Legal

Privacy Policy

Last updated: April 1, 2026

At RestroAgent, your privacy matters. This policy explains how we collect, use, and protect your information when you use our platform.

1. Information We Collect

We collect information you provide directly to us, such as when you create an account (name, email, password), set up your restaurant profile (restaurant name, address, cuisine type, phone number), upload menus and knowledge base documents, and contact our support team. We also collect usage data automatically, including log data, device information, IP addresses, pages visited, and features used. Payment information is processed by our third-party payment processor and we do not store full card details.

2. Customer Data (Your Restaurant's Data)

When your AI agent interacts with your customers, we process that conversation data on your behalf. This "Customer Data" — including customer names, phone numbers, order details, and conversation transcripts — belongs to you. We act as a data processor, not a data controller, for Customer Data. We process it only to provide the Service and do not use it for our own purposes, including training our AI models, without your explicit consent.

3. How We Use Your Information

We use the information we collect to: provide, maintain, and improve the Service; process transactions and send related information; send technical notices, updates, security alerts, and support messages; respond to comments and questions; monitor and analyze usage patterns to improve the Service; detect and prevent fraud and abuse; and comply with legal obligations.

4. Information Sharing

We do not sell, trade, or rent your personal information to third parties for marketing purposes. We may share information with: service providers who assist in our operations (hosting, payment processing, analytics) under confidentiality agreements; business partners with your consent; law enforcement when required by law; and in connection with a merger, acquisition, or sale of assets (with notice to you).

5. Data Retention

We retain your account data for as long as your account is active or as needed to provide the Service. Conversation transcripts are retained for 90 days by default; you can configure this in your account settings. Call recordings (if enabled) are retained for 30 days unless you specify otherwise. Upon account cancellation, we delete your data within 30 days. You can request deletion at any time.

6. Security

We implement industry-standard security measures including TLS 1.3 encryption for data in transit, AES-256 encryption for data at rest, regular security audits, and role-based access controls. We are SOC 2 Type II certified. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

7. Your Rights

Depending on your location, you may have rights to: access the personal information we hold about you; correct inaccurate data; request deletion of your data; restrict or object to processing; data portability; and withdraw consent. To exercise these rights, contact us at privacy@restroagent.com. We will respond within 30 days.

8. GDPR Compliance

For users in the European Economic Area (EEA), we process your data under the following legal bases: contract performance (to provide the Service you signed up for), legitimate interests (to improve the Service and prevent fraud), consent (for marketing communications), and legal obligation. You have the right to lodge a complaint with your local data protection authority.

9. Cookies

We use cookies and similar tracking technologies. For detailed information, please see our Cookie Policy. You can control cookie settings through your browser or our cookie consent tool.

10. Children's Privacy

The Service is not directed to children under 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected such information, we will delete it promptly.

11. International Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses where required.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service at least 30 days before they take effect. Continued use of the Service constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact our Data Protection Officer at privacy@restroagent.com. For requests related to your personal data, please use the privacy request form in your account settings.

Questions about your privacy or data?