The PLUS Club members no nonsense privacy & usage policy

We, Plus Club Sp. z o.o., built the Restaurants The Plus Club app as a free app. We, Plus Club Sp. z o.o., provide this service at no cost and it is intended for use as is.

 

We think your privacy is important, as is ours. So we will not share any of our members data to third parties under any circumstance, except - of course - with the places you make a booking.

 

Personal information

We store the following personal information:

  • Your name

  • Your email address

  • Your phone number

These are used everytime you make a booking and then (and only then) are shared with the place you make a booking at, so you can be sure they will know about it. We also ask for a picture because we think it’s nice if people recognize you when you walk in - but this is optional.

We also store your current location if you give us this permission, to find places you can book near you and to allow your nearby favourites to send you special offers. We don’t keep a history of location data in any way.

Furthermore, we keep a history of bookings and ratings you give. We use this to give you better recommendations in the future. Upon request we will remove this data, however we will then be unable to give you personalised recommendations. Ratings may be shared with the concerned merchant, but only after they are anonymised.

 

Cookies

We use cookies for two reasons only:

  • To keep track of a session (2 cookies). Without a session cookie, we cannot know you’re the same person after clicking to a next screen, so we cannot handle a booking or show you a confirmation. That would not be fun.

  • To save your language choice for a next visit (1 cookie).

  • To make use of Google Analytics, which gives us nice charts on visitors etc. These are only set if you give consent via our cookie banner, and you can withdraw consent at any time. (3 cookies)

 

E-mail and notifications

We will send you an email and a notification whenever you make a booking to confirm it. If your booking is far into the future, we will also send a reminder shortly before your booking.

We may also send you our newsletter if you agreed to this, and in this case we will also send you special promotions from our restaurants we think you may be interested in because we think you will like them. The process we use is simple: when you receive a promotion, you can either book it, close it or chose never to receive promotions from the concerned restaurant. Every marketing email contains an unsubscribe link.

We aim to give you the best culinary experience with the least fuss. We’re confident our system will pick up with your personal preferences very quickly, and you’ll only get the messages you really don’t want to miss. We are open to suggestions, of course.

 

Additional provisions for the concierge service

By making use of the free concierge service, you agree to receive emails regarding your booking request, alternative suggestions and suggestions or promotions from the concierge or restaurants similar to the one you requested. You can stop this at any time by clicking the link provided in the respective emails. Note that this ends your free use of the concierge service, and you may require a new invitation to be able to use the Inner Circle concierge again.

 

 

Legal basis for processing your data (GDPR Art. 6)

We process your personal data on the following legal bases:

  • Performance of a contract — processing your name, email, phone and booking details is necessary to provide the service you signed up for (making and confirming restaurant bookings).

  • Your consent — for optional features such as your photo, location access, marketing emails, the newsletter, and non-essential cookies (analytics). You can withdraw consent at any time.

  • Our legitimate interest — for improving the service, fraud prevention, and generating anonymised statistics. We balance this against your interests and you may object at any time (see “Your rights” below).

  • Legal obligation — for keeping booking and invoice records as required by tax and accounting law.

 

Your rights under GDPR

As an individual whose data we process, you have the following rights:

  • Right of access (Art. 15) — ask us what personal data we hold about you.

  • Right to rectification (Art. 16) — correct inaccurate or incomplete data.

  • Right to erasure (Art. 17), the “right to be forgotten” — ask us to delete your data.

  • Right to restriction (Art. 18) — ask us to limit how we use your data.

  • Right to data portability (Art. 20) — receive your data in a structured, machine-readable format.

  • Right to object (Art. 21) — object to processing based on legitimate interest, including profiling for recommendations.

  • Right to withdraw consent — for any processing based on your consent. Withdrawal does not affect prior lawful processing.

  • Rights related to automated decision-making (Art. 22) — we do not make decisions about you that produce legal or similarly significant effects based solely on automated processing.

To exercise any of these rights, email us at privacy@theplusclub.com. We will respond within 30 days.

 

How long we keep your data

  • Account data (name, email, phone, photo) — for as long as your account is active, plus up to 12 months after deletion for fraud-prevention purposes.

  • Booking records — up to 6 years after the booking date, to comply with Polish tax and accounting requirements.

  • Marketing-consent records — until you withdraw consent, plus 24 months for proof of consent.

  • Cookie consent records — 12 months from your last interaction with the banner.

  • Analytics data — aggregated/anonymised after 14 months.

 

Sub-processors and international transfers

To deliver the service we rely on the following sub-processors. Where data is transferred outside the European Economic Area, transfers are protected by Standard Contractual Clauses (SCCs) and, where applicable, supplementary measures.

  • Amazon Web Services (hosting, email delivery via SES) — EU and US regions; US transfers under SCCs.

  • Google LLC (Firebase Cloud Messaging for push notifications, Google Analytics, Google Maps) — US transfers under SCCs.

  • Apple Inc. (APNs for push notifications on iOS devices) — US transfers under SCCs.

  • Mollie B.V. (payment processing, where applicable) — Netherlands (EU).

  • Restaurants you book with — receive your name, contact details and booking details solely to fulfil your reservation.

 

Controller contact details

The data controller is:

Plus Club Sp. z o.o.
ul. Grzybowska 80/82, 00-844 Warszawa, Poland
Registered in the Register of Entrepreneurs of the National Court Register (KRS) under no. 0000647134 by the District Court for the Capital City of Warsaw in Warsaw, 12th Commercial Division of the National Court Register.
NIP 5272786632 · REGON 365876229 · DUNS 539321493 · Share capital: PLN 125,000
Email: privacy@theplusclub.com

 

Right to complain

If you believe we have not handled your personal data lawfully, you have the right to file a complaint with the Polish supervisory authority:

Urzád Ochrony Danych Osobowych (UODO)
ul. Stawki 2, 00-193 Warszawa, Poland
https://uodo.gov.pl/

You may also lodge a complaint with the supervisory authority in your EU country of residence.

 

Changes to this policy

We may update this policy from time to time. The current version is always available at this page; we will notify registered users by email of material changes.

Last updated: 19 May 2026.