AI disclosure: When you call a restaurant powered by Callra, you are speaking with an AI voice agent. Callers are told calls may be recorded for order accuracy before any recording begins, and can opt out at any time.

Trust & Data Handling · U.S.-based · PCI-compliant payment processors

Restaurant AI Security — How Callra Handles Your Data

Callra AI is U.S.-based and hosted on AWS. Payment card data is handled by PCI-compliant processors — Stripe, Converge/Elavon, Clover, or Square — via hosted checkout and tokenization, so Callra never stores raw card numbers. Calls may be recorded and transcribed for order accuracy; the AI agent can disclose the recording and its AI identity, and recording and consent behavior is configurable per state. Data is encrypted in transit and at rest, and you own your data — Callra does not sell it.

What security certifications does Callra AI hold?

Callra AI is pre-launch and early-stage, and we don’t hold formal third-party certifications yet — no SOC 2, no ISO 27001, no PCI DSS certification of our own, no HIPAA attestation. We’d rather tell you plainly what we do today than claim credentials we haven’t earned. Here is what is actually true right now.

Callra AI current data-handling practices — plain status, no overclaims.
AreaStatusWhat it means for your restaurant
Payment card dataHandled by PCI-compliant processorsCard payments go through hosted checkout and tokenization at Stripe, Converge/Elavon, Clover, or Square. Callra does not store raw card numbers.
SOC 2 / ISO 27001 / HIPAANot certifiedCallra does not hold these certifications today. No claims are made otherwise.
Data hostingU.S.-based (AWS)Call data and order data are hosted in the United States.
Call recording disclosureBuilt in, configurable per stateThe agent can disclose recording and its AI identity before capturing audio.
EncryptionIn transit and at restStandard encryption practices apply to stored and transmitted data.

As Callra completes formal audits, we will publish the real results here — not before.

How does Callra handle payment card data on phone orders?

When a guest reads a card number aloud during a phone order, the risk is obvious: a spoken card number could be recorded, transcribed, and stored. Callra’s approach is to keep raw card data out of our systems entirely. Payment is handled through hosted checkout and tokenization at PCI-compliant processors — Stripe, Converge/Elavon, Clover, or Square — and the card is tokenized before any Callra server processes it.

What Callra stores vs. what the payment processor stores

Callra stores a payment token, plus non-sensitive metadata — amount, last 4 digits, authorization time. Callra never stores the full card number. Refunds and reversals go through the processor’s API against the stored token, not through a card number Callra holds, because Callra holds none. Callra itself is not PCI DSS certified — the certified processors we route payments through are.

Handling of card-number audio

For the portion of a call where a card number is spoken, we aim to avoid retaining that audio segment or writing sensitive card data to transcripts. The stored record keeps only payment metadata — amount, token, last 4, and timestamp — not the card number itself.

Is Callra AI working toward SOC 2 or other certifications?

Formal certifications like SOC 2 Type II are audits of how a vendor’s controls operate over an observation period. Callra does not currently have an active SOC 2 engagement, and we won’t claim one until it’s real. As we grow, formal security audits are part of our roadmap, and we’ll publish verifiable results here — not marketing claims — once they exist.

How does Callra handle guest data privacy?

Guest data Callra processes — name, phone number, order history, voice recording, and transcript — is treated as data you own. Callra does not sell or share guest data with third parties. Requests about your data can be sent to privacy@callra.ai. Full detail lives in our privacy notice.

Call recording disclosure and consent

Calls may be recorded and transcribed for order accuracy. The AI agent can disclose that the call may be recorded and that the caller is speaking with an AI before capturing audio. Recording and consent behavior — including whether a disclosure plays before the first utterance — is configurable per state, so it can be set up to support one-party and two-party (all-party) consent requirements. This is a product feature and a compliance commitment we are building toward, not a completed legal certification.

An example disclosure

Can play before any utterance is recorded

“Hi — this is [Restaurant Name]. Calls may be recorded for order accuracy. How can I help?”

Several states require all-party (two-party) consent before a call can be recorded. Callra’s disclosure and recording settings are configurable so an operator can align call handling with the requirements of the state they operate in.

WAORCANVIDMTUTAZCOTXILFLPANYOHGAMIMNMONC
Figure 2 — All-party (two-party) consent states are highlighted: California, Illinois, Pennsylvania, Florida, and Washington. Schematic, not to geographic scale; full list in the table below.
States generally requiring all-party (two-party) call recording consent, for reference.
JurisdictionConsent ruleHow Callra supports it
California (CA)All-partyDisclosure can be configured before first utterance
Illinois (IL)All-partyDisclosure can be configured before first utterance
Pennsylvania (PA)All-partyDisclosure can be configured before first utterance
Florida (FL)All-partyDisclosure can be configured before first utterance
Washington (WA)All-partyDisclosure can be configured before first utterance
Other statesGenerally one-partyDisclosure available, configurable per operator

This information is provided for general awareness and is not legal advice. Operators should confirm recording-consent requirements for their state with their own counsel.

Data residency — where is restaurant call data stored?

Callra hosts data with AWS in the United States. Voice recordings, transcripts, and order data are encrypted in transit and at rest.

Voice AI architecture — how Callra separates payment data

The reason Callra can keep raw card data out of its own systems is architectural: the system is built as separated layers, so the components that handle payment never share state with the components that record and transcribe audio. The diagram below shows the pipeline and the point where card data leaves Callra’s systems for the payment processor.

Layer separation — model, orchestration, tools, and logging

Callra AI voice payment architecture showing the payment tokenization boundary at a PCI-compliant processor.A left-to-right pipeline: customer phone call enters via SIP trunk, passes through the ASR/NLU layer and the menu lookup layer, then reaches the tokenization boundary at a PCI-compliant payment processor, where raw card data exits Callra’s systems. Only a payment token plus metadata is written back to the POS.CALLRA SYSTEMS — no raw card number (PAN) storedPCI-COMPLIANT PROCESSORCustomer CallInbound orderSIP TrunkEncrypted TLS 1.3ASR / NLU< 300 ms latencyMenu RAGPOS source-of-truthTokenizationBoundaryCard data exits herePOS Write-BackToken + last 4only — never PAN
Figure 1 — Callra separates payment handling from call processing: raw card data is tokenized at the payment processor boundary and never written to a Callra server.

The model layer, the orchestration layer, the tools layer, and the logging layer are kept separate so that logging never sees a full card number, and the tokenization boundary sits at the payment processor. A guest call enters over telephony infrastructure, the speech-recognition layer interprets the order, the menu-lookup layer reads from the POS source of truth, and payment is tokenized at the processor boundary. Only a token and the last 4 digits are written back to the POS.

Security testing

Callra does not currently run a scheduled third-party penetration-testing program. Security review and testing cadence are part of our roadmap as the product and company mature.

Accessibility

We aim to make Callra’s web experience accessible, and the voice AI supports escalation to a human or text channel. We do not currently hold formal WCAG certification and won’t claim one until an audit confirms it.

Which subprocessors handle call data?

Callra uses a focused set of subprocessors to run the product. Here is the full list of providers that touch call audio, transcripts, or customer data:

Callra AI subprocessors.
ProviderPurpose
DeepgramSpeech-to-text
CartesiaText-to-speech (select languages)
ElevenLabsText-to-speech (select languages)
Google (Gemini)Language model
TwilioTelephony
LiveKitTelephony / real-time media
StripePayment processing
Converge/ElavonPayment processing
CloverPayment processing
SquarePayment processing
SendGridTransactional email
AWSHosting
MongoDB AtlasData storage
RedisData storage / caching

Questions about our security practices?

If you have questions about how Callra handles your data, email privacy@callra.ai, or book a demo and our team can walk you through our current practices and our roadmap for formal certifications.

Security FAQ

Straight answers on payment card data handling, data hosting, call recording consent, and what certifications we do and don’t hold today.

Callra AI itself is not PCI DSS certified. Payment card data is handled by PCI-compliant processors — Stripe, Converge/Elavon, Clover, or Square — via hosted checkout and tokenization, so Callra never stores raw card numbers.

Not yet. Callra is pre-launch and does not hold SOC 2, ISO 27001, HIPAA, or GDPR certification today. We will publish real audit results here if and when they are completed — we do not claim certifications we don’t have.

Data is hosted with AWS in the United States. Call recordings, transcripts, and order data are encrypted in transit and at rest.