1. Who is responsible?

Zap Thai is the data controller for personal data we process for dining, pickup, and delivery services.

2. What data do we process?

Name, contact details (email/phone), address data (for delivery), order and payment information (via payment provider), and communication records.

3. Why do we process data?

• Contract performance: orders, delivery, customer support.
• Legal obligation: accounting and tax administration.
• Legitimate interest: security, fraud prevention, basic analytics.
• Consent (when requested): marketing/newsletters.

4. Retention periods

We keep personal data as long as needed for the purposes above and as long as required by law.

5. Sharing with third parties

Only with processors who provide services on our behalf, such as payment, hosting, and ordering/delivery platforms. We do not sell personal data.

6. Security

We apply appropriate technical and organizational measures. Card payments are handled by PCI-DSS compliant providers and we do not store card data ourselves.

7. Your rights

You may request access, correction, deletion, restriction, portability, or object to processing via .

8. Cookies

We use essential cookies and, where applicable, analytics/marketing cookies with consent.

9. Questions or complaints

Contact us at . You may also file a complaint with your local data protection authority.

Last updated: 25-09-2025