TableHop

TableHop Privacy Policy

Effective Date: May 14, 2026 Last Updated: May 19, 2026

1. Introduction

TableHop ("we", "us", "our") operates the website https://thetablehop.com (the "Service"). This Privacy Policy explains what information we collect, how we use it, and the choices you have regarding your information.

By using TableHop, you agree to the collection and use of information in accordance with this policy.

If you have any questions, please contact us at contact@thetablehop.com.

2. Information We Collect

2.1 Information You Provide

When you create an account or use TableHop, we collect:

  • Email address — used for account identification, authentication, password recovery, and communication
  • Password — stored as a one-way hashed value; we never see or store your plain-text password
  • Display name — your first name, last name, or username (whichever you provide during signup or import from Google OAuth)
  • Profile information from Google Sign-In — if you sign in with Google, we receive your name, email address, and profile picture URL from Google. We do not access your contacts, calendar, files, or any other Google data.
  • Interests — the hobby categories you select during onboarding (e.g., Pokémon, Sports Cards, Magic: The Gathering)
  • Saved events — the events you mark as saved to your account
  • Photos — images you choose to upload to event pages
  • Reviews and ratings — text content and star ratings you submit for events
  • Phone number — optionally provided in your account preferences for future text notifications (we do not currently send text messages)
  • Email preferences — your subscription status for digest emails and event reminder emails
  • Payment usernames/handles — if you are a promoter or vendor using table booking, the peer-payment app usernames you choose to provide (for example, Venmo, Cash App, PayPal, or Zelle) so the other party can pay you or identify a payment. TableHop does not process these payments; it only stores the handle so it can be shown to the other party. See the "Vendor Table Booking and Peer Payments" section of our Terms of Service.
  • Payment confirmation screenshots — if you are a vendor, an optional image of your payment confirmation that you upload for the promoter to verify. These are stored privately and shared only with the relevant promoter and TableHop staff.

2.2 Information We Collect Automatically

When you visit TableHop, we automatically collect:

  • Log data — your IP address, browser type, operating system, pages visited, and timestamps
  • Cookies and session data — used to keep you signed in and remember your preferences
  • Anonymized analytics — via Vercel Web Analytics and Speed Insights, which are cookieless and do not track individuals across sites

We do not use third-party advertising cookies, retargeting pixels, or behavioral tracking.

2.3 Information from Third Parties

If you sign in via Google, we receive the basic profile information you authorize Google to share with us. We do not purchase or receive personal data from data brokers.

3. How We Use Your Information

We use the information we collect to:

  • Create and maintain your account
  • Authenticate you when you sign in
  • Personalize event recommendations based on your stated interests
  • Send you transactional emails (account confirmations, password resets, security notices)
  • Send you optional engagement emails (weekly digests, event reminders for saved events) — you can disable these at any time at https://thetablehop.com/my/preferences
  • Display your photos and reviews on event pages after admin moderation
  • Provide customer support
  • Detect, prevent, and address fraud, abuse, or technical issues
  • Improve the Service through aggregated, anonymized usage analysis
  • Comply with legal obligations

We do not sell your personal information to anyone. We do not share your personal information with advertisers.

4. How We Share Your Information

We share limited information only with the following categories of recipients:

4.1 Service Providers

We use the following third-party services to operate TableHop. Each receives only the data necessary to perform their function.

  • Supabase — database and authentication infrastructure (stores your account, profile, saved events, photos, and reviews)
  • Vercel — website hosting and analytics (processes web requests; analytics are anonymized)
  • Resend — transactional email delivery (sends digest, reminder, and authentication emails)
  • Google Maps Platform — displays event locations on maps within the Service
  • US Census Geocoder — converts event street addresses to map coordinates (no user data shared; only public address data)
  • Google OAuth — optional sign-in provider (Google receives your sign-in attempts only)

Each service has its own privacy policy. We have agreements with these providers to limit their use of your data to providing services to us.

4.2 Public Display

The following information is publicly visible to other users and visitors:

  • Reviews and star ratings you submit (associated with your first name or initials)
  • Photos you upload after admin approval (associated with your first name or initials)
  • Your saved-event count in aggregate (e.g., "5 people saved this event") — never identifying who specifically saved an event

Your email address, full name (unless you've made it public), password, phone number, saved events list, and email preferences are not publicly visible.

4.3 Legal Requirements

We may disclose your information when required by law, subpoena, or court order, or when we believe in good faith that disclosure is necessary to:

  • Comply with legal obligations
  • Protect TableHop's rights, property, or safety
  • Protect the rights, property, or safety of other users or the public
  • Investigate fraud or security issues

We will, where legally permitted, notify you before complying with such requests.

4.4 Business Transfers

If TableHop is acquired, merged, or otherwise transferred, your information may be transferred to the successor entity, subject to the same privacy protections in this policy.

5. Cookies

We use cookies to enable essential site functionality (keeping you signed in, remembering your preferences) and, with your consent, to understand how people use TableHop and improve the product. We use the following types of cookies and similar technologies:

  • Essential cookies — required for you to sign in and use the Service (session tokens). You cannot disable these without disrupting the Service.
  • Preference cookies — remember your settings (e.g., theme, sort order) between visits.
  • Anonymous analytics — Vercel Web Analytics and Speed Insights measure page views, aggregate visitor counts, and page performance metrics without identifying individuals or tracking across sites. We only load Vercel Web Analytics after you have accepted analytics in our cookie banner.
  • Session replay — anonymized session recordings via Sentry, used only to diagnose errors. Off by default; loaded only after you have accepted session replay in our cookie banner.

We do not use advertising cookies, third-party trackers, fingerprinting, or behavioral retargeting.

You can change your cookie preferences at any time via our Cookie Policy, which lists each cookie we use, what it does, and how to opt out. You can also clear or disable cookies through your browser settings, but doing so may prevent you from using parts of the Service.

6. Data Security

We implement industry-standard security measures, including:

  • HTTPS / TLS encryption for all data in transit
  • Password hashing via bcrypt
  • Database-level Row-Level Security policies (RLS) so users can only access their own data
  • Regular security audits of dependencies and configurations
  • Restricted access to production systems
  • Bucket-level access controls on user-uploaded content (photos)

No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

If we become aware of a security breach affecting your personal information, we will notify you in accordance with applicable law.

7. Data Retention

We retain your information for as long as your account is active. If you delete your account, we will delete or anonymize your personal information within 30 days, except:

  • Information we must retain to comply with legal obligations (e.g., tax, fraud prevention)
  • Anonymized aggregate data that cannot be linked back to you
  • Content (photos, reviews) you contributed publicly, unless you specifically request its deletion

You may request account deletion or data export at any time by emailing contact@thetablehop.com.

8. Your Rights and Choices

Regardless of where you live, you have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate or incomplete information
  • Delete your account and associated information
  • Object to certain uses of your information
  • Restrict processing of your information
  • Withdraw consent for optional communications at any time (via the unsubscribe link or your account preferences)

To exercise any of these rights, contact us at contact@thetablehop.com. We will respond within 30 days.

9. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • The right to know what personal information we collect, use, and share
  • The right to delete personal information we have collected
  • The right to correct inaccurate personal information
  • The right to limit use and disclosure of sensitive personal information
  • The right to opt out of the sale or sharing of personal information (we do not sell or share personal information in the sense defined by these laws)
  • The right not to be discriminated against for exercising these rights

We do not sell your personal information. We do not share it for cross-context behavioral advertising.

To exercise your California rights, email us at contact@thetablehop.com with the subject line "California Privacy Rights Request." We will verify your identity and respond within 45 days.

10. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

  • Right to access — receive a copy of your personal data
  • Right to rectification — correct inaccurate or incomplete data
  • Right to erasure ("right to be forgotten") — delete your data subject to certain exceptions
  • Right to restrict processing — limit how we use your data
  • Right to data portability — receive your data in a structured, machine-readable format
  • Right to object — to processing based on legitimate interests
  • Right to lodge a complaint — with your local data protection authority

Legal basis for processing: We process your data based on (a) consent, where required (e.g., optional emails); (b) the necessity to perform our contract with you (account creation and Service delivery); and (c) our legitimate interests in operating, securing, and improving the Service.

International transfers: Your data is processed and stored in the United States, primarily through Supabase (us-east-2) and Vercel (multiple US regions). Where data is transferred from the EU/UK to the US, we rely on Standard Contractual Clauses or equivalent safeguards.

To exercise your GDPR rights, email us at contact@thetablehop.com. We will respond within 30 days.

11. CalOPPA Compliance

In compliance with the California Online Privacy Protection Act (CalOPPA):

  • We do not collect personally identifiable information without your knowledge
  • Users can review and request changes to their personal information at any time via account preferences
  • This privacy policy will be updated and the "Last Updated" date revised if material changes are made
  • Users will be notified of significant policy changes via email or prominent notice on the Service

12. Children's Privacy (COPPA)

TableHop is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13.

If you become aware that a child under 13 has provided us with personal information, please contact us at contact@thetablehop.com. We will delete such information promptly.

For users between 13 and 18, we recommend parental supervision when creating an account.

13. International Users

TableHop is hosted in the United States. If you access the Service from outside the United States, your information will be transferred to, processed in, and stored in the United States. By using the Service, you consent to this transfer.

If you are subject to GDPR or other regional privacy laws, please see the relevant section above for additional rights.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via email (if you have an account)
  • Post a prominent notice on the Service

Your continued use of the Service after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, contact us at:

Email: contact@thetablehop.com Website: https://thetablehop.com

For California Privacy Rights, GDPR requests, or other formal data requests, include the relevant subject line so we can route your request appropriately.

This Privacy Policy is provided for informational purposes and does not constitute legal advice. TableHop makes good-faith efforts to comply with applicable privacy laws, but users should consult their own legal counsel regarding their specific rights and obligations.

Back to home