Privacy Policy
Effective May 1, 2026
This policy describes how Cardamom (“Cardamom,” “we,” “us”) collects, uses, and discloses information about you when you visit trycardamom.com, when your restaurant uses our service, or when you call a restaurant that uses Cardamom to take phone orders.
From restaurants (our customers): business name, address, phone number, menu data, hours, owner contact information, payment details (handled by our payment processor), and POS integration credentials.
From callers (your customers): when a call is placed to a Cardamom-powered restaurant phone number we capture the inbound caller ID, the audio of the call, a transcript, and the order details. We store the caller's phone number as a one-way SHA-256 hash by default; only the last four digits are kept in plain text for receipt routing. Recordings and transcripts are used to deliver the order, generate the receipt, and improve the restaurant's service.
From site visitors: standard server logs (IP, user agent, referrer), cookies for session and analytics, and any information you submit through forms (e.g., booking a demo, requesting a quote).
To deliver the service: route inbound calls, take orders, send order confirmations to the caller and the restaurant, integrate with the restaurant's POS, and surface analytics on the restaurant's dashboard.
To improve the service: aggregate call quality metrics, identify failure modes in our voice agent, and tune our models. We do not use a restaurant's data to train models that serve other restaurants without explicit written agreement.
To communicate: send service notifications, security alerts, and (with your consent) product updates.
All data is stored in Supabase (Postgres) in the US East region. Row-level security is enabled on every table; each restaurant's data is isolated by row-level policies tied to user accounts.
Backups are encrypted at rest and retained for 30 days. Our application servers run on Vercel and LiveKit Cloud; both providers are SOC 2 Type II certified.
Call recordings: 30 days, then deleted. Transcripts: 90 days, then deleted. Order records: kept for the life of the restaurant's account plus 7 years for tax and dispute purposes. Customer memory (caller hash, allergy flags, last order): kept until the restaurant or the caller requests deletion.
We share information with the following sub-processors strictly to deliver the service:
We do not sell your data. We do not share your data with advertisers.
If you are a California resident (CCPA/CPRA) or in the EU/UK (GDPR), you have the right to access, correct, delete, or export the personal information we hold about you, and to object to certain processing. Email privacy@trycardamom.com with the subject line “Privacy request” and we will respond within 30 days.
Callers: if you do not want a restaurant to store your phone number for the customer-memory feature, tell the agent at the start of the call (“Please don't remember my number”) and we will not retain caller-identifying data beyond the order itself.
All traffic is encrypted in transit (TLS 1.2+). Data at rest is encrypted using AES-256. Access to production systems is restricted by SSO + 2FA and audit-logged. We are pursuing SOC 2 Type II.
We will post any updates here and update the effective date. Material changes will be communicated to restaurant account owners by email at least 14 days before they take effect.
Questions: privacy@trycardamom.com