Privacy Policy

Golden Saffron ("we", "us", "our") provides an AI-powered phone concierge and reservation platform to restaurants in Australia. This policy explains what personal information we collect, how we use it, who we share it with, and the rights you have under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This policy applies to people who call a restaurant using our voice agent ("guests"), restaurant owners and staff who use our dashboard ("customers"), and visitors to our marketing website.

We only collect information that is reasonably necessary to provide the service.

• Identity data: Your first and last name when you make a reservation or order.
• Contact data: Phone number (always) and email address (only if you sign up as a restaurant customer).
• Voice and call data: Audio recordings, transcripts, and call metadata (caller ID, call duration, timestamps) generated when you speak to our AI agent. Calls are recorded — the agent will tell you this at the start of the call.
• Reservation/order data: Date, time, party size, dietary preferences, order items, special requests, and the restaurant you booked with.
• Payment data: Card details are entered directly into our payment processor (Stripe). We never see, store, or process your card numbers — Stripe is PCI-DSS Level 1 certified.
• Technical data: IP address, browser type, device type, and pages viewed when you visit our website. Used for security, fraud prevention, and rate limiting.

We do not collect sensitive information (health, biometric, religion, etc.) unless you voluntarily disclose it (e.g. dietary restrictions). When you do, we treat it under APP 3 and only use it for the purpose you disclosed it for.

• Directly from you — when you speak to our AI agent over the phone, fill in a form, or sign up.
• Automatically — through your web browser when you visit our site (cookies, IP, log files).
• From the restaurant — if a restaurant gives us reservation lists or contact details to migrate.
• From our service providers — Twilio (caller ID, telco metadata), Stripe (payment confirmation status).

We use your personal information to:

• Take, modify, confirm, and remind you about your reservations and orders.
• Send you SMS confirmations and updates about your booking.
• Process payments through Stripe.
• Improve our AI agent's accuracy through review of recorded calls (always within our processing infrastructure — never shared with third parties for training their models).
• Investigate fraud, abuse, or technical problems.
• Comply with our legal obligations (e.g. tax, anti-money-laundering, court orders).

We will never use your information for any other purpose without your consent, except where permitted by law (APP 6).

The SMS we send you (booking confirmations, reschedule notices, pickup PINs) are transactional — they relate directly to a reservation or order you initiated. We will not send you marketing or promotional SMS without your explicit opt-in consent.

If we ever introduce marketing communications, every message will contain a clear unsubscribe option (reply STOP) and we will honour opt-outs immediately, in compliance with the Spam Act 2003 (Cth).

We share your information with the following service providers, all of whom are bound by confidentiality obligations and only process data on our instructions:

• The restaurant you booked with — they need your name, phone, party size, and dietary notes to honour your booking.
• Twilio (United States) — sends and receives SMS and voice calls on our behalf.
• Supabase (United States) — hosts our database (including voice transcripts and reservations).
• Vercel (United States) — hosts our website and APIs.
• Google Cloud / Vertex AI (United States) — speech recognition, text-to-speech, and conversational AI.
• Stripe (Australia / United States) — payment processing.
• Upstash (Australia, Sydney region) — rate limiting.
• Sentry / Axiom (United States) — error monitoring and logging (only if and when we deploy them).

Cross-border disclosure (APP 8): Several of these providers store data overseas, primarily in the United States. By using our service, you consent to your personal information being processed and stored outside Australia. We take reasonable steps to ensure each provider meets standards substantially similar to the APPs (e.g. contractual data protection clauses, encryption in transit and at rest).

We will not sell your personal information. We may disclose information where required by Australian law, court order, or to protect our legal rights.

We protect your data with:

• HTTPS (TLS 1.2+) for all network traffic.
• Encryption at rest in our database (AES-256, managed by Supabase).
• Role-based access — only authorised staff can view raw call data, and access is logged.
• Rate limiting and bot protection on public APIs.
• Routine security patching of all infrastructure.
• Audit logs of every change to a reservation.

No system is 100% secure. If a data breach occurs that is likely to result in serious harm to you, we will notify you and the Office of the Australian Information Commissioner (OAIC) under the Notifiable Data Breaches scheme.

• Reservation and order records: 7 years (Australian taxation requirement).
• Voice recordings and transcripts: 90 days, then permanently deleted, unless flagged for an active investigation or dispute.
• Web analytics and access logs: 30 days.
• Marketing consent records: for as long as you remain subscribed plus 1 year.

Under the Privacy Act, you have the right to:

• Access the personal information we hold about you.
• Correct information that is inaccurate, out of date, incomplete, or misleading.
• Delete your personal information (where we are not required by law to keep it — e.g. tax records).
• Withdraw consent for any optional processing (e.g. quality-improvement use of recordings).
• Lodge a complaint if you believe we have mishandled your information.

To exercise any of these rights, email [email protected] or visit our data request page. We will respond within 30 days. There is no charge for access requests, but we may charge a reasonable fee for excessive or repeated requests, as permitted under APP 12.8.

When you call a restaurant using our service, the AI agent will inform you at the start of the call that the conversation may be recorded for quality and training purposes. If you do not wish to be recorded, please hang up and contact the restaurant directly. By continuing the call after this notice, you consent to the recording.

We use a small number of strictly necessary cookies for authentication and security on the dashboard. We do not use third-party advertising cookies. We may add anonymous analytics in the future; if we do, this policy will be updated and you will see a consent banner.

Our service is not directed at children under 18. We do not knowingly collect personal information from anyone under 18. If you are a parent or guardian and believe your child has used our service, contact us and we will delete their information.

We may update this policy from time to time. The "Last updated" date at the top tells you when. For material changes (e.g. new categories of data collection), we will give notice on this page at least 14 days before the change takes effect.

For privacy questions, access requests, corrections, or complaints:

Email: [email protected]

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

• Web: oaic.gov.au/privacy/privacy-complaints
• Phone: 1300 363 992
• Post: GPO Box 5288, Sydney NSW 2001