Data Processing Agreement.

Processor commitments and security measures for restaurants that use Limvero to operate customer, loyalty and restaurant workflow data.

Processing commitments

The DPA describes Limvero's role when processing tenant-controlled restaurant data.

Limvero processes restaurant customer, loyalty and operational data on behalf of the tenant restaurant.

Tenant configuration, user access, API keys, imports, exports and deletion requests define how data is processed.

Authorized personnel and support workflows are designed around controlled access and account-specific troubleshooting.

Hosting, database, storage, email, analytics and support vendors are listed when selected for production use.

Tenants can use customer, export and deletion workflows to support access, correction, deletion and portability requests.

Tenant export snapshots and deletion request processing support offboarding and data lifecycle requirements.

These measures reflect the implemented platform controls and operational safeguards.

Backend guards, scoped roles, public API key tenant checks and separated platform/restaurant sessions protect tenant boundaries.

Email/password admin sessions, POS PIN sessions, permission checks, token rotation and support session controls limit access.

Production checks, strict browser headers, rate limits, input limits, audit records, backup and rollback workflows support reliability.

API key scopes, hashed key storage, webhook signature verification and SSRF checks protect integration surfaces.

Operational status and customer communication describe confirmed impact, affected components and mitigation steps.

Dangerous platform actions, support access, tenant deletion and operational changes are designed to leave reviewable records.

Talk through locations, POS devices, kitchen workflow, menu migration, API needs and security review before launch.