Foreva AI Foreva AI
Back to Home

Privacy Policy

Your privacy is fundamental to everything we do. Learn how Foreva AI protects and handles your data with transparency and care.

Last Updated: January 2025 Effective Date: January 2025

Quick Navigation

Overview
Data We Collect
How We Use Data
Voice AI Processing
Data Sharing
Data Processing Roles
Your Rights
European Rights (GDPR)
California Rights (CCPA)
Data Security
Contact Us

Overview

Foreva AI provides AI-powered voice ordering solutions for restaurants through our platform, Square POS integration, Clover POS integration, and SDK for partners. This Privacy Policy explains how we collect, use, protect, and share information when you use our services.

We are committed to transparency and protecting your privacy while providing excellent restaurant voice AI services.

Data We Collect

Restaurant Owner & Staff Information

  • Account information (name, email, phone number, business name)
  • Restaurant details (menu items, pricing, location, hours)
  • Square POS integration data (create orders, payment link)
  • Clover POS integration data (create orders)
  • Usage analytics and performance metrics

POS Integration Data (Square & Clover)

  • Payment transaction information (card details, amounts, timestamps) if payment is enabled
  • Customer contact data (name, phone)

Customer Voice Data

  • Voice recordings and transcriptions for order processing
  • Order history and preferences
  • Phone numbers (for callback and order confirmation)

Partner/Developer Data

  • API usage data and integration metrics
  • Technical integration information
  • Billing and subscription information

Technical Data

  • IP addresses, browser types, device information
  • Cookies and tracking technologies
  • Website usage analytics and performance data

Voice AI Processing

Our AI processes voice data to understand customer orders and provide fast, accurate service:

  • Voice Processing: Audio processed in real-time to transcribe and fulfill orders
  • Data Improvement: We use aggregated, anonymous data to improve service quality
  • Order History: Helps provide faster service and better recommendations

Privacy First: Voice recordings are deleted after order completion. We never store personal conversations.

How We Use Your Data

Service Delivery

  • • Process and fulfill customer orders
  • • Integrate with Square POS systems
  • • Provide customer support
  • • Send order confirmations and updates

Platform Improvement

  • • Enhance AI accuracy and performance
  • • Develop new features
  • • Analyze usage patterns
  • • Prevent fraud and abuse

Business Operations

  • • Process payments and billing
  • • Account management
  • • Legal compliance
  • • Business analytics

Communications

  • • Service updates and announcements
  • • Technical support
  • • Marketing (with consent)
  • • Security notifications

Data Sharing

We only share your data in specific, limited circumstances:

Categories of Service Providers

We work with the following categories of service providers who process data on our behalf under strict contractual obligations. We do not disclose, share, rent, or sell your personal information to third parties for their own marketing or commercial purposes.

POS Platform Providers

Examples: Square, Clover (Fiserv)

Data Processed: Menu data, order information, payment transactions (data flows between your POS and our service)

Purpose: To enable integration with your existing POS system for order synchronization

Payment Processors

Examples: Stripe, Square Payments, Clover Payments

Data Processed: Payment card information, transaction amounts (processed directly by payment processor)

Purpose: To securely process payments through your chosen POS platform

Cloud Infrastructure Providers

Examples: Amazon Web Services (AWS), Google Cloud Platform

Data Processed: All service data (hosted in secure cloud infrastructure)

Purpose: To provide secure hosting, storage, and computing resources

AI & Voice Processing Services

Examples: Speech recognition APIs, natural language processing services

Data Processed: Voice audio, transcriptions (used only for order processing)

Purpose: To convert voice to text and process natural language for order taking

Communications Infrastructure

Examples: Telephony carriers, SMS gateways, email delivery services

Data Processed: Phone numbers, message content (transmitted only for service delivery)

Purpose: To handle incoming calls and send order confirmations

Analytics & Performance Monitoring

Examples: Application monitoring, error tracking services

Data Processed: Anonymized usage data, performance metrics, error logs

Purpose: To monitor service health, identify bugs, and improve performance

Important: All service providers listed above are bound by strict data processing agreements and are prohibited from using your data for any purpose other than providing their specific service to us. They cannot sell, share, or use your data for their own purposes.

Limited Disclosure Circumstances

We may only disclose personal information in the following limited circumstances:

With Your Explicit Consent

When you specifically direct us to share information with a third party (e.g., integrating with a delivery service at your request)

Legal Compliance

When required by law, court order, subpoena, or to comply with legal process

Business Transfers

In connection with a merger, acquisition, or sale of assets (with appropriate safeguards and notification)

Protection of Rights

To protect our legal rights, prevent fraud, or ensure safety when we have a good faith belief it's necessary

We Never: Sell your personal data to third parties or use it for advertising purposes outside our platform.

Data Processing Roles

When you use our services, we act in different data processing capacities depending on how we handle your information:

Service Provider Role

For data processed through POS integrations (Square, Clover), we act as a service provider or data processor:

  • • We process merchant and customer data solely to provide our voice AI services
  • • We do not use this data for separate commercial purposes
  • • We do not "sell" personal information as defined by CCPA
  • • Data collection is limited to activities reasonably necessary and proportionate to our services
  • • We assist merchants with data subject requests and compliance obligations

Data Controller Role

For restaurant owner accounts and direct service usage, we act as a data controller:

  • • We determine how your account information is processed
  • • We handle your service preferences, billing, and support communications
  • • We make decisions about data retention and security measures

Important: Restaurant owners remain responsible for their own data protection obligations to their customers. Our service helps facilitate compliance but does not replace your legal responsibilities.

Your Privacy Rights

You have control over your personal data. Contact us anytime to exercise these rights:

  • Access: Request a copy of your data
  • Correct: Update inaccurate information
  • Delete: Request deletion of your data
  • Export: Download your data

European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

Your GDPR Rights

  • Right to Access: Obtain confirmation of data processing and a copy of your data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restriction: Limit how we process your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time
  • Right to Lodge a Complaint: File a complaint with your data protection authority

Legal Basis for Processing

We process your personal data based on:

  • Contract Performance: To provide our services as agreed
  • Legitimate Interests: To improve our services, prevent fraud, and ensure security
  • Legal Obligations: To comply with applicable laws and regulations
  • Consent: For marketing communications and optional features

Data Retention

We retain personal data only as long as necessary for the purposes described in this policy:

  • • Account data: Duration of your subscription plus 30 days
  • • Transaction records: 7 years for tax and legal compliance
  • • Voice recordings: Deleted after order completion (typically within 24 hours)
  • • Support communications: 3 years after case closure

International Data Transfers

Your data may be transferred to and processed in countries outside the EEA, including the United States. We ensure appropriate safeguards are in place, including:

  • • Standard Contractual Clauses approved by the European Commission
  • • Data Processing Agreements with all service providers
  • • Security measures equivalent to GDPR requirements

EU Representative: For GDPR-related inquiries, contact us at support@foreva.ai with "GDPR Request" in the subject line.

California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

Your California Rights

  • Right to Know: Request disclosure of personal information we collect, use, and share
  • Right to Delete: Request deletion of personal information we collected from you
  • Right to Opt-Out: Opt out of the "sale" of personal information (Note: We do not sell personal information)
  • Right to Non-Discrimination: Equal service and pricing regardless of privacy rights exercise

Categories of Personal Information We Collect

Category Examples Collected
Identifiers Name, email, phone, IP address
Commercial Information Purchase records, payment history
Biometric Information Voice recordings (for order processing)
Internet Activity Website usage, API calls
Geolocation Data Restaurant location, IP location
Professional Information Business details, employee data
Inferences Customer preferences, behavior patterns

How to Exercise Your Rights

To submit a verifiable consumer request, contact us at:

  • • Email: support@foreva.ai with "CCPA Request" in the subject line
  • • Include: Your name, email address, and description of your request
  • • Verification: We may ask for additional information to verify your identity
  • • Response Time: We will respond within 45 days of receiving your request

Sale of Personal Information

We do not sell personal information. In the preceding 12 months, we have not sold any personal information of consumers, including minors under 16 years of age.

Authorized Agents: California residents may designate an authorized agent to make requests on their behalf. The agent must provide written authorization signed by the consumer.

Data Security

We implement industry-standard security measures to protect your data:

Encryption

End-to-end encryption for data in transit and at rest

Access Control

Multi-factor authentication and role-based permissions

Monitoring

24/7 security monitoring and incident response

Questions About Privacy?

support@foreva.ai

For privacy questions, data requests, and all support needs

Updates: We may update this policy as our services evolve. We'll notify you of any significant changes via email.