Privacy Policy

Last updated: April 2026

1. Information We Collect

DineAI collects information necessary to provide our AI phone receptionist service to your restaurant. This includes:

  • Account information: name, email, restaurant name, phone number
  • Payment information: processed securely through Stripe (we never store card numbers)
  • Call data: recordings, transcripts, and call metadata for orders placed through our AI
  • POS integration credentials: stored encrypted and used only to sync orders
  • Usage data: call volume, order counts, and feature usage for billing and analytics

2. How We Use Your Information

  • To provide and improve our AI phone receptionist service
  • To process payments and manage your subscription
  • To sync orders to your connected POS system
  • To provide customer support and respond to inquiries
  • To send service-related notifications (billing, updates, security alerts)
  • To improve our product through anonymized usage analytics

3. Data Storage and Security

Your data is stored on secure servers hosted by Supabase (AWS infrastructure) in the United States. We implement industry-standard security measures including:

  • Encryption at rest and in transit (TLS 1.3)
  • Row-level security policies on all database tables
  • Regular security audits and access controls
  • POS credentials encrypted using application-level encryption

4. Call Recordings

Call recordings and transcripts are stored for the duration specified by your plan (7, 30, or 90 days) and automatically deleted afterward. You may request early deletion of any call recordings at any time by contacting our support team.

5. Third-Party Services

DineAI integrates with the following third-party services:

  • Stripe: payment processing (governed by Stripe's privacy policy)
  • Retell AI: voice AI processing (governed by Retell's privacy policy)
  • Supabase: database and authentication (governed by Supabase's privacy policy)
  • Square, Toast, Clover: POS integrations (governed by each provider's privacy policy)

6. Your Rights (GDPR / CCPA)

You have the right to:

  • Access all personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data (with a 30-day grace period)
  • Export your data in a portable format
  • Object to processing of your data for specific purposes

To exercise any of these rights, contact us at privacy@trydineai.io.

7. Data Retention

We retain your account data for as long as your subscription is active. Upon account deletion, we initiate a 30-day grace period after which all personal data, call recordings, transcripts, and order data are permanently deleted. Anonymized aggregate statistics may be retained for product improvement.

8. Contact

For privacy-related questions or concerns, contact us at privacy@trydineai.io or visit our contact page.