Privacy Policy

Last updated: June 4, 2026

RevenArc LLC ("RevenArc," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information in connection with (a) our marketing website at revenarc.com (the "Site") and (b) the RevenArc hospitality intelligence platform and related services (the "Platform"). By using the Site or the Platform, you agree to this Policy.

RevenArc is a business-to-business service. The Platform is used by hospitality venue operators ("Customers") and their authorized personnel ("Authorized Users").


1. A Note on the Two Kinds of Data We Handle

This Policy distinguishes between two categories of information, because we play a different role for each:

  • Site & Account Information - information we collect directly from website visitors and Customers (for example, a name and email submitted to the waitlist, or account details). For this information, RevenArc acts as the business / controller and this Policy governs how we use it.
  • Customer Platform Data - the business data a Customer connects to the Platform (for example, point-of-sale transaction records and publicly available guest reviews). For this data, RevenArc acts as a service provider / processor: we process it only to provide the Platform to that Customer, under that Customer's instructions and our agreement with them. We do not sell it, and we do not use it for our own independent purposes. If you are an Authorized User or a guest of a Customer venue, that Customer's own privacy policy governs their collection of your information; questions about that data should be directed to the venue.

2. Information We Collect

2.1 Information you provide

  • Waitlist and Cohort applications: name, work email, company/venue name, role, venue type, approximate annual revenue range, current point-of-sale system, and any message or operational challenge you choose to share.
  • Account and billing information (for Customers): contact details, login credentials, and payment information (processed by our payment processor; we do not store full card numbers).
  • Communications: information you provide when you contact us, request support, or correspond with us.

2.2 Information collected automatically

  • Usage and device data: IP address, browser type, device and operating system, pages viewed, referring URLs, and timestamps, collected via standard web analytics.
  • Cookies and similar technologies: see Section 6.

2.3 Customer Platform Data (processed as a service provider)

When a Customer connects a data source, the Platform ingests:

  • Point-of-sale transaction data - order, check, and line-item level sales records (for example, items sold, quantities, prices, timestamps, and categories), obtained via a direct integration (such as Square), a scheduled secure file transfer (such as Toast exports), or a file upload.
  • Publicly available guest reviews - review text and ratings from public sources (such as public review platforms), used to surface aggregate guest-experience signals.

Boundaries we enforce on Customer Platform Data. These limits are built into the Platform, not merely promised here:

  • No individual-staff data. Even where a source export contains server, cashier, or employee identifiers, the Platform drops those fields at ingestion. There is no data structure that ties a metric to an individual person. Analysis is performed by section, day-part, product, and category only.
  • No guest personal information stored.We do not store guests' personal information from transaction data. We operate at the item and check level, not the named-individual level, and we do not perform facial recognition or guest tracking. (If a Customer chooses to provide a customer-relationship export, it is handled only under that Customer's instructions and in encrypted form.)
  • No cross-Customer data sharing.One Customer's data is never combined with or disclosed to another Customer. Each Customer's data is isolated.

3. How We Use Information

We use Site & Account Information to:

  • respond to waitlist and Cohort applications and evaluate eligibility;
  • provide, operate, secure, and improve the Site and Platform;
  • communicate with you about the Platform, including service and transactional messages, and - where permitted - relevant updates (you may opt out of marketing messages at any time);
  • process payments and manage subscriptions;
  • comply with legal obligations and enforce our terms.

We use Customer Platform Datasolely to provide the Platform to the applicable Customer - including classifying menu items, generating recommendations and estimated impact, tracking outcomes, surfacing guest-experience signals, and answering that Customer's questions through the Platform's assistant. We do not sell Customer Platform Data, and we do not use it to advertise to or profile guests.


4. AI-Assisted Features

The Platform includes an assistant that answers a Customer's questions using that Customer's own Platform Data. To generate responses, relevant Customer Platform Data may be transmitted to a third-party large-language-model provider via its application programming interface, strictly to produce the answer requested.

  • The assistant is designed to respond only from the Customer's actual data and to decline questions it cannot answer from that data, including any request that would identify an individual staff member.
  • We use enterprise/API access to our AI provider. Under the applicable API terms, data submitted via the API is not used by the provider to train its models.

5. How We Share Information

We do not sell personal information. We share information only as follows:

  • Service providers / subprocessors. We use trusted vendors to operate the Site and Platform. Categories include cloud hosting and database infrastructure, authentication, web analytics, AI/LLM processing, payment processing, and email delivery. A current subprocessor list is available on request; representative providers are summarized in Section 11. These vendors may process information only to provide services to us and are bound by confidentiality and data-protection obligations.
  • At a Customer's direction. For Customer Platform Data, we share or export as the relevant Customer instructs.
  • Legal and safety. We may disclose information if required by law, subpoena, or legal process, or where necessary to protect the rights, property, or safety of RevenArc, our Customers, or others.
  • Business transfers. In connection with a merger, acquisition, financing, or sale of assets, information may be transferred subject to this Policy.

6. Cookies and Analytics

The Site uses cookies and similar technologies for essential functionality, to remember preferences, and to understand usage through web analytics. You can control cookies through your browser settings; disabling some cookies may affect Site functionality. We honor applicable opt-out preference signals where required. The Site is not designed to respond to "Do Not Track" signals in a standardized way, as no common standard exists.


7. Data Retention

We retain Site & Account Information for as long as needed to fulfill the purposes described here, to maintain our business records, and to comply with legal obligations, after which we delete or de-identify it. We retain Customer Platform Datafor the duration of the Customer's subscription and as instructed by the Customer; on request or on termination, we export or delete it in accordance with our agreement, subject to limited retention required by law.


8. Security

We implement administrative, technical, and organizational safeguards designed to protect information, including encryption in transit, access controls, tenant isolation of Customer data, and least-privilege access to credentials. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. We do not store full payment card numbers; payments are handled by our payment processor.


9. Your Privacy Rights

9.1 California (CCPA/CPRA)

If you are a California resident, you have the right to:

  • know and access the categories and specific pieces of personal information we have collected about you;
  • delete personal information, subject to exceptions;
  • correct inaccurate personal information;
  • opt out of the sale or sharing of personal information - note that we do not sell or share personal information as those terms are defined under California law; and
  • not be discriminated against for exercising these rights.

For Customer Platform Data, RevenArc acts as a service provider and processes such data only on behalf of, and at the direction of, the Customer; individuals should direct requests regarding that data to the relevant Customer venue.

To exercise your rights, contact us at privacy@revenarc.com. We will verify your request and respond within the timeframes required by law. You may use an authorized agent where permitted.

9.2 Other jurisdictions

Depending on your location, you may have additional rights (such as access, correction, deletion, portability, or objection). We honor applicable rights; contact us to make a request.


10. Customers as Controllers; Data Processing Terms

Where RevenArc processes Customer Platform Data, it does so as a service provider/processor under the agreement between RevenArc and the Customer. Customers are responsible for providing any notices and obtaining any consents required for the data they connect, and for ensuring they have the right to connect it. A Data Processing Addendum is available to Customers on request.


11. Subprocessors (Representative)

PurposeProvider CategoryExample
Application hosting / computeCloud platformRailway
DatabaseManaged PostgreSQLRailway-managed Postgres
AuthenticationIdentity providerSupabase
Marketing site hostingWeb hostingVercel
Web analyticsAnalyticsGoogle Analytics
AI assistantLLM provider (API)OpenAI
PaymentsPayment processorStripe
EmailEmail deliveryResend

12. Children's Privacy

The Site and Platform are intended for businesses and are not directed to children under 16. We do not knowingly collect personal information from children.


13. International Users

RevenArc is based in the United States, and information is processed in the United States. If you access the Site or Platform from outside the United States, you understand that your information will be processed in the United States, where data-protection laws may differ from those in your jurisdiction.


14. Changes to This Policy

We may update this Policy from time to time. We will revise the "Last updated" date above and, for material changes, provide additional notice as required. Your continued use after an update constitutes acceptance of the revised Policy.


15. Contact Us

RevenArc LLC

San Diego, California

Email: privacy@revenarc.com

General: hello@revenarc.com


RevenArc LLC - San Diego, California.