Privacy Policy

Last updated: April 4, 2026

1. Introduction

Bravo ("we," "us," or "our") operates a guest feedback and reputation management platform for restaurants. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service at getbravo.co and its subdomains. Please read this policy carefully. If you disagree with its terms, please discontinue use of our services.

2. Information We Collect

A. Restaurant Owner / Operator Data

When you create an account as a restaurant operator, we collect:

  • Name and email address (used for authentication)
  • Restaurant name, address, city, state, zip code, and phone number
  • Payment information (processed by our payment provider; we do not store raw card data)

B. Guest Data

When guests submit feedback through a restaurant's Bravo feedback page, we collect:

  • First name
  • Mobile phone number (provided voluntarily via opt-in web form)
  • Email address (optional)
  • Star rating (1–5)
  • Written feedback and survey responses
  • Timestamp of submission

3. SMS Communications and TCPA Compliance

We collect mobile phone numbers exclusively through a voluntary, opt-in web form displayed on each restaurant's feedback page. Before submitting, guests must check a consent checkbox with the following disclosure (or substantially similar language):

"I agree to receive up to 3 SMS messages from [Restaurant Name] regarding my feedback. Reply STOP to opt out. Msg & data rates may apply."

SMS messages are transmitted via Twilio, Inc. We comply with the Telephone Consumer Protection Act (TCPA) and all applicable regulations. Specifically:

  • Consent: We obtain express written consent before sending any SMS to guests.
  • Opt-out: Guests can reply STOP at any time to immediately unsubscribe from all messages from that restaurant. Reply HELP for assistance.
  • Message frequency: Guests receive no more than 3 SMS messages per feedback session.
  • Message and data rates may apply depending on the guest's mobile carrier.
  • No third-party sharing: Phone numbers collected are not shared with any third parties for marketing purposes.

4. How We Use Your Information

We use collected information to:

  • Provide and operate the Bravo platform
  • Deliver feedback data to the applicable restaurant operator
  • Send SMS confirmations and follow-up messages on behalf of restaurant operators (with guest consent)
  • Process payments and manage subscriptions
  • Improve our product and services
  • Send product updates and service announcements to operators
  • Comply with legal obligations

5. Data Sharing and Disclosure

We do not sell your personal data. We may share information with:

  • Restaurant operators: Guest feedback data is shared with the restaurant operator whose QR code the guest scanned. Operators are contractually required to use this data only for guest service purposes.
  • Service providers: We use Twilio for SMS delivery, Supabase for database hosting, and Vercel for infrastructure. These providers process data on our behalf under data processing agreements.
  • Legal requirements: We may disclose data if required by law, subpoena, or government request.

6. Data Retention

Guest feedback data is retained for as long as the associated restaurant account is active. Operators may request deletion of specific guest records. When an operator account is closed, associated data is deleted within 90 days. You may request deletion of your data at any time by contacting us.

7. Security

We implement industry-standard security measures including encryption in transit (TLS), encrypted storage, and access controls. However, no method of electronic transmission is 100% secure. We encourage you to use strong passwords and to notify us immediately if you suspect unauthorized account access.

8. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict certain processing
  • Data portability

To exercise these rights, email us at privacy@getbravo.co.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have collected data from a minor, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify registered operators of material changes via email. Continued use of the platform after changes constitutes acceptance of the updated policy.

11. Contact Us

For privacy questions, requests, or to report concerns, contact us at:
privacy@getbravo.co