Privacy Policy

Atlas Intelligence ("Atlas", "we", "our") operates an AI operations platform at atlasintelligence.tech. Atlas is used by our own restaurant brands (Pizza Garden, La Ruota Pizzeria, Megabite Pizza) and by a small set of partner restaurant operators we onboard individually. This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and your rights under applicable law (PIPEDA in Canada, GDPR for EU residents).

1. Who we are

Atlas Intelligence is the operating brand for the technology platform that supports restaurant operations for owned and partner brands. Operations are based in British Columbia, Canada. For privacy questions: privacy@atlasintelligence.tech.

2. What data we collect

From operators (our internal staff)

• Name, email address, role, login activity
• OAuth tokens for connected accounts (Google Business Profile, Meta/Facebook, Instagram) — stored encrypted at rest
• Audit-trail entries for every approve/reject/publish action they take

From customers of our restaurants (via connected platforms)

• Phone calls: voice transcripts and order details from calls handled by our AI receptionist. Recordings are made with consent (caller is informed at the start of each call).
• SMS: messages exchanged for order updates, marketing campaigns the customer opted into, and customer support.
• Public social media activity: comments and posts on our Facebook Pages and Instagram accounts, ingested via the Meta Graph API. Author display name, message text, and timestamp.
• Direct messages: Messenger and Instagram direct messages sent to our pages, ingested via Meta APIs. We use these to respond to customer service requests.
• Google reviews: review text, star rating, reviewer display name, and timestamp, ingested via the Google Business Profile API for review management.
• Order data: items ordered, fulfillment address (delivery only), order total. Payment card data is never stored on Atlas systems — payments are handled by our payment processor.

3. How we use this data

• To take and fulfill restaurant orders.
• To respond to customer questions, complaints, reviews, and DMs.
• To moderate spam and abuse on our owned social profiles.
• To analyze sentiment trends across stores and improve operations.
• To send opted-in marketing SMS and email about our restaurants.
• To meet legal, accounting, and food-safety record-keeping obligations.

4. Google user data — limited use disclosure

Atlas's use and transfer to any other app of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• We use Google Business Profile data only to display reviews and post operator-approved replies inside the Atlas operator dashboard.
• We do not use Google user data for advertising, behavioral profiling, training generalized AI models, or any purpose unrelated to review management.
• We do not sell or transfer Google user data to third parties.
• Human access to Google user data is restricted to the operator handling the corresponding review and to Atlas administrators for support and security.

5. Where data is stored

All data is stored on infrastructure we control, located in Canada. We use:

• PostgreSQL for structured data (orders, reviews, comments, audit log)
• Local file storage for media assets and call recordings
• HTTPS/TLS for all data in transit; full-disk encryption at rest

6. Who we share data with

We share data only with service providers that process it on our behalf and under contract:

• Telnyx — voice/SMS carrier for incoming calls and SMS
• OpenAI — large language model API for sentiment classification, draft generation, and voice intent recognition. Inputs are sent over TLS; OpenAI is contractually required to not retain or train on our API data.
• Google — only for Google Business Profile API operations the operator initiates
• Meta — only for Meta Graph API operations the operator initiates
• Our payment processor — for order payments (we do not store payment cards)

We do not sell personal data. We do not share with advertising networks. We do not use third-party analytics or tracking pixels on this site.

7. Retention

• Order records: 7 years (tax/accounting requirement)
• Voice call recordings & transcripts: 90 days, then deleted
• Social media comments / DMs / review snapshots: as long as Atlas manages the corresponding platform connection
• Operator audit log: 2 years
• Marketing SMS opt-in records: until the customer opts out, plus 1 year of opt-out evidence

8. Your rights

If we hold personal data about you, you have the right to:

• Access a copy of the data we hold
• Correct inaccurate data
• Delete data we no longer need to retain (subject to legal obligations)
• Withdraw consent for marketing communications at any time
• Object to specific processing activities
• Lodge a complaint with the Office of the Privacy Commissioner of Canada or your local data protection authority

To exercise any of these rights, email privacy@atlasintelligence.tech. We respond within 30 days.

9. Cookies

This site uses one strictly-necessary session cookie (atlas_user) for operator authentication. We do not use advertising cookies, tracking pixels, third-party analytics, or any cross-site tracking.

10. Children

Atlas is not directed at children under 13. We do not knowingly collect personal data from children under 13.

11. Security

We use HTTPS/TLS for all transport, encrypted storage at rest, role-based access control, audit logging, and credential rotation. No system is perfectly secure; we will notify affected users within 72 hours of discovering a breach affecting their personal data.

12. Changes to this policy

We will update this policy when our practices change. Material changes will be announced on this page with an updated "Last updated" date.

13. Contact

For privacy questions, data access requests, or to report a concern:

• Email: privacy@atlasintelligence.tech
• Web: /contact