AI disclosure: When you call a restaurant powered by Callra, you are speaking with an AI voice agent. Callers are told calls may be recorded for order accuracy before any recording begins, and can opt out at any time.
Trust & Data Handling · U.S.-based · PCI-compliant payment processors
Restaurant AI Security — How Callra Handles Your Data
Callra AI is U.S.-based and hosted on AWS. Payment card data is handled by PCI-compliant processors — Stripe, Converge/Elavon, Clover, or Square — via hosted checkout and tokenization, so Callra never stores raw card numbers. Calls may be recorded and transcribed for order accuracy; the AI agent can disclose the recording and its AI identity, and recording and consent behavior is configurable per state. Data is encrypted in transit and at rest, and you own your data — Callra does not sell it.
What security certifications does Callra AI hold?
Callra AI is pre-launch and early-stage, and we don’t hold formal third-party certifications yet — no SOC 2, no ISO 27001, no PCI DSS certification of our own, no HIPAA attestation. We’d rather tell you plainly what we do today than claim credentials we haven’t earned. Here is what is actually true right now.
| Area | Status | What it means for your restaurant |
|---|---|---|
| Payment card data | Handled by PCI-compliant processors | Card payments go through hosted checkout and tokenization at Stripe, Converge/Elavon, Clover, or Square. Callra does not store raw card numbers. |
| SOC 2 / ISO 27001 / HIPAA | Not certified | Callra does not hold these certifications today. No claims are made otherwise. |
| Data hosting | U.S.-based (AWS) | Call data and order data are hosted in the United States. |
| Call recording disclosure | Built in, configurable per state | The agent can disclose recording and its AI identity before capturing audio. |
| Encryption | In transit and at rest | Standard encryption practices apply to stored and transmitted data. |
As Callra completes formal audits, we will publish the real results here — not before.
How does Callra handle payment card data on phone orders?
When a guest reads a card number aloud during a phone order, the risk is obvious: a spoken card number could be recorded, transcribed, and stored. Callra’s approach is to keep raw card data out of our systems entirely. Payment is handled through hosted checkout and tokenization at PCI-compliant processors — Stripe, Converge/Elavon, Clover, or Square — and the card is tokenized before any Callra server processes it.
What Callra stores vs. what the payment processor stores
Callra stores a payment token, plus non-sensitive metadata — amount, last 4 digits, authorization time. Callra never stores the full card number. Refunds and reversals go through the processor’s API against the stored token, not through a card number Callra holds, because Callra holds none. Callra itself is not PCI DSS certified — the certified processors we route payments through are.
Handling of card-number audio
For the portion of a call where a card number is spoken, we aim to avoid retaining that audio segment or writing sensitive card data to transcripts. The stored record keeps only payment metadata — amount, token, last 4, and timestamp — not the card number itself.
Is Callra AI working toward SOC 2 or other certifications?
Formal certifications like SOC 2 Type II are audits of how a vendor’s controls operate over an observation period. Callra does not currently have an active SOC 2 engagement, and we won’t claim one until it’s real. As we grow, formal security audits are part of our roadmap, and we’ll publish verifiable results here — not marketing claims — once they exist.
How does Callra handle guest data privacy?
Guest data Callra processes — name, phone number, order history, voice recording, and transcript — is treated as data you own. Callra does not sell or share guest data with third parties. Requests about your data can be sent to privacy@callra.ai. Full detail lives in our privacy notice.
Call recording disclosure and consent
Calls may be recorded and transcribed for order accuracy. The AI agent can disclose that the call may be recorded and that the caller is speaking with an AI before capturing audio. Recording and consent behavior — including whether a disclosure plays before the first utterance — is configurable per state, so it can be set up to support one-party and two-party (all-party) consent requirements. This is a product feature and a compliance commitment we are building toward, not a completed legal certification.
An example disclosure
Can play before any utterance is recorded
“Hi — this is [Restaurant Name]. Calls may be recorded for order accuracy. How can I help?”
State-by-state two-party consent landscape
Several states require all-party (two-party) consent before a call can be recorded. Callra’s disclosure and recording settings are configurable so an operator can align call handling with the requirements of the state they operate in.
| Jurisdiction | Consent rule | How Callra supports it |
|---|---|---|
| California (CA) | All-party | Disclosure can be configured before first utterance |
| Illinois (IL) | All-party | Disclosure can be configured before first utterance |
| Pennsylvania (PA) | All-party | Disclosure can be configured before first utterance |
| Florida (FL) | All-party | Disclosure can be configured before first utterance |
| Washington (WA) | All-party | Disclosure can be configured before first utterance |
| Other states | Generally one-party | Disclosure available, configurable per operator |
This information is provided for general awareness and is not legal advice. Operators should confirm recording-consent requirements for their state with their own counsel.
Data residency — where is restaurant call data stored?
Callra hosts data with AWS in the United States. Voice recordings, transcripts, and order data are encrypted in transit and at rest.
Voice AI architecture — how Callra separates payment data
The reason Callra can keep raw card data out of its own systems is architectural: the system is built as separated layers, so the components that handle payment never share state with the components that record and transcribe audio. The diagram below shows the pipeline and the point where card data leaves Callra’s systems for the payment processor.
Layer separation — model, orchestration, tools, and logging
The model layer, the orchestration layer, the tools layer, and the logging layer are kept separate so that logging never sees a full card number, and the tokenization boundary sits at the payment processor. A guest call enters over telephony infrastructure, the speech-recognition layer interprets the order, the menu-lookup layer reads from the POS source of truth, and payment is tokenized at the processor boundary. Only a token and the last 4 digits are written back to the POS.
Security testing
Callra does not currently run a scheduled third-party penetration-testing program. Security review and testing cadence are part of our roadmap as the product and company mature.
Accessibility
We aim to make Callra’s web experience accessible, and the voice AI supports escalation to a human or text channel. We do not currently hold formal WCAG certification and won’t claim one until an audit confirms it.
Which subprocessors handle call data?
Callra uses a focused set of subprocessors to run the product. Here is the full list of providers that touch call audio, transcripts, or customer data:
| Provider | Purpose |
|---|---|
| Deepgram | Speech-to-text |
| Cartesia | Text-to-speech (select languages) |
| ElevenLabs | Text-to-speech (select languages) |
| Google (Gemini) | Language model |
| Twilio | Telephony |
| LiveKit | Telephony / real-time media |
| Stripe | Payment processing |
| Converge/Elavon | Payment processing |
| Clover | Payment processing |
| Square | Payment processing |
| SendGrid | Transactional email |
| AWS | Hosting |
| MongoDB Atlas | Data storage |
| Redis | Data storage / caching |
Questions about our security practices?
If you have questions about how Callra handles your data, email privacy@callra.ai, or book a demo and our team can walk you through our current practices and our roadmap for formal certifications.
Security FAQ
Straight answers on payment card data handling, data hosting, call recording consent, and what certifications we do and don’t hold today.
Callra AI itself is not PCI DSS certified. Payment card data is handled by PCI-compliant processors — Stripe, Converge/Elavon, Clover, or Square — via hosted checkout and tokenization, so Callra never stores raw card numbers.
Not yet. Callra is pre-launch and does not hold SOC 2, ISO 27001, HIPAA, or GDPR certification today. We will publish real audit results here if and when they are completed — we do not claim certifications we don’t have.
Data is hosted with AWS in the United States. Call recordings, transcripts, and order data are encrypted in transit and at rest.
Calls may be recorded and transcribed for order accuracy. The AI agent can disclose that the call may be recorded and that the caller is speaking with an AI. Recording and consent behavior is configurable per state to support one-party and two-party consent requirements.
Payment card data is handled by PCI-compliant processors — Stripe, Converge/Elavon, Clover, and Square — via hosted checkout and tokenization. Callra does not store raw card numbers on its own servers.
No. You own your data, and Callra does not sell it to third parties.
Callra does not currently publish a numeric uptime SLA. We will share real, measured availability data as it becomes available.
Callra does not currently have a scheduled third-party penetration-testing program. Security review is part of our roadmap as the product matures.
Callra uses a small set of subprocessors to run the product: Deepgram for speech-to-text, Cartesia and ElevenLabs for text-to-speech in some languages, Google (Gemini) as the language model, Twilio and LiveKit for telephony, and AWS, MongoDB Atlas, and Redis for hosting and data storage.
Email privacy@callra.ai or book a demo, and our team can walk you through current data-handling practices and our roadmap for formal certifications.
