Does Your Restaurant Website Meet the Rules?
Reservation forms collect personal data. Google Maps embeds leak visitor IPs. Menu PDFs might contain unlicensed photos. Most restaurant owners have no idea their website has these issues.
Common issues for restaurants & cafes
Reservation data is personal data
Names, emails, phone numbers and dietary preferences collected through booking forms all fall under GDPR. You need a privacy policy that covers this.
Google Maps shares visitor data with Google
That embedded map showing your location sends every visitor's IP address to Google. A German court ruled this violates GDPR without consent.
Menu photos might be copyrighted
Food photos pulled from the internet or provided by a designer without proper licensing can trigger demand letters from agencies like Getty or CopyTrack.
Delivery platform tracking pixels
If you use Uber Eats, Deliveroo or Thuisbezorgd integrations, their tracking scripts may fire before cookie consent.
4
Key issues
4
Areas checked
10
Guides
Real-world enforcement
A Munich court ruled in January 2022 that loading Google Fonts from Google servers violates GDPR — a feature used by most restaurant website templates. The ruling awarded €100 per affected visitor, triggering mass claims across Germany. In the Netherlands, the Autoriteit Persoonsgegevens has fined hospitality businesses for collecting reservation data without adequate privacy policies.
Official resources
We run the same complete check on every website. The guides below highlight which issues come up most often for each type of business.
Guides for restaurants & cafes
GDPR for Restaurant Websites: A Practical EU Guide
GDPR for EU restaurants: reservation systems, Google Maps embeds, menu photo rights and delivery widget trackers. Four fixes that close most of the risk.
Restaurant Website Accessibility: Menu, Booking & Ordering
Restaurant accessibility: your website menu, booking form and ordering system must be accessible under the EAA. Here's what to fix.
Google Maps Embed and GDPR: The Compliance Problem
Embedding Google Maps sends visitor IP addresses and browsing data to Google without consent. Here are GDPR-compliant alternatives.
Cookie Banner Requirements Under EU Law (2026 Guide)
Cookie banner requirements in the EU 2026: reject equal to accept, no dark patterns, prior consent. EDPB Guidelines 05/2020 explained.
Safe Free Stock Photos for Irish Business Websites
Free image sources that are actually safe for Irish business websites, what the licences allow, and how the Irish Copyright and Related Rights Act 2000 fits.
GDPR compliance checklist for Irish businesses (2026)
GDPR compliance checklist for Irish businesses. DPC enforcement, DPA 2018, ePrivacy Regs 2011, CRO disclosure, cookie consent and processor agreements.
Accessibility Statement Template for Irish Businesses
What an accessibility statement must contain for an Irish business website under S.I. 636 of 2023, where to point complainants, and a template you can adapt.
AI-Built Website Liability in Ireland
Your developer used Cursor or Lovable. If the site breaks GDPR or cookie law, the DPC enforces against you. What the AI Act and 9 Dec 2026 change.
AI-Generated Code and Open-Source Licences (Ireland)
Copilot or Cursor wrote GPL code into your site. The site operator distributes it, not the AI. What Doe v. GitHub decided and what to do about it.
AI-Generated Images on Irish Business Websites (2026)
Article 50(4) of the AI Act applies 2 Aug 2026. The four risk layers an Irish SMB should check before publishing AI-generated images on a website.
Check your restaurants & cafes website now
150+ checks across GDPR, copyright, accessibility, security and more. No account needed.
I understand this is a technical scan, not legal advice, and I accept the Terms.