On the radar
Small plates Natural & low-intervention wine Omakase counters Zero-proof cocktails Shorter tasting menus Hyper-local sourcing Dynamic menu pricing QR menus fading Chef's-counter seating Live-fire cooking Regional specialisation Snack-bar formats Small plates Natural & low-intervention wine Omakase counters Zero-proof cocktails Shorter tasting menus Hyper-local sourcing Dynamic menu pricing QR menus fading Chef's-counter seating Live-fire cooking Regional specialisation Snack-bar formats
Skip to content
Company

Trust & data

The questions a procurement team asks, answered plainly. Every statement on this page describes the product as it is built today — nothing aspirational, no certifications we do not hold.

Last updated: June 2026

1. Your properties are isolated at the database layer

Every row of client data is scoped to a property and an organization, and access is enforced by row-level security in the database itself — not only in application code. A user can read a property’s data only if they have been explicitly granted access to that property.

The same gate applies to our server-side functions: requests are checked against the caller’s property access before any data is returned.

2. Your data is hosted in the EU

Client data lives in a Supabase (Postgres) project in the European Union — Frankfurt, Germany (eu-central-1). The full list of sub-processors, including those used by this website’s contact forms, is published in our privacy policy.

3. Your data is never shared across organizations

One client’s menus, costs, sales data, and audit results are never shown to or sold to another client, and never pooled in any form attributable to you — the only cross-client computation is the anonymized cohort benchmark described in the next section. No client-facing surface can read another organization’s data.

4. Benchmarks only from anonymized cohorts — or not at all

Where the product computes a cohort comparison, it is built only from anonymized cohorts of at least ten properties. Below that floor the comparison is suppressed entirely rather than shown thin — and no output ever identifies another property. Your numbers never reach another client in any attributable form.

5. Deletion on request

Ask, and we delete your organization’s data. Write to hello@couverte.io from an address associated with your account and we will confirm the deletion in writing. The standard GDPR subject rights — access, rectification, erasure, restriction, objection, portability — are listed in the privacy policy and apply in full.

6. GDPR and data-processing agreements

Couverté operates under the GDPR. For data-protection enquiries, to request a data-processing agreement (DPA), or to exercise any subject right: hello@couverte.io — the same address reaches our acting DPO.

7. What we do not claim

We do not currently hold a SOC 2 or ISO 27001 certification, and we will not imply otherwise. Everything written on this page describes controls that exist in the product today; when our posture changes, this page changes with it.

Related reading

The legal detail — sub-processors, cookies, retention, and the full GDPR rights procedure — lives in the privacy policy. Questions this page does not answer: hello@couverte.io.