Back to Home

Privacy Policy

Last Updated: January 8, 2025

1. Introduction

At Gid AI ("we," "our," or "us"), we are committed to protecting your privacy and being transparent about how we collect, use, and safeguard your information. This Privacy Policy explains our data practices for the Gid AI platform, our restaurant management and employee engagement service.

We built Gid with privacy by design, using enterprise-grade security measures and industry-standard practices to protect your data.

2. Information We Collect

Account and Profile Information

  • Contact details (name, email, phone number)
  • Company information (business name, role, industry)
  • Account credentials and authentication data
  • Profile preferences and settings

Service Usage Data

  • Training session participation and progress
  • Communication logs (SMS, voice, app interactions)
  • Performance metrics and feedback
  • Scheduling and attendance data

Technical Information

  • Device information and browser details
  • IP addresses and location data (general geographic area)
  • Usage analytics and system performance data
  • Log files and error reports

Integration Data

  • POS and PMS system data (when integrated)
  • Sales metrics and operational data
  • Employee scheduling and time tracking information

3. How We Use Your Information

Service Delivery

  • Provide personalized AI coaching and training
  • Generate insights and performance analytics
  • Facilitate communication between team members
  • Optimize scheduling and workforce management

Platform Improvement

  • Analyze usage patterns to improve our services
  • Develop new features and capabilities
  • Ensure system reliability and performance
  • Conduct security monitoring and threat detection

Communication

  • Send service updates and important notices
  • Provide customer support and technical assistance
  • Share product updates and new features

4. Data Infrastructure and Security

Cloud Infrastructure

We utilize enterprise-grade cloud infrastructure to ensure data security and availability:

  • Google Cloud Platform: Primary hosting and data processing
  • Amazon Web Services (AWS): Additional services and redundancy
  • Firebase: Real-time database and authentication services

Security Measures

  • End-to-end encryption for data in transit and at rest
  • Multi-factor authentication and access controls
  • Regular security audits and penetration testing
  • SOC 2 Type II and ISO 27001 compliance
  • Automated backup systems and disaster recovery

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share data only in these limited circumstances:

Service Providers

  • Trusted third-party services that help us operate our platform
  • Cloud infrastructure providers (Google Cloud, AWS)
  • Analytics and monitoring services
  • Payment processors and billing services

Legal Requirements

  • When required by law, regulation, or legal process
  • To protect our rights, property, or safety
  • To prevent fraud or security threats

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

6. Your Rights and Choices

Access and Control

  • Access: Request copies of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal data
  • Portability: Export your data in a standard format
  • Restriction: Limit how we process your information

Communication Preferences

  • Opt out of marketing communications
  • Control notification settings
  • Manage data sharing preferences

7. Data Retention

We retain your information only as long as necessary to:

  • Provide our services and support your account
  • Comply with legal obligations
  • Resolve disputes and enforce our agreements
  • Improve our services and security

Typically, we retain:

  • Account data: While your account is active plus 90 days after closure
  • Usage analytics: 24 months
  • Communication logs: 12 months
  • Financial records: 7 years (as required by law)

8. International Data Transfers

We primarily operate in Canada, the United States, and India. When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Standard contractual clauses approved by data protection authorities
  • Adequacy decisions from relevant regulatory bodies
  • Certification schemes and codes of conduct

9. Compliance and Regulations

We comply with applicable data protection laws, including:

  • GDPR: European General Data Protection Regulation
  • CCPA: California Consumer Privacy Act
  • PIPEDA: Personal Information Protection and Electronic Documents Act (Canada)
  • Industry standards: Restaurant and hospitality data protection requirements

10. Children's Privacy

Our services are designed for business use and are not intended for individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected such information, we will take steps to delete it promptly.

11. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. We will:

  • Notify you of material changes via email or platform notification
  • Post the updated policy on our website
  • Update the "Last Updated" date at the top of this policy

Your continued use of our services after such changes constitutes acceptance of the updated policy.