The Table watches. Not because it is cruel, but because it must know who sits at it. What follows is how that watching works, and the limits the law places upon it.
This Privacy Policy applies to The High Table, a service operated by Samarkand Industries OÜ, a private limited company registered in Estonia under registry code 17492007, with registered address at Narva mnt 5, 10117 Tallinn, Estonia, European Union ("Samarkand", "we", "us", "our").
Samarkand Industries OÜ is the data controller for personal data collected through thehightable.international, the associated mobile application, and its associated services.
For questions about this policy or your personal data, contact us at privacy@thehightable.international.
We collect personal data only where we have a lawful basis for doing so.
| Data | Context |
|---|---|
| Email address (or phone number) | Account access, critical notifications |
| Codename | Your in-Service identity |
| Profile survey (transport, postal sector, languages, availability) | Mission routing and matching |
| Accessibility notes | Avoid unsuitable contracts |
| Entry Statement | Shown on your public Dossier |
| Dossier Portrait (face-obscured composite) | Member identification inside the Service |
| Voice recording of the Oath | Rite of Entry threshold; accessible only to you |
| Comms message content | Member-to-member communication (encrypted; 24h default burn) |
| Payment information | Quiver purchases (processed by Stripe; we do not store card data) |
| Data | Context |
|---|---|
| IP address | Server access logs, fraud prevention |
| Browser / device type and OS | Compatibility, fraud prevention |
| Pages visited, time spent | Analytics (see Cookie Policy) |
| Referrer URL | Analytics |
| Vote and endorsement records | Council mechanics · audit |
| IRL geofence events (only when a mission is active) | Mission proof-of-presence |
| Cookie identifiers | See Cookie Policy |
| Processing activity | Legal basis |
|---|---|
| Providing the Service (accounts, missions, Comms, economy) | Performance of a contract (Art. 6(1)(b)) |
| Processing payments for Quivers | Performance of a contract (Art. 6(1)(b)) |
| Sending service notifications | Performance of a contract (Art. 6(1)(b)) |
| Accessibility notes | Explicit consent (Art. 6(1)(a)) |
| IRL geofence (per-mission) | Explicit consent at mission start (Art. 6(1)(a)) |
| Marketing communications (if opted in) | Consent (Art. 6(1)(a)) |
| Security monitoring and fraud prevention | Legitimate interests (Art. 6(1)(f)) |
| Legal compliance (accounting, lawful requests) | Legal obligation (Art. 6(1)(c)) |
| Legal agreement acceptance log | Legal obligation (Art. 6(1)(c)) |
What we don't do: we do not sell your personal data; we do not share your data with advertising networks; we do not use your data for automated profiling that produces legal or similarly significant effects; we do not process biometric facial data.
We share personal data only with service providers acting as data processors on our behalf — all bound by GDPR Article 28 data processing agreements. We share with legal authorities only where required by law.
All personal data processed through the Service is stored and processed within the European Economic Area. Where any third-party processor is outside the EEA, we apply the European Commission's Standard Contractual Clauses and conduct transfer impact assessments. You may request a copy of the relevant transfer mechanism from our DPO.
Summary retention periods (see the Retention policy for the full schedule):
| Data | Retention |
|---|---|
| Account data (active) | Life of account + 30 days |
| Comms messages | 24h burn (default) · configurable to 48h / 72h · metadata 30 days |
| Vote and endorsement records | Current cycle + 90 days, then archival |
| Dossier portrait and Oath recording | Life of account · crypto-shredded on burn |
| Payment records | 7 years (tax and accounting law) |
| Server access logs | 90 days |
| Legal acceptance log | Indefinite (legal obligation) |
| Marketing consent records | Until consent withdrawn + 36 months |
To exercise any right, contact privacy@thehightable.international. We respond within 30 days. No charge for requests. Identity verification may be required.
You may also lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) at aki.ee, or the supervisory authority in your country of residence.
TLS 1.2+ encryption in transit. AES-256 encryption at rest. Role-based access with MFA. Regular penetration testing. End-to-end encryption for Comms with 24-hour default burn. Stripe webhook signature validation. LiveKit tokens issued server-side only. GDPR Article 33 breach notification procedure maintained. See also the GDPR Compliance page.
The Service is strictly for adults aged 18 and over. We do not knowingly collect data from minors. If at any time we have reasonable grounds to believe that an account holder is under 18, we will suspend the account pending review and, if confirmed, delete it together with the associated personal data.
Material changes will be communicated by email (for registered Members) and by updating the "Last updated" date. Continued use after notice constitutes acceptance.
Data Controller: Samarkand Industries OÜ · Narva mnt 5, 10117 Tallinn, Estonia · privacy@thehightable.international
Estonian supervisory authority: Andmekaitse Inspektsioon · Tatari 39, 10134 Tallinn · aki.ee