PRIVACY & COOKIE POLICY

Last Updated: 19/11/2025

1. Introduction 

This Privacy & Cookie Policy explains how Reqo SAS (“Reqo”, “we”, “us”, or “our”) collects, uses, protects, and manages personal data — including how we use cookies and similar technologies — when you visit our website or use our AI-powered voice automation services. We comply with GDPR, UK GDPR, the French Data Protection Act, and other applicable data protection laws. By using our website, you consent to this policy. 

2. Data Protection Roles 

Reqo may act as: 

Data Controller – for website visitors, business contacts, invoicing, support, contracts, sales, and marketing. 

Data Processor – when processing reservation and caller data on behalf of hospitality clients. In this case, the client is the Data Controller, and Reqo processes data strictly under their instructions. 

3. Contact Information 

Reqo SAS 

61 Rue de Lyon 

75012 Paris, France 

Email: privacy@reqo.ai 

Lead Supervisory Authority (EU): CNIL 

UK Supervisory Authority: ICO 

4. Categories of Personal Data Processed 

4.1 Website Visitors 

● Name, email, phone number, company information (if provided) 

● IP address, browser type, device details, pages visited 

● Cookie and analytics data (with consent) 

● Diagnostic and security logs 

4.2 Clients, Partners, and Prospects 

● Name, job title, email, phone number 

● Company name, address, VAT, registration number

● Contract, billing, and support information 

● Communications and meeting notes 

4.3 Callers and Guests (Processed on behalf of Clients) 

● Phone number, timestamp, call metadata 

● Text-based conversation transcripts (no audio recorded) 

● Reservation inputs: name, party size, date, time, contact information ● Service inquiries (opening hours, bookings, availability, etc.) 

We do not process audio recordings, biometric, medical, or special-category data. 

5. Purposes and Legal Bases 

When Reqo acts as Data Controller

● Website operation and security – Legitimate Interest / Consent 

● Responding to inquiries – Legitimate Interest 

● Contract initiation and management – Performance of Contract 

● Billing and compliance – Legal Obligation 

● B2B marketing (opt-out available) – Legitimate Interest 

When Reqo acts as Data Processor (on behalf of Clients)

● Handling calls via virtual assistant 

● Processing transcribed text 

● Managing reservations and service requests 

● Sending structured notifications to client systems 

Legal basis is determined by the Client. 

6. AI Transparency, Call Handling and Consent 

Calls handled by Clients may use AI-based virtual assistants. At the start of calls, callers may hear: 

“This call is handled by a virtual assistant and may be transcribed to help process your request. You can ask to speak with a person at any time.”

We do not perform: 

● Voice recording 

● Biometric analysis or identification 

● Emotion detection or behavioural profiling 

● Automated decision-making with legal or significant effects 

7. Data Minimisation 

We apply strict controls: 

● Transcript text only (no call audio) 

● No biometric, payment, or sensitive data 

● We do not train AI with customer data 

● Only necessary data is processed 

8. Sub-Processors and Data Sharing 

We use selected service providers for: 

● Cloud hosting 

● Telephony and speech-to-text 

● CRM and support ticketing 

● Email/SMS notifications 

● Analytics, consent management, and security monitoring 

All providers are bound by GDPR-compliant Data Processing Agreements and Standard Contractual Clauses where required. We do not sell personal data. 

9. International Data Transfers 

Where data is transferred outside the EU or UK (e.g., United States), we use safeguards including: 

● Standard Contractual Clauses (SCCs) 

● Encryption and access controls

● Data minimisation measures 

10. Data Security 

We implement organisational and technical security measures including: ● Encryption (in transit and at rest) 

● Access controls and authentication 

● Logging, monitoring, and audits 

● Incident response and breach notification 

11. Data Retention 

● Transcribed call data: 30–180 days (client configurable) 

● Call metadata: up to 12 months 

● Contract and billing records: 5–10 years 

● Support and communications: contract duration + up to 2 years ● Website analytics and cookie data: up to 13 months 

Data is deleted or anonymised when no longer required. 

12. Your Rights 

You may request: 

● Access to your data 

● Correction or deletion 

● Restriction or objection to processing 

● Data portability 

● Withdrawal of consent 

If you are a restaurant caller or guest, please contact the restaurant directly (they are the Data Controller). If you interacted directly with Reqo, contact privacy@reqo.ai. You may lodge a complaint with CNIL, ICO, or your local regulator. 

13. Cookies and Tracking Technologies

13.1 What Are Cookies? 

Cookies are small text files stored on your device to help websites function, analyse usage, and personalise content. We also use local storage, pixels, tags, and similar technologies. 

13.2 Types of Cookies Used by Reqo 

Strictly Necessary Cookies – Required for site functionality. Cannot be disabled. 

Analytics and Performance Cookies – Measure usage and improve site experience. Used only with consent. 

Functional Cookies – Remember preferences (language, region). Used only with consent. 

Marketing and Advertising Cookies – Used only for B2B campaign measurement or remarketing, with consent. 

13.3 Managing Cookies 

You can manage or disable cookies by: 

● Using our cookie consent banner or preferences panel 

● Updating browser settings 

Blocking essential cookies may prevent the website from functioning properly. 13.4 Examples of Tools Used 

● Google Analytics (visitor insights) 

● LinkedIn or Meta pixels (B2B marketing measurement) 

● Cookie consent management platform 

13.5 Cookie Storage Duration 

● Session cookies: expire when browser closes 

● Analytics cookies: up to 13 months 

● Marketing cookies: typically 3–12 months 

Exact durations may vary by provider.

14. Children 

Our services are not directed to children under 16, and we do not knowingly collect data from minors. Any such data will be deleted. 

15. Updates 

We may update this Privacy & Cookie Policy to reflect legal or technical changes. The latest version will always be available on our website. Updates take effect from the “Last Updated” date. 

16. Contact 

For privacy or cookie-related enquiries, contact: 

Reqo SAS 

61 Rue de Lyon 

75012 Paris, France 

Email: privacy@reqo.ai

Created by restaurateurs
Trusted by hospitality teams

Home
ROI Calculator
Blog
Pricing
Contact

Reqo all rights reserved

Privacy policy
Terms of service
Legal Notice
Close Cookie Popup
Cookie settings
By clicking "Accept all cookies", you agree to storing cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts as outlined in our privacy policy.
Accept all cookiesCookie settings
Close Cookie Preference Manager
Cookie settings
By clicking 'Accept all cookies', you agree to storing cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts as outlined in our privacy policy.
Strictly necessary (always active)
Cookies required to enable basic website functionality.
Accept all cookiesSave settings