Holina

Privacy Policy

Last updated: July 18, 2026 · Applies to the Holina platform

This policy is published in draft form and is undergoing review by legal counsel. Its commitments are in force as written; wording may be refined after review.

Who we are

Holina is a phone receptionist service for restaurants, operated by EpochCore LLC, a North Carolina limited liability company ("we," "us"). Holina answers calls to a restaurant's phone number, responds to caller questions using business information the restaurant approved, sends requested text-message links, captures messages, and gives the restaurant access to its call transcripts and activity.

Scope

This policy covers the Holina platform as a whole. Individual restaurants using Holina may publish their own program-specific pages — for example, the SMS program privacy policy and SMS program terms for text messages sent on a restaurant's behalf. Where a program-specific page exists, it governs that program; this policy governs everything else.

Our role under privacy laws

For information about callers that we process on a restaurant's behalf, EpochCore LLC acts as a "service provider" (CCPA/CPRA), "processor" (GDPR, where applicable), or the equivalent role under similar U.S. state privacy laws. The restaurant is the business/controller for its callers' information. For information about our own customers (the restaurants), we act as the business/controller.

Information we process

How we use information

Call disclosure

Every Holina greeting includes a short disclosure that the call may be recorded for quality. A caller who continues after the disclosure has consented to the transcript being made. If a caller objects, the assistant offers a human callback, and that call's record is deleted on request.

Retention

Sharing and subprocessors

We share information only with the providers needed to run the service, and only for that purpose:

These providers act as service providers/processors and are not permitted to use the data for their own purposes. We never sell, rent, or share phone numbers or call content with third parties for marketing.

Security

We implement administrative, technical, and physical measures to protect information, including encryption of data in transit and at rest, least-privilege access controls, and tamper-evident call records sealed with FIPS 204 (ML-DSA-87) digital signatures — a design that makes after-the-fact alteration of a call record detectable by anyone holding the record. No security system is impenetrable, and we cannot guarantee absolute protection, but sealed records mean tampering cannot go unnoticed. See Trust & Security for the plain-language version.

Your rights

Children

The service is a business phone line and is not directed at children. We do not knowingly collect information from children under 13; if you believe a child's information was captured in a call record, contact us and we will delete it.

Changes to this policy

If this policy changes materially, the "Last updated" date changes and restaurant customers are notified by email. Prior versions are available on request.

Contact