Your Privacy Matters
Last updated: April 27, 2026
We believe in transparency. This policy explains exactly what data we collect, why we collect it, who we share it with, and how we protect it — in plain language.
1. Introduction
Wayt ("we," "us," or "our") operates a technology-enabled marketplace connecting customers with independent contractor line waiters ("Waiters") at restaurants, venues, events, and similar experiences. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information across all users of the Platform — including customers, Waiters, and venue partners.
This policy applies to all markets and regions in which Wayt operates. By creating an account or using the Platform, you agree to the practices described in this policy. This Privacy Policy is incorporated by reference into Wayt's Terms of Service.
Key Commitment: Wayt does not sell your personal information to third parties for their independent marketing or commercial purposes. Full stop.
2. Data We Collect
The data we collect varies based on your role on the Platform — customer, Waiter, or venue partner — and how you interact with our services.
👤 Customers
- • Identity: Name, phone number, email address
- • Authentication: Phone OTP verification records, Google OAuth identifiers, email magic link events
- • Booking data: Venue selected, booking type (Right Now, Later Today, Scheduled, Spot Swap), requested time, party size, special instructions
- • Payment: Payment method authorization records and transaction history (full card numbers are never stored — processed by Stripe)
- • Referral data: Your referral code, who you referred, and associated reward balances
- • Communications: Support messages, SMS exchanges, and in-app communications
🧍 Waiters (Independent Contractors)
- • Identity: Name, phone number, email address
- • Contractor data: Job acceptance and completion history, check-in timestamps, earnings records
- • Payout data: Stripe Connect account identifiers and payout records (Stripe manages sensitive financial verification data directly)
- • Location: General location data used to match Waiters to nearby jobs (only when using the Platform)
- • Performance data: Job completion rates, cancellation history, and conduct records maintained for platform integrity
🏢 Venue Partners
- • Contact data: Venue name, address, operating hours, designated contact person and information
- • Partnership data: Tier status, payout records (Verified Partners), and coordination preferences
- • Booking activity: Aggregate booking volume, demand patterns, and service performance data attributable to your venue
3. How We Collect Data
Directly From You
When you register an account, place a booking, accept a job as a Waiter, sign up as a venue partner, communicate with support, or otherwise interact with the Platform.
Automatically
Through your use of the Platform: device type, operating system, browser, IP address, session data, pages visited, features accessed, and interaction timestamps. This data is collected via cookies, server logs, and similar tracking technologies.
From Third-Party Services
We receive data from Firebase Authentication (phone OTP, Google OAuth), Stripe and Stripe Connect (payment events, payout status), and Twilio (SMS delivery and interaction records). These providers operate under their own privacy policies.
From Other Users
When another user refers you to the Platform, we receive the referral association necessary to credit the referrer. Waiters may also provide information about a booking experience that includes references to customer behavior or instructions.
4. How We Use Your Data
We use the data we collect only for legitimate business purposes in connection with operating the Platform. These purposes include:
Processing bookings, dispatching Waiters, and sending real-time status updates via SMS and in-app notifications
Authorizing and capturing customer payments through Stripe and processing Waiter earnings via Stripe Connect
Verifying your identity via phone OTP, Google OAuth, or email magic link when you access the Platform
Detecting and preventing referral abuse, payment fraud, account manipulation, and other platform integrity violations
Understanding how the Platform is used to improve features, fix issues, and develop new capabilities
Attributing referrals accurately and calculating reward balances for program participants
Sending transactional messages required to fulfill your booking, and marketing messages you have consented to receive
Complying with applicable laws, responding to legal process, and enforcing our Terms of Service
6. Automated Decision-Making
The Wayt Platform uses automated systems that make or influence decisions affecting your experience. These include:
- • Feasibility Assessment: Automated evaluation of whether a booking type (Right Now, Spot Swap, etc.) is available at a given venue based on real-time conditions and historical data
- • Dispatch Logic: Automated matching and prioritization of available Waiters to incoming booking requests based on proximity, availability, and platform-determined factors
- • Fraud Detection: Automated signals that may flag accounts for review or restrict access based on behavior patterns associated with abuse, self-referral, or payment fraud
- • Auto-Void: Bookings that cannot be matched within a platform-determined window are automatically voided and payment holds are released without manual intervention
If you believe an automated decision has materially and incorrectly affected your account or a specific booking, you may contact us at privacy@wayt.fast to request human review.
7. Platform Intelligence & Aggregated Data
Your use of the Platform — across bookings, wait times, venue demand, and Waiter behavior — contributes to a data asset that helps Wayt improve service quality, optimize dispatch, and understand market dynamics.
Wayt may use aggregated, de-identified data derived from Platform activity for:
- •Internal product development and feature prioritization
- •Market research and expansion planning
- •Investor reporting and business performance analysis
- •Publishing insights about venue demand, wait trends, and market activity (never identifying individuals)
Aggregated and de-identified data does not constitute personal information and is not subject to individual deletion or correction rights. Your identity is never disclosed in any aggregated reporting.
8. Data Retention
We retain personal data for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law. Our general retention guidelines are:
When you request account deletion, we will delete or anonymize your personal data within a commercially reasonable time, subject to the retention minimums above. Data subject to legal hold obligations will be retained until those obligations are resolved.
9. Data Security
We implement technical, administrative, and physical safeguards designed to protect your personal information against unauthorized access, disclosure, alteration, or destruction. These measures include:
No method of data transmission over the internet or electronic storage is completely secure. While we take reasonable precautions, Wayt cannot guarantee absolute security. You use the Platform at your own risk.
11. Your Privacy Rights
Regardless of your location, Wayt recognizes the following rights with respect to your personal data:
To exercise any of these rights, contact us at privacy@wayt.fast. We will respond to verified requests within 30 days. We may need to verify your identity before processing certain requests. Some rights may be limited where we have legal obligations to retain data.
12. State-Specific Privacy Rights
As Wayt expands across multiple markets, users in certain states may have additional rights under applicable state privacy law. We honor these rights for all qualifying residents.
California Residents (CCPA / CPRA)
You have the right to:
- •Know what personal information we collect, use, disclose, and sell (we do not sell)
- •Delete personal information we have collected, subject to exceptions
- •Opt out of the sale or sharing of personal information (we do not sell or share for cross-context behavioral advertising)
- •Correct inaccurate personal information
- •Limit use of sensitive personal information
- •Non-discrimination for exercising your privacy rights
Virginia, Colorado, Connecticut & Other State Residents
Residents of states with enacted comprehensive privacy laws (including Virginia's VCDPA, Colorado's CPA, and similar frameworks) have rights substantially similar to those described in Section 11 above. Wayt honors these rights for all qualifying residents. Contact us at privacy@wayt.fast to submit a state-specific privacy request.
We will continue to update this section as Wayt expands into new markets and as additional state privacy laws take effect.
13. Children's Privacy
The Platform is intended solely for users who are 18 years of age or older, consistent with the eligibility requirements in our Terms of Service. We do not knowingly collect personal information from anyone under the age of 18.
If we become aware that we have inadvertently collected personal information from a minor, we will take immediate steps to delete that information from our systems. If you are a parent or guardian and believe your child has used or registered on the Platform, please contact us at privacy@wayt.fast immediately.
14. Data Breach Notification
In the event of a data breach that compromises the security of your personal information and creates a risk of harm, Wayt will:
- ✓ Investigate and contain the breach as promptly as practicable
- ✓ Notify affected users via the email or phone number on file within the timeframe required by applicable law (generally within 72 hours to relevant authorities where required, and to affected individuals without undue delay)
- ✓ Provide information about the nature of the breach, the data affected, and the steps we are taking to address it
- ✓ Recommend steps you can take to protect yourself
Breach notifications will be sent to the contact information on your account. Keeping your contact information current is your responsibility and materially affects our ability to reach you in the event of an incident.
15. Changes to This Policy
We may update this Privacy Policy from time to time as the Platform evolves, as we expand into new markets, or as legal requirements change. For material changes — those that affect your rights or how we handle your data in significant ways — we will provide notice via email or in-Platform notification at least 7 days before the revised policy takes effect.
The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the Platform after the effective date of any updated Privacy Policy constitutes your acceptance of the revised policy.
16. Contact Us
For questions, concerns, or requests related to your privacy or this policy, please reach out through the appropriate channel:
Data access, deletion, correction, opt-out, and state privacy requests
Operations across multiple markets
We will acknowledge privacy requests within 5 business days and complete verified requests within 30 days, unless an extension is required by the complexity of the request, in which case we will notify you.
Questions About Your Privacy?
We're committed to transparency. Reach out anytime — we respond to all privacy requests within 5 business days.