Privacy Policy

1. Introduction

Sundae.io. ("Sundae," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered decision intelligence platform for restaurants and hospitality businesses.

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. This policy applies to all information collected through our website, mobile applications, and any related services.

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you voluntarily provide to us when you:

• Create an account or register for our services
• Contact us directly or request customer support
• Participate in surveys, promotions, or events
• Provide feedback or testimonials
• Connect third-party services to our platform

This information may include your name, email address, phone number, company information, job title, and any other information you choose to provide.

2.2 Restaurant and Business Data

As part of our services, we collect and process business data from your restaurant operations, including:

• Sales and transaction data from POS systems
• Employee and payroll information
• Inventory and supply chain data
• Customer feedback and reviews
• Operational metrics and performance indicators
• Financial and accounting data

2.3 Automatically Collected Information

When you access or use our Services, we automatically collect certain information, including:

• Device information (IP address, browser type, operating system)
• Usage data (pages visited, features used, time spent)
• Log data (access times, error reports, diagnostic data)
• Location information (with your consent)
• Cookies and similar tracking technologies

3. How We Use Your Information

We use the information we collect for various purposes, including to:

• Provide, maintain, and improve our Services
• Process and analyze your restaurant data to generate insights
• Deliver AI-powered recommendations and predictions
• Create benchmarking reports and analytics
• Personalize your experience and customize features
• Communicate with you about updates, features, and services
• Provide customer support and respond to inquiries
• Monitor and analyze usage patterns and trends
• Detect, prevent, and address technical issues or security threats
• Comply with legal obligations and enforce our agreements

4. Information Sharing and Disclosure

We do not sell your personal information to third parties. We may share your information in the following circumstances:

4.1 With Your Consent

We may share your information when you explicitly consent to such sharing, such as when you authorize us to connect with third-party services or share insights with business partners.

4.2 Service Providers

We may share your information with trusted third-party service providers who assist us in operating our business, such as:

• Cloud hosting and infrastructure providers
• Payment processing services
• Customer support and communication tools
• Analytics and data processing services
• Security and fraud prevention services

These providers are contractually obligated to protect your information and use it only for the purposes for which it was disclosed.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities, such as to:

• Comply with a subpoena, court order, or other legal process
• Protect our rights, property, or safety, or that of our users
• Investigate or prevent fraud or illegal activities
• Respond to government or regulatory requests

4.4 Business Transfers

If Sundae is involved in a merger, acquisition, or sale of all or a portion of its assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

5. Data Security

We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Secure data storage and backup procedures
• Access controls and authentication mechanisms
• Regular security assessments and monitoring
• Employee training on data protection practices
• Incident response and breach notification procedures

Despite our efforts, no security measures are perfect or impenetrable. We cannot guarantee the absolute security of your information.

6. Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

When you close your account, we will delete or anonymize your personal information within 90 days, except where retention is necessary for:

• Compliance with legal obligations
• Resolution of disputes or enforcement of agreements
• Fraud prevention and security purposes
• Backup and disaster recovery

7. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information, including:

• Access: Request a copy of your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Request transfer of your information to another service
• Opt-out: Opt out of certain uses of your information
• Restriction: Restrict processing of your information

To exercise these rights, please contact us at privacy@sundae.ai. We will respond to your request within the timeframes required by applicable law.

8. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your jurisdiction. We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards to protect your information.

If you are located in the European Economic Area (EEA) or other regions with data protection laws, we will ensure that your information receives an adequate level of protection through:

• Standard contractual clauses approved by the European Commission
• Adequacy decisions for certain countries
• Binding corporate rules where applicable

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Services and hold certain information. Cookies are files with small amount of data which may include an anonymous unique identifier.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Services.

We use cookies for the following purposes:

• Essential cookies for website functionality
• Analytics cookies to understand usage patterns
• Preference cookies to remember your settings
• Marketing cookies to deliver relevant content

10. Third-Party Links and Services

Our Services may contain links to third-party websites or services that are not owned or controlled by Sundae. We are not responsible for the privacy practices of these third parties.

We recommend that you review the privacy policies of any third-party services you access through our platform. This Privacy Policy applies only to information collected by Sundae.

11. Children's Privacy

Our Services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If we become aware that we have collected personal information from children under 13 without verification of parental consent, we will take steps to remove that information from our servers.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

13. Contact Us

If you have any questions about this Privacy Policy, please contact us:

You may also contact our Data Protection Officer at dpo@sundae.ai for privacy-related inquiries.

14. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA), including:

• The right to know what personal information is collected
• The right to know whether personal information is sold or disclosed
• The right to say no to the sale of personal information
• The right to access their personal information
• The right to equal service and price

To exercise these rights, California residents can contact us at privacy@sundae.ai or call +1 (555) 123-4567.

15. GDPR Compliance

For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR). This includes:

• Lawful basis for processing personal data
• Data subject rights (access, rectification, erasure, restriction, portability)
• Data protection by design and by default
• Appointment of a Data Protection Officer
• Record of processing activities

Our lawful bases for processing include consent, contract performance, legitimate interests, and legal obligations.