Your Data.
Our Responsibility.
At LlamaChilly, we take the research layer and the protection of guest identity seriously. This policy describes how we collect, use, and safeguard information through our integrations with POS systems, PMS platforms, and reservation engines.
Last Updated: March 2026Information We Collect
To transform a generic lead into a hyper-personalized experience, LlamaChilly accesses the following categories of data through authorized platform integrations.
We capture leads from platforms like Instagram and Facebook. This includes names, email addresses, and phone numbers provided through interaction or ad engagement.
Through integrations with systems such as Lightspeed K-Series, Toast, and Square, we access detailed spending history, average ticket size, visit frequency, and consumed items (e.g. wine preferences, dessert patterns).
From platforms like Mews, Cloudbeds, Formitable, and SevenRooms, we obtain loyalty codes, dietary requirements, preferred language, and custom tags such as "VIP" or "Wine Lover".
We monitor reviews in real time through the Google Business Profile and TripAdvisor APIs, enabling automated feedback loops and reputation management.
How We Use It
Every data point we process serves a single purpose: making the connection between restaurants and their future guests more precise, timely, and personal.
Crafting specific offers based on historical behavior. Inviting a guest to a glass of their favorite wine instead of sending a generic discount.
Enabling direct conversions into real-time inventory systems, preventing double bookings and ensuring seamless table allocation.
Automating thank-you messages for positive reviews and generating management alerts for negative feedback. Every voice gets heard.
Scheduling outreach via WhatsApp or email at the moments of highest conversion probability, based on each guest’s consumption patterns.
Consent & Security
Explicit Consent. In full compliance with GDPR and European data regulations, LlamaChilly requires explicit permission from the end user before storing contact information or processing any personally identifiable information (PII).
Secure Authentication. All integrations with partner platforms (Lightspeed, Toast, Mews, and others) are performed through OAuth 2.0 handshakes, ensuring that data access occurs only with the explicit consent of the restaurant owner.
Data Protection. We implement security standards equivalent to PCI DSS for payment data management and end-to-end encryption across all data transmissions. Your data never travels unprotected.
We never sell personal data to third parties. Privacy is not an afterthought. It is architecture.
Third-Party Sharing
LlamaChilly acts as an orchestrator that synchronizes data between diverse systems. Information may be shared with the following categories of partners, and only to the extent required for service delivery.
Marketing Systems. Platforms such as HubSpot or Salesforce, used to centralize the customer lifecycle and ensure consistent communication.
Reservation Providers. To reflect automatically generated bookings on the restaurant's floor plan in real time.
Physical Automation. In advanced configurations, data may be sent to robotic service management systems to personalize the physical welcome experience on-site.
Your Rights
Users and guests have the right to request access, rectification, or complete deletion of their profiles from our Client Directory. LlamaChilly uses identity resolution tools to prevent duplicate profiles and ensure information is always accurate and up to date.
Right of Access
Request a full copy of the personal data we hold about you at any time.
Right to Rectification
Correct any inaccurate or incomplete personal information in your profile.
Right to Erasure
Request the complete deletion of your data from our systems and client directories.
Right to Object
Object to the processing of your data for specific purposes, including profiling and marketing.
You have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl. For full details on data processing, retention, and your GDPR rights, see our GDPR Compliance page.
Trust is not a feature. It is the foundation.
Ready to Transform
Your Revenue?
Join restaurants already automating their booking pipeline
