Privacy Policy

Certus AI, Inc.
Last Updated: January 23, 2026
‍
1. IntroductionCertus AI, Inc. ("Certus AI," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (www.certus.ai), use our voice AI services, or interact with our platform in any way.
‍
By accessing or using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Services.
‍
2. Information We Collect
‍
2.1 Personal Information
We may collect personal information that you voluntarily provide to us when you register for an account, express interest in obtaining information about us or our products and Services, participate in activities on the Services, or otherwise contact us. This includes: name; email address; phone number; mailing address; business name and details; payment information (credit card numbers, billing address); account credentials (username and password); and any other information you choose to provide.
‍
2.2 Voice and Call Data
As a voice AI platform for restaurants, we collect and process: voice recordings and transcriptions of calls handled by our AI agents; call metadata (duration, timestamps, caller phone numbers); order information and transaction details; customer preferences and order history; and conversation logs between customers and our AI agents. This data is essential for providing our core services, improving AI performance, and enabling restaurants to serve their customers effectively.
‍
2.3 Automatically Collected Information
When you access our website or Services, we automatically collect certain information, including: device information (device type, operating system, unique device identifiers); browser information (browser type, version, language preferences); IP address and general geographic location; pages visited, time spent on pages, and navigation paths; referring URLs and exit pages; date and time of access; and clickstream data and interaction patterns.
‍
3. Cookies, Pixels, and Tracking Technologies
We use various tracking technologies to collect and store information about your interactions with our Services.
‍
3.1 Cookies
Cookies are small data files stored on your device. We use both session cookies (which expire when you close your browser) and persistent cookies (which remain until deleted or expired). Types of cookies we use include: Essential Cookies, required for the operation of our website and Services; Performance Cookies, which help us understand how visitors interact with our website; Functionality Cookies, which remember your preferences and settings; and Targeting/Advertising Cookies, which track your browsing habits to deliver relevant advertisements.
‍
3.2 Tracking Pixels and Web Beacons
We use tracking pixels (also known as web beacons, clear GIFs, or pixel tags) on our website and in emails. These technologies allow us to: track page views and user behavior; measure the effectiveness of our marketing campaigns; understand email open rates and click-through rates; deliver targeted advertising across platforms; and perform retargeting and remarketing activities.
‍
3.3 Third-Party Tracking Technologies
We may use third-party tracking technologies from providers including, but not limited to: Google Analytics and Google Ads (for website analytics and advertising); Meta Pixel (Facebook/Instagram) for advertising and conversion tracking; LinkedIn Insight Tag for professional audience targeting; Microsoft Clarity for heatmaps and session recordings; HubSpot for marketing automation and analytics; Hotjar for user behavior analytics; Twitter/X Pixel for advertising; TikTok Pixel for advertising; and other advertising and analytics platforms. These third parties may use cookies, pixels, and similar technologies to collect information about your online activities over time and across different websites and services.
‍
3.4 Managing Tracking Technologies
You can control cookies through your browser settings. Most browsers allow you to refuse cookies, delete cookies, or be notified when a cookie is set. Please note that disabling cookies may affect the functionality of our Services. You can opt out of interest-based advertising through: the Digital Advertising Alliance (DAA) at optout.aboutads.info; the Network Advertising Initiative (NAI) at optout.networkadvertising.org; the European Interactive Digital Advertising Alliance (EDAA) at youronlinechoices.eu; and individual platform settings (Google, Facebook, etc.).
‍
4. How We Use Your Information
We use the information we collect for various purposes, including: providing, operating, and maintaining our Services; processing and completing transactions, including order processing through our AI agents; improving, personalizing, and expanding our Services; training and improving our AI models and voice recognition capabilities; understanding and analyzing how you use our Services; developing new products, services, features, and functionality; communicating with you, including for customer service, updates, and marketing; sending you promotional communications (with your consent where required); processing payments and preventing fraud; complying with legal obligations; and protecting our rights, privacy, safety, or property.
‍
5. How We Share Your Information
We may share your information in the following circumstances:
‍
5.1 Service Providers
We share information with third-party vendors, service providers, and contractors who perform services on our behalf, including but not limited to: cloud hosting and infrastructure providers (AWS, Google Cloud, etc.); payment processors; POS system integrations (Toast, Square, Clover, NCR, and others); analytics and marketing platforms; customer support tools; and email and communication service providers.
‍
5.2 Restaurant Partners
When you interact with our AI agents on behalf of a restaurant, we share relevant information with that restaurant partner, including order details, contact information, and conversation records necessary to fulfill your orders and provide customer service.
‍
5.3 Business Transfers
In connection with any merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the acquiring entity.
‍
5.4 Legal Requirements
We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Certus AI, our users, or others.
‍
6. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Account information is retained for the duration of your account and for a reasonable period thereafter. Analytics and tracking data may be retained in aggregated or anonymized form. When we no longer need to retain your information, we will securely delete or anonymize it.
‍
7. Data Security
We implement appropriate technical and organizational security measures designed to protect your information from unauthorized access, alteration, disclosure, or destruction. These measures include: encryption of data in transit and at rest; secure data centers with physical access controls; regular security assessments and penetration testing; access controls and authentication mechanisms; employee training on data protection; and incident response procedures. However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security.
‍
8. Your Privacy Rights
‍
8.1 General Rights
Depending on your location, you may have certain rights regarding your personal information, including: the right to access the personal information we hold about you; the right to correct inaccurate or incomplete information; the right to delete your personal information; the right to restrict or object to processing; the right to data portability; the right to withdraw consent; and the right to opt out of marketing communications.
‍
8.2 California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including: the right to know what personal information we collect, use, disclose, and sell; the right to delete personal information (subject to certain exceptions); the right to opt out of the sale or sharing of personal information; the right to correct inaccurate personal information; the right to limit the use of sensitive personal information; and the right to non-discrimination for exercising your privacy rights. To exercise these rights, please contact us using the information provided below. We will verify your identity before processing your request.
‍
8.3 European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR) and similar laws, including: the right to access, correct, or delete your personal data; the right to restrict or object to processing; the right to data portability; the right to withdraw consent at any time; and the right to lodge a complaint with a supervisory authority. Our legal bases for processing personal data include: consent, contract performance, legitimate interests, and legal obligations.
‍
8.4 Do Not Track Signals
Some browsers include a "Do Not Track" (DNT) feature. We currently do not respond to DNT signals, as there is no industry standard for handling DNT requests.
‍
9. Third-Party Links and Services
Our Services may contain links to third-party websites, services, or applications that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.
‍
10. Children's Privacy
Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take steps to delete that information. If you believe we may have collected information from a child under 16, please contact us immediately.
‍
11. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that are different from the laws of your country. By using our Services, you consent to the transfer of your information to the United States and other countries. We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy.
‍
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically for any changes. Your continued use of the Services after any modifications to this Privacy Policy constitutes your acceptance of the updated terms.
‍
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
Email: info@certus.ai
Website: www.certus.ai
For data subject access requests or to exercise your privacy rights, please email us at privacy@certus.ai with the subject line "Privacy Rights Request."
‍
14. Acknowledgment
By using our Services, you acknowledge that you have read this Privacy Policy and understand how we collect, use, and share your information. You agree to the collection and use of information in accordance with this policy.