Back to CoreTAP
Privacy PolicyTerms of ServiceContact Us

Privacy Policy

CoreTAP by Delta Kinetics LLC

CORETAP

PRIVACY POLICY

A Product of Delta Kinetics LLC

Effective Date: March 24, 2026

Last Updated: March 24, 2026

1. INTRODUCTION

Delta Kinetics LLC ("Company," "we," "us," or "our") operates the CoreTAP platform ("Platform"), a real-time bar execution intelligence software-as-a-service application. This Privacy Policy describes how we collect, use, store, share, and protect information when you use the Platform, visit our websites, or interact with our services.

This Privacy Policy applies to all users of the Platform, including account holders ("Customers"), their authorized employees and agents ("Authorized Users"), and visitors to our websites. By using the Platform, you acknowledge that you have read and understood this Privacy Policy.

2. INFORMATION WE COLLECT

2.1 Account Information

When you register for the Platform, we collect: full name, email address, phone number (optional), business name and address, billing information (processed through our third-party payment processor, Stripe), selected Subscription Tier, and any additional information you provide during registration or account setup.

2.2 POS Transaction Data

When you connect your POS system to the Platform, we receive and process transaction data from your POS provider, including: sales transaction records (items sold, prices, quantities, timestamps, payment methods); void, discount, and removal records with associated reasons and employee identifiers; employee identifiers and names as recorded in your POS system; check/tab information including open and close times; and menu item data including names, categories, and pricing.

2.3 Employee Performance Data

The Platform processes and generates employee-related data including: revenue and transaction metrics per employee; void, discount, and removal rates per employee; composite performance scores and grades; behavioral pattern analysis; and statistical anomaly indicators. This data is derived from POS transaction data and is generated through our proprietary analytical algorithms.

2.4 Consumer Data (Command Tier Only)

For Customers subscribed to the Command tier, the Platform processes consumer data from the POS system including: customer names or identifiers as recorded by the POS system; visit frequency and recency; order history and spending patterns; derived metrics including RFM scores, Customer Lifetime Value, and churn predictions; and preferred visit days, times, and consistency patterns.

2.5 Usage Data

We automatically collect information about how you interact with the Platform, including: pages viewed, features accessed, and actions taken; device type, operating system, browser type, and screen resolution; IP address and approximate geographic location; session duration and frequency of use; and error logs and performance data.

2.6 Cookies and Tracking Technologies

We use cookies and similar technologies to maintain your session, remember your preferences, and improve Platform performance. We use: session cookies (essential for Platform functionality, httpOnly, 30-day expiration); authentication tokens (essential for secure access); and analytics cookies (to understand Platform usage patterns). We do not use third-party advertising cookies or tracking pixels for behavioral advertising purposes.

3. HOW WE USE YOUR INFORMATION

We use collected information for the following purposes:

(a) Providing and maintaining the Platform, including processing POS data, generating Intelligence Outputs, computing performance scores, detecting analytical anomalies, and generating action items;

(b) Processing payments and managing your subscription through our payment processor (Stripe);

(c) Communicating with you about your account, Platform updates, service announcements, and support requests;

(d) Improving the Platform, including analyzing usage patterns, identifying bugs, and developing new features;

(e) Generating aggregated, anonymized benchmarks and insights that do not identify any individual Customer, employee, or consumer;

(f) Protecting the security and integrity of the Platform and preventing fraud or unauthorized access;

(g) Complying with legal obligations, including responding to lawful requests from law enforcement and regulatory authorities; and

(h) Enforcing our Terms of Service, Master Subscription Agreement, and other agreements.

4. HOW WE SHARE YOUR INFORMATION

4.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information, Customer Data, employee performance data, or consumer data to any third party for their marketing or commercial purposes.

4.2 Service Providers (Subprocessors)

We share information with third-party service providers who assist us in operating the Platform, processing payments, and providing services. These providers are contractually obligated to use your information only for the purposes of providing services to us and to maintain appropriate security measures. Our current subprocessors include: Vercel (application hosting and delivery); Stripe (payment processing); cloud infrastructure providers (data storage and processing); and POS system providers (data integration, as directed by Customer). A current list of subprocessors is maintained in our Data Processing Agreement.

4.3 Legal Requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, including to comply with a subpoena, court order, or similar legal mechanism. We may also disclose information when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any such transfer and any changes to this Privacy Policy.

4.5 Aggregated and Anonymized Data

We may share aggregated, anonymized data that does not identify any individual Customer, employee, or consumer with third parties for research, benchmarking, marketing, or other business purposes.

4.6 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

5. DATA SECURITY

We implement commercially reasonable administrative, technical, and physical security measures designed to protect your information from unauthorized access, use, alteration, and destruction. These measures include: encryption of data in transit using TLS/SSL protocols; encryption of sensitive data at rest; secure authentication using JSON Web Tokens (JWT) with httpOnly cookies; access controls limiting data access to authorized personnel; regular security reviews of our infrastructure; and secure coding practices and dependency management.

HOWEVER, NO METHOD OF TRANSMISSION OVER THE INTERNET OR METHOD OF ELECTRONIC STORAGE IS 100% SECURE. WHILE WE STRIVE TO USE COMMERCIALLY ACCEPTABLE MEANS TO PROTECT YOUR INFORMATION, WE CANNOT GUARANTEE ITS ABSOLUTE SECURITY. YOU ACKNOWLEDGE AND ACCEPT THIS INHERENT RISK.

6. DATA RETENTION

6.1 Active Accounts

We retain your information for as long as your account is active and as needed to provide services under your subscription. POS transaction data and derived analytics are retained for the duration of your subscription to enable historical analysis and trend detection.

6.2 After Termination

Upon termination or expiration of your subscription, we will retain your data for thirty (30) days to allow you to request a data export. After this 30-day period, we will delete or anonymize your Customer Data within a commercially reasonable timeframe, except as required by law or legitimate business purposes (such as maintaining aggregated, anonymized data).

6.3 Legal Retention

We may retain certain information for longer periods as required by applicable law, regulation, or legal process, or as necessary to resolve disputes and enforce our agreements.

7. YOUR RIGHTS AND CHOICES

7.1 Access and Correction

You may access and update your account information at any time through the Platform’s profile settings. If you need to correct information that cannot be updated through the Platform, contact us at privacy@deltakinetics.io.

7.2 Data Export

You may request an export of your Customer Data by contacting us at privacy@deltakinetics.io. We will provide the requested data in a commonly used, machine-readable format within thirty (30) days of receiving your request.

7.3 Data Deletion

You may request deletion of your account and associated data by contacting us at privacy@deltakinetics.io. We will process deletion requests in accordance with our data retention policies and applicable law. Note that some data may be retained as required by law or legitimate business purposes.

7.4 Communication Preferences

You may opt out of non-essential email communications by following the unsubscribe instructions in any email or by contacting us. You cannot opt out of transactional communications related to your account, billing, or Platform functionality.

8. TEXAS DATA PRIVACY AND SECURITY ACT (TDPSA) COMPLIANCE

If you are a Texas resident, you may have additional rights under the Texas Data Privacy and Security Act (effective July 1, 2024), including the right to: confirm whether we are processing your personal data; access your personal data; correct inaccuracies in your personal data; delete your personal data; obtain a copy of your personal data in a portable format; and opt out of the processing of your personal data for targeted advertising, sale, or profiling. To exercise these rights, contact us at privacy@deltakinetics.io. We will respond to verified requests within forty-five (45) days. We do not process personal data for targeted advertising or sale. We do not discriminate against you for exercising your privacy rights.

9. CALIFORNIA CONSUMER PRIVACY ACT (CCPA) COMPLIANCE

If you are a California resident, you may have additional rights under the California Consumer Privacy Act, as amended by the CPRA, including the right to: know what personal information is collected, used, shared, or sold; delete personal information held by us; opt out of sale or sharing of personal information; non-discrimination for exercising privacy rights; and correct inaccurate personal information. We do not sell personal information as defined by the CCPA. To exercise your rights, contact us at privacy@deltakinetics.io. We will verify your identity before processing any request and will respond within forty-five (45) days.

10. EMPLOYEE AND CONSUMER DATA NOTICE

10.1 Employee Data

The Platform processes employee performance data derived from POS transaction records. This data is provided to us by our Customer (your employer, if you are a venue employee). We process this data as a service provider to our Customer. If you are an employee of a CoreTAP Customer and have questions about how your performance data is collected, used, or shared, you should direct those inquiries to your employer. Your employer is responsible for providing required notices regarding employee monitoring and data collection.

10.2 Consumer Data

If you are a consumer whose data is processed through the Platform’s Customer Intelligence module, that data is provided to us by the venue you patronize (our Customer). We process this data as a service provider to our Customer. Your rights regarding your consumer data should be directed to the venue that collected your information.

11. CHILDREN’S PRIVACY

The Platform is not intended for use by individuals under eighteen (18) years of age. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information as soon as possible. If you believe a child has provided us with personal information, contact us at privacy@deltakinetics.io.

12. INTERNATIONAL DATA TRANSFERS

The Platform is operated in the United States. If you are accessing the Platform from outside the United States, be aware that your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Platform, you consent to the transfer of your information to the United States.

13. THIRD-PARTY SERVICES

The Platform integrates with third-party services, primarily your POS system provider. These third-party services have their own privacy policies governing how they collect, use, and share your data. We are not responsible for the privacy practices of these third-party services. We encourage you to review the privacy policies of any third-party services you use in connection with the Platform.

14. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. Changes will be posted on the Platform with an updated "Last Updated" date. Material changes will be communicated to you via email or through a prominent notice on the Platform. Your continued use of the Platform after changes are posted constitutes your acceptance of the modified Privacy Policy.

15. DO NOT TRACK SIGNALS

The Platform does not currently respond to "Do Not Track" (DNT) browser signals, as there is no industry-standard protocol for DNT compliance. We do not engage in third-party behavioral tracking of Platform users.

16. DATA BREACH NOTIFICATION

In the event of a data breach affecting your personal information, we will notify affected users and relevant authorities as required by applicable law, including the Texas Identity Theft Enforcement and Protection Act (Tex. Bus. & Com. Code § 521.053), within the timeframes prescribed by law.

17. CONTACT INFORMATION

For questions, concerns, or requests regarding this Privacy Policy, contact:

Delta Kinetics LLC

Privacy Inquiries

Houston, Texas

Email: privacy@deltakinetics.io

General: legal@deltakinetics.io