Who We Are and Our Role
Desmios Inc. is an Ontario corporation (Corp. No. 1001555130) headquartered in Brampton, Ontario. Desmios builds and operates Jarvis, an AI-powered voice ordering system deployed at client restaurant locations.
Desmios acts as a DATA PROCESSOR only. Desmios processes personal information solely on behalf of and as directed by each restaurant client, which is the DATA CONTROLLER.
Desmios does not use customer personal information for its own purposes. Any inquiry about how a specific restaurant handles your personal information should be directed to that restaurant.
Desmios remains accountable under PIPEDA for the protection of personal information it processes as a data processor.
Data Processor Role. In connection with Jarvis, Desmios acts as a data processor on behalf of each restaurant client, which acts as the data controller with respect to its customers’ personal information. Desmios processes personal information only as directed by the restaurant client and in accordance with this Policy. Under PIPEDA Principle 1, Desmios remains accountable for personal information it processes and uses contractual means to ensure equivalent protection by each restaurant client.
Website. Desmios also operates the website at desmios.ca. Collection of personal information through the website is governed by this Policy and the Website Terms and Conditions published at desmios.ca.
What Information We Collect
Desmios collects the following categories of personal information through the Jarvis service:
2.1 Information Collected During Every Call
- •Caller telephone number (collected automatically by Twilio upon call connection)
- •Order details, including items ordered, quantities, customizations, and total price
- •Order type (pickup or delivery) and, for delivery orders, delivery address
- •Call timestamp, call duration, and language of the call (English or Punjabi)
2.2 Voice Data and AI Transcription — Sensitive Category
The Jarvis service processes your voice in real time. Your voice constitutes personal information under PIPEDA.
Voice data may also constitute biometric information — a sensitive category attracting heightened protection under PIPEDA and under the proposed Consumer Privacy Protection Act (CPPA), Schedule 3.
By calling a restaurant that uses Jarvis, your voice is processed as described in this Policy.
- •Your voice audio is streamed in real time to a speech-to-text provider (Deepgram Inc. for English calls; Soniox Inc. for Punjabi calls) for transcription. The raw audio stream is not stored by Desmios or its speech-to-text providers after transcription is complete.
- •The text transcript of your speech is transmitted to Anthropic PBC (operator of the Claude AI language model) for order parsing and response generation. No audio is transmitted to Anthropic. No personal identifiers (such as your telephone number) are included in the transcript sent to Anthropic.
- •One call transcript per day per restaurant location is retained by Desmios for quality assurance purposes for a maximum of 30 days, after which it is permanently deleted.
- •Text-to-speech synthesis of Jarvis’s replies is performed by Cartesia AI (English calls) or Microsoft Azure Cognitive Services (Punjabi calls). On return calls where Jarvis greets a returning customer by name or reads back a saved delivery address, that name and address are transmitted as plain text to the applicable text-to-speech provider for voice synthesis. This constitutes a cross-border transfer of personal information as described in Section 6.
2.3 Information Collected for Returning Customers
- •Customer name (provided voluntarily by the caller for order personalization)
- •Delivery address (provided voluntarily for delivery orders; retained for convenience on return calls)
- •Order history (retained to improve service on return calls)
2.4 Website Information
- •Information submitted through contact forms on desmios.ca, including name and email address
- •Standard server log data, including IP address, browser type, and pages visited, collected automatically
- •Cookie and analytics data as described in Section 9
Desmios does not collect payment card information, government-issued identification, or any financial information through the Jarvis service. No information is collected for advertising purposes and no personal information is sold to third parties.
Why We Collect This Information
Desmios collects personal information only for the following identified purposes, consistent with PIPEDA Principle 2 (Identifying Purposes) and Principle 4 (Limiting Collection):
- •To receive, process, and confirm food orders placed by telephone through the Jarvis service
- •To transmit completed orders to restaurant staff for review and fulfillment
- •To send SMS order confirmation messages to the caller’s telephone number (see CASL Notice below)
- •To greet returning customers by name and recall saved delivery addresses for convenience
- •To maintain quality assurance through limited retention of call transcripts
- •To generate anonymized, aggregated analytics for restaurant clients regarding call volume, order patterns, and service performance. Analytics are derived from anonymized data only; no individual profiling is conducted.
- •To respond to inquiries submitted through desmios.ca
- •To operate and improve the Jarvis system and desmios.ca
Following approval of your order by restaurant staff, Desmios will send you an SMS confirmation message via Twilio to your telephone number. This message constitutes a commercial electronic message (CEM) under Canada’s Anti-Spam Legislation (CASL).
Consent Basis: By placing an order through the Jarvis service, you provide implied consent to receive transactional SMS order confirmations. This implied consent arises from your business relationship with the restaurant and is valid for six (6) months from the date of your inquiry under CASL s. 10(9)(a).
Unsubscribe: To withdraw consent to receive SMS messages from a specific restaurant’s Jarvis system, reply STOP to any SMS message you receive. Alternatively, contact the restaurant directly or contact Desmios at privacy@desmios.ca. Unsubscribe requests will be processed promptly.
Desmios does not send promotional or marketing SMS messages through the Jarvis system. All SMS messages sent through Jarvis are transactional order confirmations only.
How Long We Keep Your Information
Desmios retains personal information only for as long as is necessary for the identified purposes, consistent with PIPEDA Principle 5 (Limiting Use, Disclosure, and Retention). The following retention schedule applies:
4.1 Retention Schedule
- •Caller telephone number, name, delivery address, and order history: retained for a maximum of 24 months following the caller’s last interaction with any Jarvis-enabled restaurant. After 24 months of inactivity, the customer profile is permanently purged from Desmios’s database.
- •Order details (items, price, order type, timestamp): retained for 90 days following the order date, after which they are permanently deleted.
- •Call metadata (duration, language, timestamp): retained for 90 days, after which they are permanently deleted.
- •Quality assurance call transcripts: retained for a maximum of 30 days, after which they are permanently deleted.
- •Voice audio: not stored by Desmios. Raw audio is streamed in real time and is not retained after transcription is complete. Desmios’s speech-to-text providers (Deepgram and Soniox) do not retain audio beyond the duration of the call session under their respective data processing agreements.
- •Speech transcripts sent to Anthropic: not retained by Desmios after the call session. Anthropic’s retention practices are governed by the Anthropic Data Processing Agreement; Desmios has opted out of Anthropic’s model training on customer data.
- •Anonymized analytics summaries: retained indefinitely. Analytics summaries contain no personal identifiers and are not subject to the retention limits above.
- •Website contact form submissions: retained for 12 months from the date of submission.
4.2 Data at Termination
Upon termination of a restaurant client’s Service Agreement with Desmios, all customer personal information associated with that restaurant is deleted from Desmios’s systems within 30 days of the termination date.
Who Has Access to Your Information
Access to personal information collected through Jarvis is restricted as follows:
- •Restaurant staff access order details, delivery addresses, and caller telephone numbers through the Jarvis dashboard for the purpose of reviewing, approving, or denying orders. Restaurant clients act as data controllers with respect to their customers’ personal information. Data sharing with restaurant clients is governed by a written Data Processing Agreement requiring the restaurant to maintain PIPEDA-equivalent protections for all customer personal information accessed through the Jarvis system.
- •Desmios technical staff may access personal information on a need-to-know basis for the purpose of maintaining, troubleshooting, and improving the Jarvis system. Access is subject to internal data handling obligations.
- •Desmios does not sell, rent, or otherwise disclose personal information to any third party for commercial purposes.
- •Desmios may disclose personal information if required to do so by law, court order, or regulatory authority, provided that Desmios will, where legally permitted, notify the affected restaurant client prior to such disclosure.
Third-Party Service Processors and Cross-Border Transfers
Personal information collected through the Jarvis service is processed by sub-processors located in the United States. By calling a Jarvis-enabled restaurant, your personal information may be transferred to and processed in the United States as described below.
Desmios Inc. requires all third-party processors to comply with applicable Canadian privacy standards by written Data Processing Agreement. Regardless of where processing occurs, Desmios Inc. remains accountable for the protection of your personal information under PIPEDA.
The following sub-processors receive personal information in connection with the Jarvis service. All are incorporated in the United States.
- •Twilio Inc. (San Francisco, CA, USA) — Telephony and SMS. Twilio hosts the restaurant’s phone number, routes incoming calls to the Desmios server, and transmits outbound SMS order confirmations. Data received: caller telephone number, live audio stream, SMS message content. Twilio processes data under a Data Protection Addendum with Desmios.
- •Deepgram Inc. (USA) — English Speech-to-Text. Deepgram receives a real-time audio stream of English-language calls for transcription. Data received: live voice audio (streamed only; not stored after transcription). Deepgram processes data under a Data Processing Agreement with Desmios.
- •Soniox Inc. (USA) — Punjabi Speech-to-Text. Soniox receives a real-time audio stream of Punjabi-language calls for transcription. Data received: live voice audio (streamed only; not stored after transcription). Soniox processes data under a Data Processing Agreement with Desmios.
- •Anthropic PBC (San Francisco, CA, USA) — AI Language Model. Anthropic’s Claude model receives text transcripts of caller speech for order parsing and response generation. Data received: text transcript of the call only. No audio, telephone number, or personal identifiers are transmitted. Desmios has opted out of model training on customer data under Anthropic’s API terms.
- •Cartesia AI (USA) — English Text-to-Speech. Cartesia synthesizes Jarvis’s voice replies for English-language calls. On return calls, data received may include: caller name and delivery address (transmitted as plain text for voice synthesis). Cartesia processes data under a Data Processing Agreement with Desmios.
- •Microsoft Azure Cognitive Services (USA/Global) — Punjabi Text-to-Speech. Microsoft Azure synthesizes Jarvis’s voice replies for Punjabi-language calls. On return calls, data received may include: caller name and delivery address (transmitted as plain text for voice synthesis). Microsoft processes data under a Data Processing Agreement with Desmios.
6.1 Primary Data Storage
Completed order data and customer profiles are stored in Desmios’s primary database on a DigitalOcean server located in Toronto, Ontario, Canada. Primary data storage occurs on Canadian soil.
6.2 Forward-Looking Compliance — AIDA
Desmios deploys Anthropic’s Claude AI model as the core decision-making engine for order parsing. Desmios is monitoring the proposed Artificial Intelligence and Data Act ("AIDA"), Schedule 1 of Bill C-27, which will impose algorithmic transparency, impact assessment, and accountability obligations on organizations deploying high-impact AI systems. Desmios will update its practices and disclosures as required upon AIDA receiving Royal Assent.
Your Rights Under PIPEDA
Under PIPEDA, you have the following rights with respect to your personal information:
- •Right of Access: You may request access to the personal information Desmios holds about you, and receive an account of how it has been used and disclosed.
- •Right of Correction: If your personal information is inaccurate or incomplete, you may request that it be corrected.
- •Right of Withdrawal: You may withdraw consent to the collection, use, or disclosure of your personal information at any time, subject to legal or contractual restrictions. Withdrawal of consent may affect Desmios’s ability to provide the Jarvis service to you.
- •Right to Complain: You have the right to file a complaint with the Office of the Privacy Commissioner of Canada if you believe your personal information has been handled in a manner inconsistent with PIPEDA.
To exercise any of the above rights, contact the Desmios Privacy Officer at the address set out in Section 11.
Office of the Privacy Commissioner of Canada: www.priv.gc.ca | 1-800-282-1376 | 30 Victoria Street, Gatineau, Quebec K1A 1H3
Data Security and Breach Notification
8.1 Security Safeguards
Desmios maintains reasonable organizational and technical safeguards to protect personal information against loss, theft, unauthorized access, disclosure, copying, use, or modification, consistent with PIPEDA Principle 7. Safeguards include encrypted data transmission, access controls, and server-level security measures on Desmios’s DigitalOcean infrastructure.
8.2 Breach Notification
In the event of a breach of security safeguards involving personal information under Desmios’s control that creates a real risk of significant harm to individuals, Desmios will comply with the mandatory notification obligations under PIPEDA s. 26.1 and the Breach of Security Safeguards Regulations, SOR/2018-64, including:
- •Notifying the Office of the Privacy Commissioner of Canada as soon as feasible after determining that a reportable breach has occurred, and in any event without unreasonable delay (in practice, within 72 hours where operationally possible);
- •Notifying all affected individuals directly as soon as feasible, in a manner that allows them to take steps to reduce or mitigate the risk of harm;
- •Notifying affected restaurant clients without unreasonable delay so that they may fulfill their own notification obligations to their customers as data controllers.
Desmios maintains an internal data breach response plan and will cooperate fully with any OPC investigation or regulatory proceeding arising from a breach.
Cookies and Website Analytics
The desmios.ca website uses only essential session cookies necessary for basic website functionality. Desmios does not currently use any third-party analytics tools, tracking pixels, or behavioural advertising technologies on desmios.ca.
- •Session Cookies: Used to maintain basic website functionality during your visit. These cookies expire when you close your browser and do not collect personal information.
- •You may disable cookies through your browser settings. Disabling cookies may affect the functionality of certain website features. Desmios does not use advertising cookies, marketing pixels, or third-party tracking cookies on desmios.ca. If Desmios introduces any third-party analytics or tracking tools in the future, this Policy will be updated in advance to identify them and describe their purpose.
Changes to This Policy
Desmios may update this Policy from time to time to reflect changes in our practices, the Jarvis system, or applicable law.
Material Changes. For any material change to this Policy — including changes that affect how personal information is collected, used, or disclosed — Desmios will provide at least 30 days’ advance written notice before the change takes effect. Notice will be provided by posting a prominent notice on desmios.ca and, where practicable, by notifying affected restaurant clients directly so that they may inform their customers. If you do not accept the revised Policy, you may contact us to request deletion of your personal information prior to the effective date of the change.
Non-Material Changes. Minor or clarifying changes that do not affect the substance of our data handling practices may be made without advance notice. The effective date at the top of this Policy will be updated to reflect the date of the most recent revision.
Continued use of the Jarvis service after the effective date of a material change constitutes acceptance of the revised Policy only where Desmios has provided the 30-day advance notice described above.
Privacy Officer and Contact Information
Desmios has designated the following individual as Privacy Officer, accountable for Desmios’s compliance with PIPEDA and this Policy:
Privacy Officer: Anmol Singh
Title: Privacy Officer, Desmios Inc.
Email: privacy@desmios.ca
Mailing Address: 228 Kingknoll Drive, Brampton, Ontario L6Y 4X4
To make a privacy request, file a complaint, exercise your rights under Section 7, request deletion of your personal information, or ask any question about this Policy, please contact the Privacy Officer using the information above. Desmios will respond to written requests within 30 days of receipt.
Legislative Horizon
Desmios is monitoring the federal government’s Bill C-27, which proposes to replace PIPEDA with the Consumer Privacy Protection Act ("CPPA") and enact the Artificial Intelligence and Data Act ("AIDA"). While this legislation had not received Royal Assent as of the effective date of this Policy, passage is anticipated. Key anticipated changes include:
- •Expanded individual rights, including algorithmic transparency and data portability
- •Mandatory Privacy Management Programs
- •Stricter consent requirements and enhanced de-identification standards
- •AI system accountability, impact assessment, and transparency obligations under AIDA
- •Administrative monetary penalties of up to the greater of CAD $25,000,000 or 5% of gross global revenues for serious violations
Desmios will conduct a gap analysis against the finalized CPPA and AIDA framework upon enactment and will update this Policy, its internal practices, and its contractual arrangements with sub-processors accordingly.
Desmios Inc. · Ontario Corp. No. 1001555130 · HST 726792831 RT 0001