Ir al contenido

Reserva – Privacy Policy

1. Scope and Roles2. Information We Collect3. How We Use Information4. Legal Bases for Processing5. Disclosure of Information6. Subprocessors7. International Data Transfers8. Data Retention9. Security Measures10. Individual Rights11. Cookies and Tracking Technologies12. Children’s Information13. Changes to This Privacy Policy14. Contact Us

Last updated: [January 01, 2026]

This Privacy Policy describes how Reserva, Inc. ("Reserva," "we," "us") collects, uses, discloses, and protects personal information in connection with its websites, cloud-based enterprise resource planning platform, and related services (collectively, the "Services"). This Privacy Policy forms part of and is incorporated by reference into the Reserva – Terms of Service (Merged Final Draft) (the "Terms"). Capitalized terms not defined here have the meanings given in the Terms.

1. Scope and Roles

This Privacy Policy applies to:

  • visitors to Reserva websites;
  • representatives, employees, contractors, and users of Customer accounts; and
  • personal information processed in the course of providing the Services.

Reserva acts as:

  • a data controller with respect to personal information collected for its own business purposes (such as account administration, sales, marketing, and compliance); and
  • a service provider / processor with respect to Customer Data containing personal information processed on Customer’s behalf through the Services.

Customers are responsible for determining the lawful basis for processing Customer Data and for providing any required notices to, and obtaining any required consents from, data subjects.

2. Information We Collect

2.1 Information provided directly

We may collect personal information that you or your organisation provides to us, including:

  • contact information (name, email address, phone number, job title);
  • account and onboarding information (company name, address, tax identification documentation, PACA licence information);
  • identity verification and compliance information (government-issued ID, KYC/AML screening data);
  • billing and payment information (payment method details, billing contacts);
  • communications and support correspondence; and
  • information provided in connection with Professional Services, training, or consulting engagements.

2.2 Information processed on behalf of Customers

The Services may process Customer Data that includes personal information determined and controlled by Customer, such as employee, vendor, or counterparty information. Reserva processes such information solely in accordance with Customer instructions and the Terms.

2.3 Automatically collected information

When you access or use the Services, we may automatically collect:

  • device and browser information;
  • IP address and approximate location;
  • log files, usage metrics, and diagnostic data; and
  • cookies and similar technologies.

3. How We Use Information

Reserva uses personal information for the following purposes:

  • to provide, operate, maintain, and secure the Services;
  • to provision accounts and users;
  • to perform Professional Services and Custom Development;
  • to process payments and manage subscriptions;
  • to communicate with Customers regarding the Services;
  • to provide customer support, training, troubleshooting, and account assistance;
  • to access Customer accounts at Customer’s request or with Customer’s authorization for the purpose of providing support, training, implementation assistance, configuration guidance, issue resolution, or other Services;
  • to monitor, analyse, and improve platform performance;
  • to enforce the Terms and protect Reserva’s legal rights;
  • to comply with legal, regulatory, tax, and compliance obligations; and
  • to prevent fraud, misuse, or security incidents.

Any access by Reserva personnel to Customer accounts or Customer Data is limited to what is reasonably necessary to perform the Services, is subject to confidentiality obligations, and is logged and governed by internal access controls.

Reserva may use aggregated or de-identified data for analytics and product improvement.

4. Legal Bases for Processing

Where required by applicable law, Reserva relies on one or more of the following legal bases:

  • performance of a contract;
  • compliance with legal obligations;
  • legitimate business interests (such as security, fraud prevention, and service improvement);
  • consent, where required by law.

5. Disclosure of Information

Reserva may disclose personal information to:

  • Service providers and subprocessors that support hosting, infrastructure, analytics, communications, payment processing, identity verification, and security;
  • FinTech and payment partners, where applicable;
  • Professional advisors (legal, accounting, auditors);
  • Government authorities where required by law or legal process; and
  • Affiliates and successors in connection with a corporate transaction.

Reserva does not sell personal information.

6. Subprocessors

Reserva may engage third-party subprocessors to process personal information. Such subprocessors are contractually bound to protect personal information and to process it only on Reserva’s instructions.

A current list of subprocessors may be made available upon request.

7. International Data Transfers

Reserva may process and store personal information in the United States and other jurisdictions where it or its service providers operate. Where required by law, Reserva implements appropriate safeguards for cross-border transfers.

8. Data Retention

Reserva retains personal information only for as long as reasonably necessary to:

  • provide the Services;
  • fulfil contractual obligations;
  • comply with legal, accounting, and regulatory requirements; and
  • resolve disputes and enforce agreements.

Retention periods may vary depending on the nature of the data and the context of processing.

9. Security Measures

Reserva maintains administrative, technical, and organisational safeguards designed to protect personal information against unauthorised access, loss, misuse, alteration, or disclosure. These measures include, as appropriate, access controls, role-based permissions, encryption of data in transit and at rest, network security controls, logging and monitoring, and internal policies governing employee access and confidentiality.

Reserva restricts access to personal information to authorised personnel who require such access to perform their job responsibilities and who are subject to confidentiality obligations. Access to Customer accounts and data for support, training, or troubleshooting purposes is limited to what is reasonably necessary and is governed by internal controls.

While Reserva uses commercially reasonable efforts to protect personal information, no method of transmission over the internet or method of electronic storage is completely secure. Reserva does not warrant or guarantee absolute security, and Customer acknowledges and accepts the inherent risks associated with electronic data transmission and storage.

10. Individual Rights

Depending on applicable law and jurisdiction, individuals may have certain rights with respect to their personal information, which may include the right to:

  • request access to personal information held about them;
  • request correction or update of inaccurate or incomplete personal information;
  • request deletion of personal information, subject to legal retention requirements;
  • restrict or object to certain processing activities;
  • request portability of personal information, where technically feasible; and
  • withdraw consent, where processing is based on consent.

Requests to exercise these rights must be submitted using the contact information in Section 14. Reserva may require reasonable verification of identity before responding to a request. Reserva will respond within the timeframes permitted by applicable law and may deny or limit requests where an exception or exemption applies, including where compliance would impair the rights of others, conflict with legal obligations, or require disproportionate effort.

11. Cookies and Tracking Technologies

Reserva uses cookies, pixels, local storage, and similar tracking technologies to operate, secure, and improve its websites and Services, including to remember user preferences, authenticate sessions, analyse usage patterns, and enhance performance.

Cookies may be set by Reserva or by third-party service providers acting on Reserva’s behalf. Customer and users may manage or disable cookies through their browser or device settings; however, disabling certain cookies may limit functionality or prevent access to certain features of the Services.

Where required by law, Reserva will obtain consent for the use of non-essential cookies and provide appropriate notice regarding cookie usage.

12. Children’s Information

The Services are intended for use by businesses and their authorised representatives and are not directed to children or minors. Reserva does not knowingly collect personal information from individuals under the age of eighteen (18). If Reserva becomes aware that it has inadvertently collected personal information from a child, Reserva will take reasonable steps to delete such information as soon as practicable.

13. Changes to This Privacy Policy

Reserva may update or modify this Privacy Policy from time to time to reflect changes in the Services, legal requirements, or business practices. The "Last updated" date at the top of this Privacy Policy indicates when it was most recently revised.

If changes are material, Reserva will provide reasonable notice through the Services, by email, or by other appropriate means. Continued access to or use of the Services after the effective date of an updated Privacy Policy constitutes acceptance of the revised Privacy Policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or Reserva’s data practices, including requests to exercise individual rights, please contact:

Reserva, Inc.

Email: privacy@onreserva.com