Multiplier Ltd trading as EatUP!

Privacy Policy

Last updated: 2 April 2026

About EatUP! and This Policy

EatUP! (operated by Multiplier Ltd) is a customer engagement and rewards platform that connects restaurants with their customers. We facilitate restaurant reviews, loyalty rewards programs, referral systems, and customer relationship management tools.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services. We act as an intermediary between you and our restaurant partners, and understanding how your data flows between us and restaurants is crucial.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not use our services. By using EatUP!, you consent to the data practices described in this policy.

1. Information We Collect

1.1 Account Information

When you create an account or interact with our services, we collect:

  • Name and contact details (email address, phone number)
  • Marketing consent preferences
  • Account credentials and authentication information

1.2 Review and Feedback Information

When you leave a review or provide feedback:

  • Restaurant reviews, ratings, and written feedback
  • Menu item preferences and selections
  • Photos you upload (receipts, food images, etc.)
  • Comments and responses to our surveys

1.3 Reward and Loyalty Information

When you participate in rewards programs:

  • Voucher codes and redemption history
  • Referral codes you generate and use
  • Referral activity (who you referred and when)
  • Reward preferences and program participation

1.4 Communication Data

  • SMS and email message history with restaurants and EatUP!
  • Communication preferences (frequency, channels)
  • Customer service interactions

1.5 Transaction Information

  • Tip amounts and payment information (processed securely via Stripe)
  • Purchase history at partner restaurants
  • Transaction dates and amounts

1.6 Technical Information

  • IP address, browser type, and device information
  • Cookies and similar tracking technologies
  • Usage data (pages visited, features used, time spent)
  • Log files and analytics data

2. How We Share Your Information with Restaurant Partners

This is a core part of our service. When you interact with EatUP!, your information is shared with the specific restaurant(s) you engage with. This sharing is essential to deliver the services you expect.

What We Share and Why:

Managing Customer Relationships

Restaurants receive your contact information (name, email, phone number) to maintain their customer database and communicate with you about their offerings. This allows them to build a relationship with you as a customer.

Delivering Rewards

When you earn a reward or voucher, the restaurant receives your details along with the voucher code to validate and redeem your reward when you visit.

Processing Reviews and Feedback

Your reviews and feedback are shared with the restaurant to help them improve their service. This includes your name, rating, written feedback, and any photos you submit.

Marketing Communications

If you've provided marketing consent, restaurants may use your contact information to send you promotional offers, updates, special events, and other marketing materials via email and SMS.

Referral Program Management

If you participate in referral programs, restaurants receive information about your referral activity (who you referred and when) to process referral rewards for both you and your referees.

Important: Independent Data Controllers

Each restaurant is an independent data controller for the information they receive about you. They are responsible for how they use, store, and protect your data according to their own privacy practices and applicable laws. We encourage you to review each restaurant's privacy practices.

Your Control Over Communications

You can opt out of marketing communications at any time by:

  • Clicking unsubscribe links in emails
  • Replying STOP to SMS messages
  • Contacting the restaurant or EatUP! directly

Please note: Transactional messages (like reward confirmations and voucher details) may still be sent as necessary to deliver the service you've requested.

3. How We Use Your Information

In addition to sharing your information with restaurant partners, we use your information for the following purposes:

  • Operating and maintaining the EatUP! platform and services
  • Processing and facilitating restaurant reviews and feedback
  • Generating and managing reward vouchers and referral codes
  • Sending transactional communications (reward confirmations, voucher details, account updates)
  • Sending marketing communications about EatUP! services (with your consent)
  • Managing referral programs and tracking referral rewards
  • Processing tips and payments securely through our payment provider
  • Analyzing usage patterns to improve our services and user experience
  • Preventing fraud, unauthorized access, and ensuring platform security
  • Complying with legal obligations and responding to legal requests
  • Providing customer support and responding to your inquiries

4. Third-Party Service Providers

We work with trusted third-party service providers to deliver our services. These providers process data on our behalf under strict data processing agreements:

Supabase
Database hosting, user authentication, and secure data storage services.
Twilio
SMS messaging services for sending reward notifications and communications.
Resend
Email delivery services for transactional and marketing emails.
Stripe
Secure payment processing for tips and transactions. Stripe handles payment card data according to PCI-DSS standards.
Analytics Providers
Usage analytics and service improvement (anonymized where possible).

We do not sell or rent your personal information to third parties for their own marketing purposes.

5. Cookies and Tracking Technologies

What We Use:

  • Essential Cookies: Required for authentication and platform functionality. These cannot be disabled.
  • Analytics Cookies: Help us understand how users interact with our platform to improve the experience.
  • Preference Cookies: Remember your settings and preferences.

Managing Cookies:

You can control cookies through your browser settings. Most browsers allow you to refuse or accept cookies, or alert you when cookies are being sent.

Please note: Disabling essential cookies may impact platform functionality and your ability to use certain features.

6. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations:

  • Active Account Data: Retained while your account is active and for a reasonable period thereafter to allow reactivation.
  • Review and Feedback Data: Retained indefinitely to provide ongoing value to restaurants and future customers, unless you request deletion.
  • Marketing Communications Data: Retained until you withdraw consent or request deletion.
  • Transaction Records: Retained for 7 years to comply with financial record-keeping requirements.
  • Technical Logs: Typically retained for 90 days for security and debugging purposes.

You have the right to request deletion of your personal data at any time, subject to certain legal exceptions (see Section 7 below).

7. Your Rights Under UK GDPR and Data Protection Law

As a UK-based company, we comply with the UK GDPR and Data Protection Act 2018. You have the following rights:

Right to Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete personal data.

Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data, subject to certain legal exceptions (e.g., legal obligations to retain records).

Right to Restrict Processing

Request that we limit how we use your personal data.

Right to Data Portability

Receive your personal data in a structured, commonly used format and transfer it to another service.

Right to Object

Object to processing of your personal data for direct marketing or based on legitimate interests.

Rights Related to Automated Decision-Making

Right not to be subject to decisions based solely on automated processing that significantly affects you.

Right to Withdraw Consent

Where we process data based on consent, you can withdraw consent at any time.

Right to Lodge a Complaint

You have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection supervisory authority:

ICO Website: https://ico.org.uk

ICO Helpline: 0303 123 1113

How to Exercise Your Rights:

To exercise any of these rights, please contact us at:

  • Email: george@multiplier.info
  • Subject line: "Data Protection Request"

Please include: your full name, email address, phone number (if applicable), and specific details of your request.

We will respond to your request within 30 days as required by law. In complex cases, we may extend this by an additional 60 days and will inform you of the extension.

8. Children's Privacy

Our services are not intended for children under the age of 16 (the age of digital consent in the UK under GDPR). We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete that information as quickly as possible.

If you believe we have collected information from a child under 16, please contact us immediately at george@multiplier.info.

9. International Data Transfers

Your personal data may be transferred to and processed in countries outside the United Kingdom and European Economic Area (EEA), including the United States, where some of our service providers (such as Supabase, Twilio, and Stripe) maintain servers.

When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office
  • Adequacy decisions recognizing that certain countries provide adequate data protection
  • Binding corporate rules or other legally recognized transfer mechanisms

For more information about international transfers and the safeguards we use, please contact us at george@multiplier.info.

10. Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect your data:

  • Encryption of data in transit using TLS/SSL protocols
  • Encryption of sensitive data at rest
  • Access controls limiting who can view and process your data
  • Regular security assessments and vulnerability testing
  • Employee training on data protection and security best practices
  • Secure authentication mechanisms

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes, we will:

  • Update the "Last updated" date at the top of this policy
  • Notify you via email if you have an account with us
  • For significant changes, we may display a prominent notice on our platform or seek your consent where required by law

Continued use of our services after changes become effective constitutes acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Multiplier Ltd trading as EatUP!

Address: 71-75 Shelton Street, London, England, WC2H 9JQ

Email: george@multiplier.info

Data Protection Inquiries: Please use the subject line "Data Protection Request" or "Privacy Inquiry"

Response Time: We aim to respond to all privacy-related inquiries within 30 days as required by UK GDPR.

View our Terms & Conditions →
← Back to Home