Te Ta AI

Privacy Policy

Last updated: April 7, 2026

Te Ta AI is a self-hosted platform. Your data stays on YOUR server. We never access, store, or process your restaurant data, customer information, or conversations.

1. Who we are

Te Ta AI is based in Tirana, Albania. We build and sell self-hosted restaurant management software.

Contact: [email protected]

2. What we collect

2.1 When you purchase

When you buy Te Ta AI through LemonSqueezy, we receive:

Your name and email address
Payment confirmation (we never see your credit card details — LemonSqueezy handles payment)
License key associated with your purchase
Country (for VAT purposes, handled by LemonSqueezy)

2.2 When you visit teta-ai.com

We use basic analytics (Netlify Analytics) which may collect:

Page views and referrer URLs
Country-level location (no precise geolocation)
Browser type

We do NOT use cookies for tracking. We do NOT use Google Analytics, Facebook Pixel, or any third-party trackers.

2.3 What we do NOT collect

Your restaurant data (reservations, customers, menus) — this stays on YOUR server
WhatsApp conversations — processed on YOUR server, never sent to us
Customer phone numbers or personal data — stored in YOUR database only
AI API usage data — your API key, your provider, your data

3. Self-hosted architecture

Te Ta AI is designed to be self-hosted. This means:

You deploy the software on your own server (Railway, Docker, VPS, etc.)
All data is stored in YOUR PostgreSQL database
All AI conversations go directly between your server and your AI provider (Anthropic, OpenAI, or Google)
WhatsApp connections are made from YOUR server using YOUR phone number
We have zero access to your running instance

Think of Te Ta AI like buying a car — once you drive it off the lot, we don't track where you go or who rides with you.

4. License verification

Te Ta AI connects to LemonSqueezy's API once at startup to verify your license key. This transmits:

Your license key
No other data

If you use MANAGED_MODE (for locally managed deployments), no license verification occurs at all.

5. Third-party services

Te Ta AI integrates with third-party services that YOU choose and configure:

AI Providers (Anthropic, OpenAI, Google) — your API key, your account, their privacy policy applies
WhatsApp (via Baileys library) — your phone number, your conversations
Railway/Docker (hosting) — your deployment, their terms apply
LemonSqueezy (payments) — handles purchase data under their privacy policy

6. Data retention

Purchase data: Retained as long as your license is active, for support purposes
Website analytics: Aggregated, no personal identifiers, retained 30 days
Your restaurant data: Entirely under your control — delete anytime from your own database

7. Your rights (GDPR)

If you are in the EU/EEA, you have the right to:

Access the personal data we hold about you (purchase info only)
Request correction of inaccurate data
Request deletion of your data
Object to processing
Data portability

To exercise these rights, contact: [email protected]

8. Data protection for your customers

As a restaurant owner using Te Ta AI, YOU are the data controller for your customers' data. You are responsible for:

Informing your customers that you use an AI bot for reservations
Handling data access/deletion requests from your customers
Complying with local privacy laws in your jurisdiction

9. Security

Te Ta AI implements:

Helmet.js security headers
Rate limiting on all endpoints
Timing-safe authentication comparison
Brute-force protection on login
Input validation with Zod schemas
Parameterized SQL queries (no SQL injection)
CORS configuration

10. Children's privacy

Te Ta AI is designed for business use by restaurant owners. We do not knowingly collect data from children under 16. If you believe a child has provided personal data, contact us and we will delete it.

11. Changes to this policy

We may update this privacy policy from time to time. Changes will be posted on this page