Restaurant Connection Agreement

Product: Qastio

Operator: CHATROOM DOO BEOGRAD

Website: https://menuwithai.com/

Version: v1.0

Publication date: 13 May 2026

Status: Final Website Version

Classification: Public / Website Legal Document

Governing law: Republic of Serbia

Operator Details

Contents

1. Parties and Acceptance

This Restaurant Connection Agreement governs the connection of any Restaurant to the Qastio platform operated by CHATROOM DOO BEOGRAD. The Restaurant is the business entity identified in the applicable Restaurant onboarding form, dashboard account, connection confirmation, signed order form or other activation record. The person accepting this Agreement confirms authority to bind that Restaurant.

Acceptance may occur by signature, electronic confirmation, dashboard acceptance, activation of the Restaurant account, POS/API connection, QR menu publication, order processing, participation in procurement, or other actual use of the Platform by the Restaurant.

2. Subject Matter

The Operator provides selected Platform functions to the Restaurant, which may include Restaurant profile, QR menu, table ordering, pickup ordering, dashboard, order routing, POS/API integration, menu synchronisation, stop-list synchronisation, analytics, procurement tools, Supplier access and the voluntary payment module if separately enabled.

3. Free Basic Digital Layer

The basic digital layer is free of charge to the Restaurant to the extent expressly offered as free by the Operator in the dashboard, connection confirmation or published plan. Free functionality may include Restaurant profile, QR menu, basic order routing and basic dashboard tools. Free access does not include paid promotion, custom development, premium analytics, special support, procurement fees, PSP fees, payment-module service fees or other features expressly identified as paid.

The Restaurant may stop using the basic digital layer at any time unless active orders, procurement obligations, payment disputes, evidence preservation or a separate agreement require continued cooperation for a limited period.

4. Restaurant Obligations

• Maintain accurate menus, prices, descriptions, allergens, availability, taxes and legal notices.
• Process incoming orders in a timely manner and train staff to use the Platform.
• Maintain backup ordering channels for outages, POS failures, network issues or staff errors.
• Comply with food safety, consumer protection, fiscal, tax, advertising, labour and data-protection obligations.
• Provide lawful access to POS/API and ensure that the Restaurant has the right to share relevant menu, order, stop-list, SKU, sales and operational data.
• Avoid false orders, manipulation of analytics, circumvention of the Platform, data scraping or misuse of Supplier/Restaurant information.
• Notify the Operator of ownership change, closure, POS change, login compromise, safety issue or material operational change.
• Use only Authorised Guest-Facing QR Codes in guest-facing areas and comply with Clause 4A on QR code safety and authorised digital access points.

4A. QR Code Safety and Authorised Guest-Facing Digital Access Points

For the purposes of this Agreement, “Authorised Guest-Facing QR Code” means any QR code, NFC tag, table tent, sticker, printed link, digital access point or similar guest-facing access method placed in the Restaurant for menu viewing, ordering, payment, loyalty, feedback, promotion or any other digital interaction, which is either (a) provided by the Operator, (b) owned and controlled by the Restaurant and declared to the Operator upon request, or (c) expressly approved in writing by the Operator.

In order to protect Guests against phishing, link substitution, unauthorised data collection, payment fraud, incorrect ordering flows and other digital-security risks, the Restaurant shall ensure that tables, table tents, printed menus, stickers, counters, guest seating areas and other guest-facing materials contain only Authorised Guest-Facing QR Codes.

The Restaurant may display: (a) QR codes provided by the Operator; (b) the Restaurant’s own QR codes leading to its official website, application, menu, ordering system, loyalty programme, payment page or other digital service owned or controlled by the Restaurant; and (c) any other QR codes that have been approved in advance in writing by the Operator.

The Restaurant shall not place, replace, cover, mask, distribute or allow the placement of QR codes, NFC tags, stickers, table tents, printed links or other guest-facing digital access points belonging to or controlled by third parties without the Operator’s prior written approval. This includes, without limitation, QR codes of external marketing services, aggregators, intermediaries, advertising platforms, unauthorised payment pages, unknown or shortened links, third-party menus, unauthorised data-collection forms or other digital resources that are not controlled by the Restaurant or the Operator.

Upon the Operator’s request, the Restaurant shall promptly provide the domain, target URL, purpose, owner and security details of any guest-facing QR code or other digital access point displayed at the Restaurant. The Operator may require immediate removal, replacement or disabling of any QR code or digital access point that creates or may create a risk to Guests, orders, payments, personal data, Platform security, brand trust or the Operator’s reputation.

This clause does not restrict QR codes that are mandatory under applicable law, fiscal requirements, government authority requirements, sanitary requirements or payment provider rules, provided that such QR codes are used strictly for their mandatory purpose and do not create a risk of phishing, order substitution, unauthorised data collection, payment fraud, Platform circumvention or misleading Guests.

Any breach of this clause constitutes a material breach of this Agreement. The Operator may require immediate removal of unauthorised QR codes or digital access points, suspend or limit the Restaurant’s connection, disable order routing, hide the Restaurant from the Platform, exclude the Restaurant from active Platform operation and/or terminate this Agreement, without prejudice to any other rights or remedies available to the Operator.

5. POS/API and Data Access

Where POS/API integration is enabled, the Restaurant authorises the Operator to access and process the information reasonably required for the selected functions, including menu, prices, modifiers, availability, orders, statuses, stop-list, SKU-level data, sales analytics, procurement volumes, supplier data, purchase prices, inventory and technical logs, subject to the Data Access Appendix and applicable law.

The Restaurant is responsible for obtaining any POS-provider permissions, licences, API credentials and internal approvals required for the integration. The Operator is not responsible for POS-provider downtime, API changes, licence limits, credential errors or third-party restrictions.

6. Procurement Participation

Procurement participation is voluntary unless a specific procurement order has been accepted. A Restaurant request, expression of interest or reservation does not create a binding procurement order until the relevant offer, price, quantity, delivery conditions, payment terms and Supplier confirmation are accepted through the Platform or another procurement document.

7. Voluntary Payment Module

The online payment module is optional. The Restaurant may enable or disable it at its own discretion, subject to PSP onboarding, KYC/KYB, technical availability and the Payment Module Terms. The 1% Qastio platform service fee applies only to successful Guest payments processed through the voluntary payment module, unless another written rate is agreed. Disabling the module applies only to future orders and does not cancel existing payment, refund, chargeback, tax, evidence or fee obligations.

8. Liability and Indemnity

The Restaurant remains responsible for food quality, preparation, prices, allergen information, fiscal receipts, consumer refunds, customer service, staff actions, lawful POS access, tax treatment and any claims arising from its business. The Restaurant shall indemnify the Operator against claims, fines, chargebacks, refunds, costs and losses caused by Restaurant data errors, food issues, unlawful content, unauthorised POS access, failure to fulfil orders, consumer complaints or breach of this Agreement.

9. Termination and Suspension

The Operator may suspend or limit access where there is a security risk, suspected fraud, breach, unlawful content, repeated complaints, non-payment of due fees, POS misuse, data risk, regulatory risk, consumer risk or reputational risk. Termination does not affect accrued payment, procurement, confidentiality, data, evidence, refund, chargeback or liability obligations.

For clarity, breach of Clause 4A on QR code safety and authorised guest-facing digital access points is deemed a security, consumer-protection, data-protection and reputational risk and may justify immediate suspension, limitation, hiding of the Restaurant from the Platform, exclusion from active Platform operation or termination under this Clause 9.

Final Disclaimer

This document forms part of the Qastio legal documentation made available by the Operator. It does not limit any mandatory rights granted to users under applicable law. Where a specific onboarding, payment, procurement, POS/API integration or supplier arrangement is governed by an additional accepted document, that document applies together with this document and prevails within its specific scope.