Skip to main content

PRIVACY POLICY

How we handle your information.

We collect what we need to make the platform work for you — and nothing more.

Last updated: June 16, 2026

Who we are

The Ashton Standard is operated by The Ashton Standard, LLC ("we," "us," or "our"). We provide a service standards platform for fine-dining restaurants and the hospitality professionals who work in them.

If you have questions about this policy or your data, write to us at hello@ashtonstandard.com.

What we collect

When you create an account or use The Ashton Standard, we collect:

  • Account information — your name, email address, password (encrypted), and the role you signed up for (worker or restaurant).
  • Profile information — anything you choose to add to your profile, including work history, skills, credentials, photos, and bio text. For restaurants, this includes restaurant name, location, cuisine, and team details.
  • Content you upload — SOPs, training modules, lesson content, quiz questions, and any documents or images you add to the platform.
  • Usage data — pages you visit, features you use, and actions you take. We use this to improve the platform and to troubleshoot issues.
  • Technical data — your IP address, browser type, device information, and similar diagnostic data. We use this for security and performance monitoring.
  • Communications — messages you send us through contact forms, support tickets, or email.

We do not collect payment information directly; if and when payments are added, they will be processed through a third-party payment processor (such as Stripe) under their own privacy policies.

How we use your information

We use your information to:

  • Operate and improve the platform
  • Authenticate your account and keep it secure
  • Display your profile and content to authorized viewers (other team members, the public if you make your profile public)
  • Send you transactional emails (account confirmations, invitations, training reminders)
  • Send you product updates and announcements (you can opt out anytime)
  • Troubleshoot issues and provide support
  • Detect and prevent fraud, abuse, and security threats
  • Comply with legal obligations

We do not sell your personal information. We do not train external AI models on your private content without your explicit permission.

Who we share information with

We share information only as needed to operate the service:

  • Other users on your team — Restaurants can see their team members' profiles, training progress, and certifications. Team members can see basic restaurant information.
  • The public — If you choose to make your worker profile public, the information you've designated as public will be visible to anyone with the link.
  • Service providers — We use trusted third parties for hosting (Supabase), email delivery (Resend), error monitoring (Sentry), and analytics (PostHog, Vercel Analytics). Each is bound by their own privacy obligations and processes data only as needed to provide their services.
  • Legal requirements — If required by law, court order, or to protect the safety of users or the public, we may share information with authorities.
  • Business transfers — If the company is acquired or merged, your information may be transferred to the new entity, subject to this policy.

How we protect your data

We use industry-standard security practices including encryption in transit and at rest, role-based access controls, and regular security reviews. Our hosting provider (Supabase) is SOC 2 Type 2 certified. We work with a security-conscious development practice and address vulnerabilities promptly.

No system is perfectly secure. If we become aware of a data breach affecting your information, we will notify you and any required regulators promptly.

Your rights

You have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate information
  • Delete your account and your data
  • Export your data in a portable format
  • Opt out of marketing communications
  • Object to certain uses of your information

To exercise any of these rights, email hello@ashtonstandard.com. We will respond within 30 days.

Depending on where you live, additional rights may apply under laws like the California Consumer Privacy Act (CCPA) or the EU General Data Protection Regulation (GDPR). We honor these rights for residents of those regions.

Data retention

We retain your information for as long as your account is active or as needed to provide the service. If you delete your account, we will delete your personal information within 90 days, except where we are required to retain it for legal, accounting, or security reasons.

Children

The Ashton Standard is intended for users who are 16 years of age or older. We do not knowingly collect information from anyone under 16. If you believe we have collected information from a minor, contact us and we will delete it.

Changes to this policy

We may update this policy as the product and the law evolve. When we make material changes, we will notify users by email and update the "Last updated" date at the top of this page. Continued use of the platform after changes means you accept the updated policy.

Contact us

For any questions about this policy or how we handle your information, write to:

hello@ashtonstandard.com

The Ashton Standard, LLC