Legal
Privacy Policy
Last updated: May 2026 · TODO: Legal review pending
1. Who we are
AgentResto Ltd is a company registered in England and Wales. Our registered address is [ADDRESS - TODO]. We operate the AgentResto platform, a suite of AI agents built for independent restaurants. You can contact us at founder@agentresto.ai.
2. What data we collect
We collect: (a) Account data - your name, email, restaurant name, and billing details when you sign up. (b) Usage data - how you interact with our platform, approval actions, content you approve or reject. (c) Restaurant data - menu items, brand details, photos, and social media profiles you share with us during onboarding. (d) Review data - publicly available reviews from Google, TripAdvisor, and other platforms connected to your account. (e) Technical data - IP address, browser type, device information, and cookies.
3. How we use your data
We use your data to: (a) Provide and improve the AgentResto platform. (b) Train your personalised AI agents on your brand voice and content preferences. (c) Send you the morning digest and other operational communications. (d) Process your subscription and billing via Stripe. (e) Respond to your support requests. We do not sell your data to third parties. We do not use your restaurant's brand data to train agents for any other restaurant.
4. Data sharing
We share your data with: (a) Stripe - for payment processing. (b) AI model providers - limited context is processed by LLM APIs to generate your content. We use minimal data sharing and do not include personally identifiable customer information in these requests. (c) Hosting providers - our infrastructure runs on Vercel. All providers are bound by data processing agreements. We do not share your data with advertisers, brokers, or marketers.
5. Data retention
We retain your account data for as long as your account is active. On cancellation, we hold your data for 30 days to allow reactivation, then delete it within 60 days. Generated content (posts, captions) remains on your connected Instagram/social accounts - deletion of AgentResto does not remove previously published content.
6. Your rights (UK GDPR)
You have the right to: access your data, correct inaccurate data, request deletion, object to processing, and data portability. To exercise any of these rights, email us at founder@agentresto.ai. We will respond within 30 days.
7. Cookies
We use essential cookies for session management and analytics cookies (Vercel Analytics) to understand usage patterns. Analytics are privacy-preserving and do not use personal identifiers. You can disable cookies in your browser settings, though some features may stop working.
8. Security
We use industry-standard encryption (TLS) for all data in transit. Stripe handles all payment card data - we never store card numbers. We regularly review our security practices. If you discover a vulnerability, please report it to founder@agentresto.ai.
9. Changes to this policy
We will notify you of material changes via email at least 30 days before they take effect. Continued use of AgentResto after the effective date constitutes acceptance of the updated policy.
10. Contact
Questions? Email founder@agentresto.ai or write to AgentResto Ltd, [ADDRESS - TODO], United Kingdom.