Privacy Policy
Last updated on March 10, 2026
1. Introduction
Bayze Inc. ("Bayze," "we," "us," or "our") is a franchise analytics and growth platform that provides data-driven insights and AI-powered recommendations to franchise restaurant operators. This Privacy Policy describes how we collect, use, disclose, and protect personal information when you use our website, platform, and related services (collectively, the "Service").
This Privacy Policy applies to:
Account holders and authorized users of the Bayze platform ("Users")
Visitors to our website
End customers of franchise restaurants whose data may be processed through our platform ("Consumer Data")
Employees and workforce members of franchise restaurants whose data may be processed through our platform ("Workforce Data")
By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you are a franchise operator providing us with Consumer Data or Workforce Data, you represent and warrant that you have the necessary rights, consents, and legal authority to share such data with Bayze.
For questions or concerns about this Privacy Policy, contact us at privacy@bayze.com or write to us at:
Bayze Inc.
1050 Queen St #100
Honolulu, HI 96814
2. Information We Collect
We collect information in the following categories:
2.1 Account and Identity Data
When you create an account or interact with our Service, we collect information such as your full name, email address, phone number, job title, company or franchise name, account username, and profile photo. If you are an authorized user under a franchise operator's account, your account may be provisioned by your organization.
2.2 Billing and Payment Data
When you subscribe to the Service, we collect billing information including your billing address, and payment details processed through our third-party payment processors. Bayze does not directly store full credit or debit card numbers. Our payment processors may collect and store your payment card information in accordance with their own privacy policies.
2.3 Franchise Business Data
We collect franchise business information provided by or on behalf of franchise operators, including restaurant location addresses, store and unit identifiers, menu data, pricing data, hours of operation, franchise brand affiliation, and number of locations.
2.4 Sales and Transaction Data
We collect point-of-sale (POS) transaction data from franchise restaurants through direct data uploads and API integrations with POS systems. This may include order volumes, revenue figures, average ticket size, item-level sales data, refund and void data, and payment method mix. Bayze does not intentionally collect, store, or process raw payment card data (e.g., full credit or debit card numbers, CVVs, or magnetic stripe data) from POS integrations. Franchise operators are responsible for ensuring that POS feeds transmitted to Bayze do not contain sensitive Payment Card Industry (PCI) data. If PCI data is inadvertently transmitted to Bayze, we will take reasonable steps to identify and purge it upon discovery.
2.5 Consumer Data (End Customers of Franchises)
Through our franchise clients' POS integrations and data uploads, we may process information about the franchise's end customers, including consumer names, email addresses, phone numbers, order history, loyalty program data, delivery addresses, and feedback or reviews. Bayze processes this data on behalf of the franchise operator as a service provider. Franchise operators are responsible for obtaining any required consents from their end customers before providing this data to Bayze.
2.6 Employee and Workforce Data
Through our franchise clients' data uploads and integrations, we may process information about franchise restaurant employees, including employee names, roles, shift schedules, labor hours, wage and tip data, and performance metrics. Bayze processes this data on behalf of the franchise operator as a service provider. Bayze does not collect biometric data such as fingerprints or facial recognition data. If your organization uses biometric systems, that data should not be transmitted to Bayze.
2.7 Device and Technical Data
When you access our Service, we automatically collect technical information including your IP address, browser type and version, operating system, device type, screen resolution, device identifiers, and language settings.
2.8 Usage and Behavioral Data
We collect information about how you interact with the Bayze platform, including pages and features viewed, clickstream data, session duration, feature adoption metrics, search queries within the platform, report generation history, and login timestamps.
2.9 Cookies and Tracking Technologies
We use cookies and similar tracking technologies on our website and platform. These include:
Essential cookies that are necessary for the Service to function (e.g., session management, authentication)
Analytics cookies provided by third-party services, including Google Analytics, to help us understand how users interact with the Service
Functional cookies that remember your preferences and settings
For more information about the cookies we use and how to manage your preferences, see Section 7 (Your Rights and Choices) below.
2.10 Location Data
We collect approximate location information derived from your IP address. We do not collect precise GPS-based geolocation data. Franchise restaurant location data (addresses and coordinates) is collected as part of Franchise Business Data described in Section 2.3.
2.11 Communications Data
We collect information you provide when you contact us for support or communicate with us through the Service, including support ticket content, chat transcripts, and email correspondence.
2.12 Analytics and Derived Data
Bayze generates AI-powered analytics, insights, growth recommendations, predictive scores, and benchmark rankings based on the data described above. These derived outputs are created by Bayze's proprietary algorithms and AI models.
2.13 Third-Party Data
We receive data through integrations with your POS systems and other platforms you choose to connect. The categories of data received depend on the specific integration and are described in the applicable sections above.
2.14 Log and Security Data
We automatically collect server logs, error logs, access logs, authentication logs, API call logs, and security event logs to maintain the security and reliability of the Service.
3. How We Use Your Information
We use the information we collect for the following purposes:
Providing and operating the Service. We use your data to deliver the Bayze platform, generate analytics and AI-powered insights, produce reports, and provide franchise performance benchmarking.
AI-powered features. Bayze uses artificial intelligence and machine learning to generate analytics and growth recommendations based on your Franchise Business Data, Sales and Transaction Data, Consumer Data, and Workforce Data. AI-generated outputs are provided for informational purposes and should not be relied upon as the sole basis for business decisions. See Section 6 (Artificial Intelligence and Automated Decision-Making) for more information.
Account management. We use Account and Identity Data and Billing and Payment Data to create and manage your account, process payments, and communicate with you about your subscription.
Improving the Service. We use Usage and Behavioral Data, Log Data, and aggregated analytics to understand how the Service is used, identify issues, and improve features and performance.
Improving our AI models and benchmarking. We may use de-identified and aggregated data — from which individual franchise operators, locations, consumers, and employees cannot be identified — to train and improve our AI models and to generate industry-level benchmarks and insights. No individually identifiable data is used for this purpose without your consent. See Section 6 for more information on how you can opt out.
Security and fraud prevention. We use Log and Security Data, Device and Technical Data, and authentication records to protect the Service, detect and prevent unauthorized access, and investigate potential security incidents.
Customer support. We use Communications Data and Account Data to respond to your inquiries, troubleshoot issues, and provide technical support.
Legal compliance. We use personal information as necessary to comply with applicable laws, regulations, legal processes, or governmental requests.
Communications. We may use your contact information to send you service-related communications, including account notifications, security alerts, and updates about the Service. We will not send you marketing communications without your consent.
4. How We Share Your Information
Bayze does not sell your personal information. Bayze does not share your personal information with third parties for their own marketing or advertising purposes.
We share information only in the following circumstances:
4.1 Service Providers
We share personal information with third-party service providers who perform services on our behalf and under our instructions. These service providers are contractually required to use personal information only for the purposes of providing services to Bayze and are prohibited from using it for their own purposes. Our current categories of service providers include:
Cloud infrastructure providers for hosting and data storage
Payment processors for billing and subscription management
Analytics providers for understanding Service usage and performance
AI and machine learning providers for powering our analytics and recommendation features
Email and communications providers for transactional and service-related messaging
Customer support tools for managing support inquiries
4.2 At Your Direction
We may share information at your direction or with your consent — for example, when you choose to integrate the Service with a third-party platform or export your data.
4.3 Legal Requirements
We may disclose personal information if required to do so by law, regulation, legal process, or governmental request, or if we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Bayze, our users, or the public.
4.4 Business Transfers
If Bayze is involved in a merger, acquisition, reorganization, bankruptcy, or sale of assets, your personal information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.
4.5 Aggregated and Anonymized Data
We may share aggregated or de-identified data that cannot reasonably be used to identify any individual. This may include industry benchmarks, trend analyses, and aggregate performance metrics.
5. Cookies and Tracking Technologies
5.1 What We Use
Bayze uses the following categories of cookies and tracking technologies:
Essential Cookies: Required for the Service to function. These cannot be disabled. Examples include: session cookies, authentication tokens, CSRF protection
Analytics Cookies: Help us understand how users interact with the Service. Examples include: Google Analytics and PostHog
Functional Cookies: Remember your preferences and settings. Examples include language preferences, dashboard layout settings
5.2 Third-Party Analytics
We use Google Analytics and PostHog, which set their own cookies on your device. These services collect information such as how often you visit the Service, what pages you view, and what other sites you visited prior to coming to the Service. We use this information to improve the Service. These third-party analytics providers' ability to use and share information they collect is governed by their respective terms of service and privacy policies.
5.3 Managing Cookies
You can manage your cookie preferences through your browser settings. Most browsers allow you to block or delete cookies. Please note that if you disable essential cookies, certain features of the Service may not function properly.
5.4 Global Privacy Control
Bayze honors Global Privacy Control ("GPC") signals. If your browser sends a GPC signal, we will treat it as a valid opt-out of the sale or sharing of personal information, as required by applicable state laws. We will automatically suppress non-essential tracking when a GPC signal is detected.
6. Artificial Intelligence and Automated Decision-Making
6.1 How We Use AI
Bayze uses artificial intelligence and machine learning technologies to generate analytics and growth recommendations based on the data you and your franchise provide through the Service.
6.2 Important Limitations
PLEASE READ THIS SECTION CAREFULLY. AI-GENERATED ANALYTICS, RECOMMENDATIONS, AND INSIGHTS ARE PROVIDED FOR INFORMATIONAL PURPOSES ONLY. THEY ARE GENERATED BY AUTOMATED SYSTEMS AND MAY CONTAIN ERRORS, INACCURACIES, OR INCOMPLETE INFORMATION. YOU SHOULD NOT RELY ON AI-GENERATED OUTPUTS AS THE SOLE BASIS FOR BUSINESS, FINANCIAL, OPERATIONAL, OR LEGAL DECISIONS. BAYZE DOES NOT GUARANTEE THE ACCURACY, COMPLETENESS, OR RELIABILITY OF ANY AI-GENERATED OUTPUT.
6.3 Use of De-Identified Data for Model Improvement
Bayze may de-identify and aggregate data for the purpose of training and improving our AI models and generating industry-level benchmarks. Our de-identification process removes all direct and indirect identifiers — including names, email addresses, location identifiers, account numbers, and any other information that could reasonably be used to identify a specific franchise operator, location, consumer, or employee. Once data has been de-identified and aggregated through this process, it is no longer considered personal information under applicable privacy laws, including the CCPA/CPRA.
Bayze's use of de-identified data for model improvement is authorized under our agreements with franchise operators. The right to de-identify data for product improvement and AI model training is granted through the applicable Master Services Agreement and Data Processing Addendum, not through this Privacy Policy alone.
You may opt out of the use of your data for model improvement purposes by contacting us at privacy@bayze.com. Upon receipt of an opt-out request, Bayze will exclude your data from future de-identification processes within thirty (30) days.
6.4 Your Right to Human Review
If you believe that an AI-generated recommendation or decision has materially affected your use of the Service, you may request human review by contacting us at privacy@bayze.com. We will review your request and respond within thirty (30) days.
7. Your Rights and Choices
Depending on your state of residence, you may have some or all of the following rights with respect to your personal information:
7.1 Access
You have the right to request a copy of the personal information we hold about you, including the categories of information collected, the sources from which it was collected, the purposes for which it is used, and the categories of third parties with whom it has been shared.
7.2 Deletion
You have the right to request that we delete your personal information, subject to certain exceptions (such as data we are required to retain for legal or compliance purposes).
7.3 Correction
You have the right to request that we correct inaccurate personal information we hold about you.
7.4 Data Portability
You have the right to request your personal information in a commonly used, machine-readable format (such as CSV or JSON).
7.5 Opt-Out of Sale or Sharing
Bayze does not sell your personal information and does not share it with third parties for targeted advertising purposes. If this changes in the future, we will update this Privacy Policy and provide you with a clear mechanism to opt out.
7.6 Opt-Out of AI Model Training
You may opt out of the use of your data for AI model improvement and benchmarking by contacting us at privacy@bayze.com.
7.7 How to Exercise Your Rights
To exercise any of the rights described above, please contact us at privacy@bayze.com. We will verify your identity before processing your request. We will respond to your request within thirty (30) days, or within the timeframe required by applicable law, whichever is shorter. If we need additional time, we will notify you of the reason and the expected response date.
You may designate an authorized agent to submit a request on your behalf. We may require verification that you have authorized the agent to act on your behalf.
We will not discriminate against you for exercising any of your privacy rights.
7.8 State-Specific Rights
Residents of certain states have additional rights under their state privacy laws:
California (CCPA/CPRA): California residents have the right to know what personal information is collected, the right to delete, the right to correct, the right to opt out of the sale or sharing of personal information, and the right to limit the use of sensitive personal information. Bayze does not sell personal information and does not use or disclose sensitive personal information for purposes beyond those permitted by the CCPA/CPRA.
Colorado, Connecticut, Virginia, and other states with comprehensive privacy laws: Residents of these states have similar rights to access, delete, correct, and port their data, as well as the right to opt out of targeted advertising, the sale of personal information, and certain profiling activities. If you are a resident of one of these states and wish to exercise your rights, please contact us at privacy@bayze.com.
Maryland (MODPA): Maryland residents have the right to data minimization. Bayze collects only the personal information that is reasonably necessary for the purposes disclosed in this Privacy Policy.
8. Data Retention
We retain personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general retention practices are as follows:
Data Category & Retention Period
Account and Identity Data: Duration of the account relationship plus 12 months following account closure
Billing and Payment Data: Duration of the account relationship plus the period required for tax and financial compliance (typically 7 years)
Franchise Business Data: Duration of the account relationship plus 12 months following account closure, unless deletion is requested sooner
Sales and Transaction Data: Duration of the account relationship plus 12 months following account closure, unless deletion is requested sooner
Consumer Data: Duration of the account relationship plus 90 days following account closure
Employee and Workforce Data: Retained until deleted by the franchise operator within the platform, or duration of the account relationship plus 90 days following account closure, whichever is sooner. Individual employee records may be deleted by the franchise operator at any time.
Device and Technical Data: 24 months from collection
Usage and Behavioral Data: 24 months from collection
Cookies and Tracking Data: Varies by cookie; see Section 5
Communications Data: 36 months from last interaction
Analytics and Derived Data: Duration of the account relationship plus 12 months following account closure
Log and Security Data: 12 months from collection
When data reaches the end of its retention period, it is deleted or de-identified. De-identified data that cannot reasonably be used to identify any individual may be retained indefinitely for research, benchmarking, and service improvement purposes.
9. Data Security
Bayze implements reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, use, alteration, and destruction. These measures include:
Encryption of data in transit using TLS (Transport Layer Security)
Encryption of data at rest using industry-standard encryption
Role-based access controls to limit access to personal information to authorized personnel
Regular security assessments and monitoring
While we take reasonable precautions to protect your information, no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee the absolute security of your personal information.
10. Data Processed on Behalf of Franchise Operators
When Bayze processes Consumer Data or Workforce Data on behalf of a franchise operator, Bayze acts as a service provider (as defined under the CCPA/CPRA) or processor (as the term is used in other privacy frameworks). In this capacity:
Bayze processes Consumer Data and Workforce Data only as directed by the franchise operator and as necessary to provide the Service.
Bayze does not sell Consumer Data or Workforce Data.
Bayze does not use Consumer Data or Workforce Data for any purpose other than providing the Service, except as described in Section 6.3 (use of de-identified and aggregated data for model improvement), subject to the franchise operator's right to opt out.
Franchise operators are responsible for providing all required notices to, and obtaining all required consents from, their end customers and employees regarding the collection and sharing of their personal information with Bayze. This obligation is a material term of the franchise operator's agreement with Bayze, and franchise operators agree to indemnify Bayze for claims arising from their failure to obtain required consents, as set forth in the applicable Master Services Agreement.
If you are an end customer or employee of a franchise restaurant and wish to exercise your privacy rights with respect to data processed through the Bayze platform, please contact the franchise operator directly. The franchise operator is the controller of your data and is responsible for responding to your request. If you are unable to reach the franchise operator, you may contact us at privacy@bayze.com and we will make reasonable efforts to direct your request appropriately.
11. Children's Privacy
The Bayze Service is designed for business use by franchise operators and their authorized personnel. It is not directed at individuals under the age of 18. We do not knowingly collect personal information directly from children under 13 (or under 16 in jurisdictions that set a higher age threshold). If we learn that we have collected personal information directly from a child, we will promptly delete that information. If you believe a child has provided personal information to Bayze, please contact us at privacy@bayze.com.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the Service, or applicable law. When we make material changes, we will notify you by posting the revised Privacy Policy on our website with an updated "Last Updated" date, and, where appropriate, by sending you an email notification or an in-app notice.
We encourage you to review this Privacy Policy periodically. Your continued use of the Service after the effective date of any changes constitutes your acknowledgment of the updated Privacy Policy.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:
Bayze Inc.
1050 Queen St #100
Honolulu, HI 96814
Email: privacy@bayze.com
This Privacy Policy is effective as of March 10, 2026.