Legal
Privacy Policy
Effective as of June 14, 2026
This Privacy Policy (“Policy”) applies to https://milaflow.ai, and Milaflow LLC (“Company”) and governs data collection and usage. For the purposes of this Policy, unless otherwise noted, all references to the Company include https://milaflow.ai. The Company website is a software-as-a-service (SaaS) site. By using the Company website, you consent to the data practices described in this statement.
SMS / Text Messaging
When you provide your mobile number on a MilaFlow-powered restaurant site, we collect it to send order-status text messages about your order. If you separately opt in at checkout, you may also receive promotional text messages from that restaurant (approximately 4 messages per month). Message and data rates may apply; message frequency varies. Reply STOP to opt out at any time, reply HELP for help, or contact support@milaflow.ai. Mobile opt-in consent and phone numbers are not shared with or sold to third parties or affiliates for their marketing purposes.
I. Collection of Your Personal Information
In order to better provide you with products and services offered, the Company may collect personally identifiable information, such as your:
- First and last name
- Mailing address
- Email address
- Phone number
- Restaurant business name and details, menu and ordering data, and AI phone call recordings and transcripts
If you purchase the Company’s products and services, we collect billing and credit card information. This information is used to complete the purchase transaction.
We do not collect any personal information about you unless you voluntarily provide it to us. However, you may be required to provide certain personal information to us when you elect to use certain products or services. These may include: (a) registering for an account; (b) sending us an email message; (c) submitting your credit card or other payment information when ordering and purchasing products and services. To wit, we will use your information for, but not limited to, communicating with you in relation to services and/or products you have requested from us. We may also gather additional personal or non-personal information in the future.
II. Use of Your Personal Information
The Company collects and uses your personal information in the following ways:
- to operate and deliver the services you have requested;
- to provide you with information, products, or services that you request from us;
- to provide you with notices about your account;
- to carry out the Company’s obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
- to notify you about changes to https://milaflow.ai or any products or services we offer or provide through it;
- to maintain the security of the Company’s services and prevent fraud or misuse;
- to comply with applicable laws, regulations, legal processes, or governmental requests;
- to provide and operate the Company’s restaurant software services, including AI phone answering, online ordering, website hosting, and payment processing; to communicate with customers; to process transactions; and to maintain the Company’s internal records and administrative functions;
- in any other way we may describe when you provide the information; and
- for any other purpose with your consent.
III. Sharing Information with Third Parties
The Company does not sell, rent, or lease its customer lists to third parties.
The Company does not sell sensitive personal data to third parties.
The Company does not sell biometric data to third parties.
The Company does not use personal data for targeted advertising, the sale of personal data, or profiling that produces legal or similarly significant effects.
The Company may share data with trusted service providers and partners to help operate the service, perform statistical analysis, send email, provide customer support, process payments, or arrange for deliveries. All such third parties are prohibited from using your personal information except to provide these services to the Company, and they are required to maintain the confidentiality of your information.
The Company may disclose your personal information, without notice, if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on the Company or the site; (b) protect and defend the rights or property of the Company; and/or (c) act under exigent circumstances to protect the personal safety of users of the Company, or the public.
IV. Your Privacy Rights
You may have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to know about, access, and request deletion of your personal information, and to opt out of any sale or sharing of your personal information. The Company does not sell your personal information. To exercise any of these rights, please contact us using the information in the “Contact Information” section below, and we will respond in accordance with applicable law.
V. Tracking Usage
The Company may keep track of the pages our users visit within the Company’s services in order to determine which of the Company’s services are the most popular. This data is used to operate, maintain, and improve the service.
VI. Automatically Collected Information
The Company may automatically collect information about your computer hardware and software. This information can include your IP address, browser type, domain names, access times, and referring website addresses. This information is used for the operation of the service, to maintain the quality of the service, and to provide general statistics regarding the use of the Company website.
VII. Use of Cookies
The Company website may use “cookies” to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.
One of the primary purposes of cookies is to provide a convenience feature to save you time, and to keep you signed in to your account. You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Company services.
VIII. Links
This website contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personally identifiable information.
IX. Security of Your Personal Information
The Company secures your personal information from unauthorized access, use, or disclosure. The Company uses the following methods for this purpose:
- Encryption of data in transit (TLS/HTTPS) and at rest
- Secure credential and secrets management
- Tenant data isolation and role-based access controls
- Continuous security monitoring and error tracking
When personal information (such as a credit card number) is transmitted to other websites, it is protected through the use of encryption, such as the Transport Layer Security (TLS/SSL) protocol.
We strive to take appropriate security measures to protect against unauthorized access to or alteration of your personal information. Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100 percent secure. As a result, while we strive to protect your personal information, you acknowledge that: (a) there are security and privacy limitations inherent to the Internet that are beyond our control; and (b) the security, integrity, and privacy of any and all information and data exchanged between you and us through this site cannot be guaranteed.
X. Right to Deletion
Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will: delete your personal information from our records; and direct any service providers to delete your personal information from their records.
Please note that we may not be able to comply with requests to delete your personal information if it is necessary to: complete a transaction for which the personal information was collected or otherwise perform a contract between you and us; detect security incidents or protect against malicious, deceptive, fraudulent, or illegal activity; debug to identify and repair errors that impair existing intended functionality; comply with a legal obligation; or otherwise use your personal information internally in a lawful manner that is compatible with the context in which you provided the information.
XI. Data Security and Breach Notification
The Company maintains reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, acquisition, disclosure, or use. In the event of a security incident involving personal information, the Company will promptly investigate the incident and provide notice to affected individuals and, where required, to applicable regulatory authorities in accordance with applicable law. The Company will provide any required notice in the manner and within the timeframes prescribed by applicable law.
XII. Children Under 13
The Company does not knowingly collect personally identifiable information from children under the age of thirteen. If you are under the age of 13, you must ask your parent or guardian for permission to use this platform.
XIII. Connecting and Disconnecting Third-Party Accounts
You may be able to connect your Company account to third-party accounts. By connecting your Company account to a third-party account, you acknowledge and agree that you are consenting to the release of information about you between those services in accordance with your privacy settings on those third-party sites. If you do not want information about you to be shared in this manner, do not use this feature. Users may disconnect their connected third-party accounts (such as Google, Meta, and Stripe) at any time from the integrations or settings section of their account dashboard. Users may also contact us by email at privacy@milaflow.ai or by phone to request that a connection be removed.
XIV. Email Communications
From time to time, the Company may contact you via email for the purpose of providing announcements, alerts, confirmations, and/or other general communication. If you would like to stop receiving marketing or promotional communications via email from the Company, you may opt out of such communications by clicking the unsubscribe link at the bottom of any marketing email, or by contacting us at privacy@milaflow.ai.
XV. External Data Storage Sites
We may store your data on servers provided by third-party hosting vendors with whom we have contracted.
XVI. Changes to This Statement
The Company reserves the right to change this Policy from time to time. For example, when there are changes in our services, changes in our data protection practices, or changes in the law. When changes to this Policy are significant, we will inform you. You may receive a notice by sending an email to the primary email address specified in your account, by placing a prominent notice on our website, and/or by updating this Policy. Your continued use of the website and/or services available after such modifications will constitute your: (a) acknowledgment of the modification of this Policy; and (b) agreement to abide and be bound by this modified Policy.
XVII. Contact Information
The Company welcomes your questions or comments regarding this Statement of Privacy. If you believe that the Company has not adhered to this Statement, please contact the Company at:
Milaflow LLC
5900 Balcones Drive STE 100
Austin, Texas 78731
Email: privacy@milaflow.ai
Phone: (940) 365-8159
Effective as of June 14, 2026