All other data will be deleted immediately when you log out of the platform. If the remaining data is no longer required for fulfilment of such obligations, then the data in question will be deleted regularly unless further processing thereof is necessary for the preservation of evidence or for legal claims subject to the statute of limitations.
We use your data to optimise your Quandoo browser experience. This means that we use your data to provide you with a personalised platform based on your personal preferences and interests and to create customised offers based on your previous behaviour patterns. For example, the IP address of your computer is used to identify your geographic location and provide you with localised content in your language. We can make suggestions and offers for new restaurants based on the restaurants you have previously viewed or booked through our platform. However, we will never process and analyse your personal data in the course of profiling in such a way that this leads to an automated decision that is legally valid for you or that significantly affects you in a similar manner.