For Restaurants & Hospitality

When a customer asks "What data do you have on me?" — do you know what to do?

Most restaurants don't. And that's a GDPR fine waiting to happen. SAR Portal gives you a simple system to handle data requests professionally — before they become problems.

Start Free Trial See Pricing

The risk you might not see coming

A disgruntled customer. A former employee. A competitor looking to cause trouble. Anyone can submit a Data Subject Access Request (DSAR) asking for all the personal data you hold on them.

You have 30 days to respond. Miss the deadline or respond incorrectly, and you're looking at a complaint to the Data Protection Commission — and potential fines starting at €10,000.

Real DSAR scenarios restaurants face

These requests are more common than you think

📧

"Send me everything you have on me"

A customer who used your online booking system wants all their reservation history, contact details, and any notes staff made about them.

🗑️

"Delete all my data"

A former loyalty programme member wants to be forgotten. You need to remove them from all systems while keeping records you legally must retain.

📹

"I want your CCTV footage of me"

Someone claims they slipped in your premises. They're requesting CCTV footage as part of a potential claim. You need to provide it within 30 days.

👨‍🍳

"What do you have on me?" (from ex-staff)

A former employee who left on bad terms wants their personnel file, training records, performance notes, and any emails about them.

The personal data hiding in your restaurant

Most restaurant owners underestimate how much they collect

📅

Reservation Systems

Names, phones, emails, party sizes, special requests

🛵

Delivery Platforms

Addresses, order history, payment info, preferences

🍽️

Allergy Records

Health data — highest GDPR sensitivity

💳

Loyalty & Gift Cards

Purchase history, points, contact details

👥

Staff Records

HR files, rotas, payroll, references

📹

CCTV Footage

Customers, staff, delivery drivers

How SAR Portal makes this simple

Handle any data request in minutes, not days

1️⃣

Professional intake portal

Give customers a proper place to submit requests instead of random emails. OTP verification confirms their identity before you share anything.

2️⃣

AI finds the personal data

Upload exports from your systems. Our AI scans for names, emails, phone numbers, addresses — and flags what needs attention.

3️⃣

Automatic redaction

Before you share data, AI blacks out other people's information. Other customers' names in a reservation list? Gone. Other staff in HR notes? Redacted.

4️⃣

Complete audit trail

Every action is logged. If the DPC ever asks how you handled a request, you have timestamped proof of every step.

Professional GDPR compliance from €199/year

SAR Portal Basic costs less than a single consultation with a data protection solicitor. Handle DSARs professionally and on time, every time — with complete audit trails for your records.

Start Free Trial View Pricing

⚡ Features 💰 Pricing 📝 Sign Up

🚀 Start Free Trial