Skip to main content

How Ande Handles Your Data and Your Clients' Data

How customer data is collected, used, and protected — including data from clients who came in outside the Ande ecosystem, card details, Tripleseat data, and SOC 1 / SOC 2 compliance.

M
Written by Michelle Smith

Common questions about data privacy and security when using Ande payment links — including for clients who came to your venue outside the Ande ecosystem.

What customer data does Ande collect, and how is it used?

Customer data is only collected when it's shared through the platform, and it's used strictly for transaction records and platform functionality — it is never sold or commercially exploited. Beyond surfacing helpful insights back to your venue (for example, your top corporate clients), it isn't used for anything else.

Does Ande store card details?

No. Ande never stores card details. All card data is handled by our PCI-compliant payment processor (Checkout). Anything stored on Ande's end is kept securely.

Does our Tripleseat data become Ande's data?

No. The Tripleseat payment records you see in your venue portal are there for visibility only — they're read-only and pulled live from Tripleseat each time you view the page. Ande does not repurpose your Tripleseat data beyond showing it back to you. See Understanding Payment Amounts in Ande.

What about clients who didn't come through Ande?

The same protections apply. When you send an Ande payment link to a client who came to your venue outside the Ande ecosystem, their data is handled exactly as described above — collected only through the platform, used only for the transaction, never sold.

Is Ande security-compliant?

Yes. Ande has completed SOC 1 and SOC 2. Payment processing is PCI-compliant via our processor. Our public Terms of Service are available at ande.ai/terms. If your team needs formal compliance documentation, contact your Ande account manager.

Did this answer your question?