Trust & Security
Last updated: July 18, 2026
Holina is a personal voice assistant that answers your restaurant's phone. Every call it handles is a conversation with your customers — so how that data is protected is not a footnote. This page explains, in plain language, what we do differently.
Sealed & verifiable call records
Post-quantum, tamper-evident call records you can verify yourself.
Every call is sealed with a cryptographic signature (FIPS 204 ML-DSA-87) at the moment it ends. The seal covers the transcript and a fingerprint of the audio the assistant actually spoke. If anyone — including us — altered a record afterward, the seal would break and the change would be visible.
That means a disputed order, a chargeback, or a "that's not what I was told" conversation is settled by a record both sides can trust, not by whoever kept better notes.
Your restaurant owns its data
- You own your call data — transcripts, captured leads, and messages belong to your restaurant, not to us.
- Published retention window: transcripts are kept for 13 months so you can review your call history year-over-year, then deleted.
- Deletion on request: you or your callers can ask for a call's record to be deleted; we complete it within 30 days and confirm.
- Never sold, never shared for marketing. Caller data is used only to run your phone line. No exceptions.
Private by design
- Caller audio is processed in memory to understand speech and is not stored by default. Full-call recording stays off unless you ask for it in writing (then it's kept 90 days).
- Every greeting includes a short quality-and-recording disclosure, so callers always know.
- Stored data is encrypted, and access is limited to what's needed to serve your restaurant.
The worst case is your old phone line
If Holina ever cannot answer, your line automatically forwards to the fallback number you chose — your callers always reach a ring. And there is no lock-in: cancel, turn off forwarding, and your phone is exactly what it was before. No number to port, no hostage hardware.
The fine print, published
- Privacy Policy — how caller and customer data is handled, including our role as a service provider/processor under CCPA/CPRA and GDPR.
- Terms of Service — plain-dealing terms: month-to-month, 30-day cancellation, your data stays yours.
- SMS consent — how the text-a-link feature works and how callers opt out.
Questions about any of this? Email john@epochcoreqcs.com — a person answers.