Privacy Policy
Last updated: July 13, 2026
This Privacy Policy explains how Web Solutions Hub LLC ("Catero", "we", "us", or "our") collects, uses, stores, shares, and protects personal data when you use the catero.io website, the Catero platform, mobile applications, and related services.
By using the Catero website or platform, you acknowledge that you have read and understood the data processing practices described in this Privacy Policy.
1. Data Controller
The data controller is:
Web Solutions Hub LLC166 Geary St STE 1500, 643
San Francisco, CA 94108
United States of America
Tax ID (EIN): 37-2186117
If you have any questions regarding privacy or the processing of personal data, you may contact us through the contact form or other official contact information published on the Catero website.
2. Who This Policy Applies To
This Privacy Policy applies to:
- visitors to the Catero website;
- representatives of restaurants and catering service providers;
- representatives of companies and their HR or administrative departments;
- employees who use Catero to select and order meals;
- administrators and other authorized users of the platform;
- individuals who send us inquiries, demonstration requests, or support requests.
3. The Role of Companies and Catering Service Providers
Depending on how the Catero platform is used, certain employee data may be entered or processed by their employers, restaurants, catering service providers, or other business users of the platform.
In such cases, the business user may act as the data controller, while Web Solutions Hub LLC processes the data as a data processor in accordance with that business user’s instructions and the applicable data processing agreement.
If you have questions regarding data that has been entered into the platform by your employer, restaurant, or catering service provider, you may contact that organization directly or contact us so that we can forward your request to the appropriate data controller.
4. Information We Collect
4.1. Information You Provide Directly
Depending on how you use the platform, we may process:
- first and last name;
- email address;
- telephone number;
- company, restaurant, or catering service provider name;
- job position, department, business unit, user shift, or location;
- username and information required to log in to the account;
- application language and other account settings;
- information you provide through the contact form or demonstration request;
- content of messages you send to customer support;
- other information you voluntarily provide.
Passwords are not stored in readable form. They are processed using appropriate security and cryptographic methods.
4.2. Order and Service Usage Information
When using the Catero platform, we may process:
- selected meals and menus;
- order date and time;
- order changes and cancellations;
- company, department, shift, or delivery location;
- ordering deadlines;
- meal preparation, delivery, or pickup status;
- order history;
- meal ratings and feedback;
- information required for creating daily, weekly, and monthly reports.
4.3. Device and Technical Information
When accessing the website or application, certain information may be collected automatically, including:
- IP address;
- device type;
- operating system;
- browser type and version;
- device or application language;
- date and time of access;
- visited pages and used features;
- session identifiers;
- technical records, errors, and security logs.
4.4. Notification Data
When a user enables notifications, we may process the device identifier or push notification token, device platform information, selected language, and notification status.
Notifications may include:
- publication of a new menu;
- ordering reminders;
- notification about the expiration of the ordering deadline;
- notification that the food has been delivered;
- meal rating requests;
- other service notifications related to the use of the platform.
4.5. Cookies and Similar Technologies
We may use cookies and similar technologies for the proper functioning of the website, maintaining user sessions, storing preferences, improving security, and analyzing website usage.
Cookies may include:
- Necessary cookies – required for website operation, authentication, and security;
- Functional cookies – remember language and other user preferences;
- Analytics cookies – help us understand how the website is used;
- Marketing cookies – used only when introduced and when there is an appropriate legal basis or user consent.
You can manage cookies through your browser settings or through the available consent management tool. Disabling necessary cookies may affect the functionality of certain parts of the website or platform.
5. Purposes of Data Processing
We may use personal data for the following purposes:
- creating and managing user accounts;
- user authentication and access control;
- displaying menus available to a specific company or user;
- creating, modifying, canceling, and recording orders;
- organizing meal preparation, delivery, and pickup;
- sending service notifications and reminders;
- creating reports for restaurants, catering service providers, and companies;
- providing technical and customer support;
- responding to inquiries and demonstration requests;
- maintaining and improving the platform;
- detecting and preventing misuse and security incidents;
- fulfilling contractual, accounting, and legal obligations;
- protecting our rights, users, and business partners;
- sending promotional communications where consent or another appropriate legal basis exists.
6. Legal Basis for Processing
Depending on the circumstances and applicable regulations, we process personal data based on:
- Performance of a contract – when processing is necessary to provide the Catero service;
- Legitimate interest – for security, service improvement, prevention of misuse, and business communication;
- Consent – for certain cookies, marketing messages, or other optional processing activities;
- Legal obligation – when we are required to process or retain certain data by law;
- Instructions from a business user – when we process data as a processor for a company, restaurant, or catering service provider.
When processing is based on consent, you may withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
7. How We Share Data
We do not sell personal data. We only make personal data available to parties who need it in order to provide and maintain the service.
Personal data may be shared with:
- the company or employer whose employee is the user, to the extent necessary for account administration, orders, costs, and reporting;
- the restaurant or catering service provider responsible for meal preparation and delivery;
- authorized administrators, HR departments, and other users with appropriate access rights;
- providers of hosting, infrastructure, data storage, email, notification, analytics, and technical support services;
- professional advisors, including legal and accounting advisors;
- government authorities or other parties when required by law;
- a potential buyer, investor, or legal successor in the event of a merger, sale, reorganization, or transfer of business.
We require service providers to process data only in accordance with our instructions, agreements, and applicable data protection regulations.
8. International Data Transfers
Web Solutions Hub LLC is headquartered in the United States, so personal data may be processed or stored in the United States or other countries where our service providers are located.
When data is transferred from a country that requires special safeguards for international data transfers, we apply appropriate mechanisms, such as contractual clauses, data processing agreements, service provider assessments, and other technical and organizational measures.
9. Data Retention
We retain personal data only for as long as necessary to achieve the purpose for which it was collected, provide the service, resolve disputes, protect security, and fulfill legal obligations.
The retention period depends on the type of data and may include:
- account data – while the account is active and for a certain period after its closure;
- order and reporting data – during the business relationship and for the period required for accounting, contractual, or legal obligations;
- technical and security logs – for the period necessary for security, diagnostics, and prevention of misuse;
- inquiry and customer support data – as long as necessary to resolve requests and maintain communication records;
- data processed based on consent – until consent is withdrawn, unless another legal basis exists for continued retention.
When data is no longer required, we delete it, anonymize it, or restrict further processing.
10. Data Security
We apply reasonable technical, organizational, and administrative measures to protect personal data from unauthorized access, loss, alteration, misuse, or destruction.
These measures may include:
- access control based on user roles;
- protection of user accounts and passwords;
- encrypted communication between devices and servers;
- security records and system monitoring;
- backup creation;
- restricting access for employees and contractors;
- regular system maintenance and updates.
No method of transferring or storing data can guarantee absolute security. Users are responsible for protecting their login information and must notify us without delay if they suspect unauthorized use of their account.
11. User Rights
Depending on your country of residence and applicable regulations, you may have the right to:
- obtain confirmation whether we process your personal data;
- request access to your personal data;
- request correction of inaccurate or incomplete data;
- request deletion of your data;
- request restriction of processing;
- object to processing based on legitimate interest;
- withdraw previously provided consent;
- request data portability, where applicable;
- not be subject to a decision based solely on automated processing when such decision produces significant legal or similar effects;
- submit a complaint to the competent data protection authority.
Before fulfilling a request, we may ask for additional information to verify identity and protect data from unauthorized access.
When we process data on behalf of a company, restaurant, or catering service provider, we may forward the request to that business user as the data controller.
We will not discriminate against users for exercising their data protection rights.
Catero does not sell personal data in the ordinary meaning of the term "sale of data". If we introduce a practice in the future that is considered a sale or sharing of data for targeted advertising under applicable regulations, we will provide appropriate notice and choice.
12. Marketing Communications
We may send you information about Catero services, news, and offers when we have your consent or another appropriate legal basis.
You can unsubscribe from marketing communications by using the unsubscribe option in the message or by contacting Catero.
Unsubscribing from marketing communications does not affect service messages necessary for account operation, order processing, security, or providing contracted services.
13. Mobile Notifications
You can disable push notifications through your mobile device or application settings. Disabling certain notifications may result in not receiving ordering reminders, deadline information, or meal delivery notifications.
14. Dietary Information and Allergies
Catero may display information about meals, ingredients, or allergens provided by restaurants, catering service providers, or other business users.
Users should not enter information about health conditions, allergies, religious beliefs, or other sensitive data into free-text fields unless this is explicitly enabled, necessary, and accompanied by an appropriate privacy notice.
Information about ingredients and allergens should be verified directly with the restaurant or catering service provider preparing the meal.
15. Children’s Privacy
Catero is not intended for children who cannot independently provide legally valid consent for the processing of personal data. We do not knowingly collect children’s personal data without an appropriate legal basis and authorization from a parent, guardian, school, institution, or another authorized person.
If you believe that a child’s data has been provided to us without appropriate authorization, please contact us so that we can review the information and take appropriate action.
16. Links to Other Websites
The Catero website may contain links to websites or services operated by third parties. We are not responsible for how those third parties collect or process personal data. Before using their services, we recommend reviewing their privacy policies.
17. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes to our services, business operations, or applicable regulations.
The updated version will be published on the website with a new last updated date. When changes are significant, we may notify users through the platform, email, or another appropriate communication channel.
18. Contact
For questions, requests, or complaints regarding this Privacy Policy and the processing of personal data, you may contact:
Web Solutions Hub LLC166 Geary St STE 1500, 643
San Francisco, CA 94108
United States of America
Tax ID (EIN): 37-2186117
You may also submit a request through the official contact form or other contact information published on the Catero website.