Privacy Policy

DishPatch, Inc. ("DishPatch," "we," "our," or "us") respects the privacy of our restaurant partners, their customers, and website visitors. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our AI phone ordering platform and related services.

1. Information We Collect

Restaurant Account Data: When you sign up, we collect business name, contact details, billing information, and menu data you provide to configure your AI host.

Call & Conversation Data: We record and transcribe phone calls handled by the DishPatch AI for the purpose of order processing, quality assurance, and service improvement. Call recordings are retained for 90 days unless you request earlier deletion.

Order Data: We process and store order details — items, modifiers, pricing, and allergy flags — to fulfill kitchen ticket delivery and provide you with order history.

Usage Data: We automatically collect information about how you interact with our dashboard, including IP address, browser type, pages visited, and timestamps.

2. How We Use Your Information

• To operate, maintain, and improve the DishPatch platform
• To process orders and deliver kitchen tickets to your system
• To send transactional communications (receipts, service alerts)
• To provide customer support
• To train and improve our AI models using anonymized, aggregated data
• To detect fraud and ensure platform security

3. Data Sharing

We do not sell your personal information or your customers' information. We share data only with: (a) service providers necessary to operate our platform bound by confidentiality agreements; (b) law enforcement when required by valid legal process; (c) successors in connection with a merger or acquisition, with advance notice to you.

4. Data Retention

We retain restaurant account data for the duration of your subscription plus 2 years. Call recordings are kept for 90 days. Order data is retained for 3 years. You may request deletion of your data at any time by contacting [email protected].

5. Security

We implement TLS 1.3 encryption in transit, AES-256 encryption at rest, SOC 2 Type II compliance, and regular third-party penetration testing. See our Security page for full details.

6. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or export your data. To exercise these rights, contact [email protected]. We respond to all requests within 30 days.

7. Cookies

Our website uses strictly necessary cookies for authentication and session management, and optional analytics cookies. You may disable optional cookies in your browser settings without affecting core functionality.

8. Changes to This Policy

We will notify you of material changes via email or dashboard notice at least 14 days before the change takes effect.

9. Contact

Questions? Contact our Data Protection Officer at [email protected].