We are the WaitLess team. WaitLess ("we", "our", or "us") will collect and use information obtained via the WaitLessCY Mobile Application ("WaitLessCY", "Application") as described in this policy. In doing so, we are committed to protecting and respecting your privacy and personal data, in accordance with applicable data protection, privacy rules, and data protection laws. We do not sell or rent your personally identifiable information to any third party. (email: info@waitlesscy.com ).


The Application obtains the information you provide when you download and register within the Application. Registration with us is optional. However, please keep in mind that you may not be able to use some of the features offered by the Application unless you register with us. When you register with us and use the Application, you generally provide your name, email address, phone number, and password.

We collect data from our 3rd party affiliates. Specifically, WaitLessCy uses Firebase as a measurement solution that provides insight into app usage and user engagement (https://firebase.google.com/policies/analytics), as well as, Firebase Crashlytics as a bug reporting service (https://firebase.google.com/docs/crashlytics). Bug reports are sent automatically and can contain information about your device, as well as, a log of actions that led to an error.

We also use the device's location, in both cases, registered or not, only when the WaitLessCY application is running (active or in the background), as long as the reported location is within a range of the location of a store that is included in our database. It should be noted that the device's location cannot be correlated (reverse engineered) with a registered user in our database and that we do not keep any location history nor tracking the route taken by any device.


We use your name, email address, phone number, and password. This information is stored in our database only for verification purposes. Your mobile number is stored again, in the Firebase Authentication Database for verification purposes.

While using the Application, the GPS technology (or other similar technology) is activated to determine the device's current location in order to calculate the distance between the device and the stores that are stored in our database. Moreover, the device's current location can be displayed on a location map which is a feature provided by our Application. We only use the device's current location to estimate the number of active users that are located within a range of the location of a store that is included in our database. We do not share any location information of a specific device with other users or partners.

We also collect technical information on how the application is used for diagnostic purposes.


Your data is safely and securely stored on our servers and we maintain your personal information as long as requested otherwise. We maintain the right to reserve your information for a longer period for any obligations provided by any law or any competent authority or for the preservation of any legal rights.

To offer a consistent service to you we manage the Application from servers provided by a third-party cloud service provider that are located in Greece and Germany. The data that we collect from you may be transferred to and stored on these servers. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy and applicable privacy laws. Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your data, by encrypting the transmission of data between the Application and the server using TLS_AES_128_GCM_SHA256,128 bit keys and TLS 1.3. That is, your data was encrypted before being transmitted over the Internet, meaning that it is difficult for unauthorized people to view information traveling between the Application and the server. Once we have received your information, we will use strict procedures and security features to prevent unauthorized access.

The name, phone number, email address and password are stored in our database using security protocols and secure procedures. The password provided is stored as a new password hash using a strong one-way hashing algorithm. They are called one-way hash functions because there is no way to reverse the encryption, therefore, no one but you know the password.

The next information that is collected is the location of the device and not the user's, therefore it is not possible using reverse engineering to correlate a specific user with a specific device. The way a device's location is stored is by using a unique key (string) provided by the device. If this device is located within a range of a store that is located in our database, then this device sends this information and then we simply change the status of this record inside the database, if it already exists, otherwise it is stored. We do not keep track of history, nor the path. The device sends the location only when its state is changed.


We do not use your personal data for any marketing purposes, nor we provide your personal data to any affiliates or third parties for such reasons.


Your right of access

You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.

Your right of rectification

You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.

Your right to erasure

You have the right to ask us to erase your personal information in certain circumstances.

Your right to restrict processing

You have the right to ask us to restrict the processing of your information in certain circumstances.

Your right to object to processing

You have the right to object to processing if we are able to process your information because the process forms part of our public tasks, or is in our legitimate interests.

Your right to data portability

This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.

If we are processing your information for criminal law enforcement purposes, some of your rights may be different or restricted.

You may withdraw your consent regarding your data processing should that be required or given at any time by contacting us at the below mentioned addresses.

You are not required to pay any charge for exercising your rights. We have one month to respond to you.


Cookies are files with a small amount of data that is commonly used as an anonymous unique identifier. These are sent to your browser from the website that you visit and are stored on your device internal memory. Required/Technical cookies: Cookies that are only placed as part of the website’s functionality and security that without them the website cannot be considered functioning.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website and may prevent us from providing the best service possible.


As mentioned above, Firebase collects technical information on how the application is used for diagnostic purposes. Both services are part of Google. Please visit How Google uses data when you use our partners’ sites or apps prior to using our services to learn how Google uses your data.


Any changes to our Privacy Policy will be published here upon the date of their validity and no other notice shall be provided for such changes. Please visit this section from time to time to keep up to date with any such changes.


You can contact us by email at the electronic address privacy@waitlesscy.com. For the exercise of your rights regarding GDPR as mentioned above, please include such issues in the subject section of an email and send it to us at the aforementioned email address.


You may lodge any complaints regarding your personal information at the Office of the Commissioner for Personal Data Protection at http://www.dataprotection.gov.cy/dataprotection/dataprotection.nsf/page1i_en/page1i_en?opendocument