Privacy Policy
How Bowl Technologies collects, uses, and protects your information.
BowlRMS ("we", "our", "us") is a restaurant management and digital ordering platform operated by Bowl Technologies. This Privacy Policy explains how we collect, use, and protect information when businesses and their customers use BowlRMS.
Scope of This Policy
BowlRMS is a Software-as-a-Service (SaaS) platform provided to businesses (e.g., restaurants, hotels).
- The business is the primary account holder ("Client").
- The end customer interacts with the Client through BowlRMS (e.g., digital menu, ordering).
We act primarily as a data processor on behalf of the Client.
Information We Collect
2.1 Business Account Information
When a business registers, we collect:
- Full Name (account owner)
- Email Address
- Phone Number
- Business Name
- Business Contact Information (email, phone)
- General Location
- Operating Hours
- Payment Configuration Details (e.g., MPesa Till/Paybill or bank details for Paystack)
2.2 Staff Data (Provided by the Business)
Clients may input staff data into BowlRMS, including:
- Full Name
- National ID Number
- Email Address
- Phone Number
- Emergency Contact (name, relationship, phone)
This data is controlled and managed solely by the Client. BowlRMS does not use this data for its own purposes.
2.3 Customer Interaction Data
When customers use BowlRMS through a Client's menu:
- Orders placed
- Order status and timestamps
- Payment status (e.g., successful, failed)
We do not create customer accounts by default.
2.4 Payment Information
BowlRMS does not store or process sensitive payment details.
- Payments are handled via third-party providers (e.g., MPesa STK Push, Paystack).
- We only store transaction status and references for reconciliation.
Phone numbers entered for MPesa transactions are:
- Used only to initiate payment requests
- Not stored beyond immediate processing
2.5 AI Assistant ("Foodie")
BowlRMS includes an AI assistant powered via third-party APIs.
- Conversations are session-based (max ~2 hours)
- Chats are not stored or linked to user identity
- BowlRMS does not use AI conversations for profiling or training
2.6 Technical Data
BowlRMS does not intentionally collect device-level tracking data beyond what is necessary for system operation and security.
How We Use Information
We use collected data to:
- Provide and maintain the BowlRMS platform
- Facilitate order processing and communication between guests and staff
- Enable payment workflows (without handling funds)
- Provide reporting and analytics to Clients
- Ensure system security and performance
We do not sell personal data.
Data Ownership and Control
- Clients (businesses) own and control their data, including staff and operational data
- BowlRMS acts as a processor on behalf of Clients
- Customers interact under the Client's environment
Data Retention
- Business data is retained while the account is active
- Upon account deletion, data is scheduled for deletion within 7 days
- Temporary/session data (e.g., AI chats, payment phone numbers) is not retained
Data Security
We implement industry-standard safeguards, including:
- Secure authentication
- Access controls
- Encrypted communication (HTTPS)
- Controlled infrastructure access
Third-Party Services
BowlRMS integrates with:
- Payment providers (e.g., MPesa, Paystack)
- AI service providers
These services operate under their own privacy policies.
User Rights
In accordance with applicable data protection laws (including Kenya's Data Protection Act):
Users may:
- Request access to their data
- Request correction of inaccurate data
- Request deletion of their data
- Withdraw consent where applicable
Requests may be made via: support@bowlrms.com
Children's Data
BowlRMS is designed for business use and is not intended for direct use by minors.
Changes to This Policy
We may update this Privacy Policy periodically. Updates will be communicated via the platform or official channels.