Privacy Policy

The data controller is FrontFlows.

For any question about this policy or your personal data, contact us at hello@frontflows.com.

This policy covers two contexts:

This website (www.frontflows.com) — the marketing site where you can learn about FrontFlows.

The FrontFlows service (app.frontflows.com) — the application where restaurant operators configure and use the voice assistant, manage bookings, and review call activity.

This website does not use cookies or similar tracking technologies. We do not use analytics, advertising, or profiling tools on this site.

We do not ask you to create an account here, and we do not store personal data about visitors to this website beyond what our hosting provider may automatically log for security and operational purposes (such as IP address, browser type, and request timestamp). These server logs are retained only as long as necessary for security and are not used to identify individual visitors.

When you register for and use the FrontFlows service, we process the information you and your team provide to operate the voice assistant and booking system. This typically includes:

• Account and contact details (name, email address, phone number)
• Restaurant details (name, address, phone number, opening hours, table layout, booking rules)
• Configuration you set up (greetings, FAQs, party-size rules, language preferences)
• Booking data (guest names, party sizes, dates and times, special requests, notes)
• Call records and transcripts generated when the assistant handles phone calls on your behalf
• Communications with our support team

We process this data to provide, maintain, and improve the service you have signed up for.

We do not collect or store payment card numbers or other highly sensitive financial credentials through the FrontFlows application. When you subscribe to a paid plan, payments are processed by Stripe, a secure payment provider. Card details are handled directly by Stripe and are not stored on our servers.

We do not sell your personal data. We do not use your restaurant or guest data for advertising or unrelated profiling.

Under the General Data Protection Regulation (GDPR), we rely on the following legal bases:

• Performance of a contract — to provide the FrontFlows service you have subscribed to, including call handling, booking management, and account administration.
• Legitimate interests — to maintain the security and reliability of our platform, prevent abuse, and improve our product, provided these interests are not overridden by your rights.
• Legal obligation — where we must retain or disclose data to comply with applicable law.
• Consent — where required, for example for optional communications. You may withdraw consent at any time.

When the voice assistant answers calls to your restaurant, it processes information spoken by callers — such as names, phone numbers, booking requests, and questions — to fulfil those requests on your behalf.

As the restaurant operator, you are responsible for ensuring that your use of FrontFlows complies with applicable data-protection rules regarding your guests.

We retain account and service data for as long as your subscription is active and for a reasonable period afterwards to handle disputes, enforce our terms, and meet legal obligations.

Call transcripts and booking records are kept for the period needed to provide the service and as configured in your account settings, unless a longer retention period is required by law.

Server logs from this website are kept only for a limited time for security purposes.

We do not sell personal data. We share data only with trusted service providers who help us operate FrontFlows — such as cloud hosting, telephony, and infrastructure providers — under data-processing agreements that require them to protect your data and process it only on our instructions.

We may also disclose data if required by law, court order, or to protect the rights and safety of FrontFlows, our customers, or others.

Your data is primarily processed within the European Economic Area (EEA). If any of our processors transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or an adequacy decision.

If you are in the EEA, UK, or another jurisdiction with similar data-protection laws, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data, subject to legal exceptions
• Restrict or object to certain processing
• Request a portable copy of your data
• Withdraw consent where processing is based on consent
• Lodge a complaint with your local data-protection supervisory authority

To exercise these rights, email us at hello@frontflows.com. We will respond within the timeframes required by applicable law.

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or misuse.

We may update this Privacy Policy from time to time. When we make material changes, we will post the updated policy on this page and adjust the "Last updated" date. Continued use of the service after changes take effect constitutes acceptance of the updated policy.

Questions? Contact us at hello@frontflows.com.