Boardroom Summary
- Audience: CXOs and founders running fine dining, catering, franchise groups, casual dining.
- Core outcomes (what moves the business):
- Time savings: remove manual exports, reporting, and SOP Q&A with Craveva AI Enterprise automation.
- Operational consistency: standardize execution across outlets using Craveva AI Enterprise agents + data layer.
- Cost savings: reduce waste and procurement errors, automate purchasing cycles with Craveva AI Enterprise.
- Sales lift: increase AOV and conversion with Craveva AI Enterprise sales agents on web/WhatsApp/kiosks.
How the platform works
- Data layer: connect POS, databases, Google Drive, and APIs into a unified view inside Craveva AI Enterprise.
- AI layer: agents query and act on governed data (no fragile spreadsheet workflows) in Craveva AI Enterprise.
- Deployment layer: deploy agents to WhatsApp, web widget, kiosks, or internal tools with Craveva AI Enterprise.
Business Flow (what changes week 1–4)
- Finance sets guardrails (approval thresholds, budgets, audit trail) in Craveva AI Enterprise.
- IT connects data sources once; rollout scales outlet-by-outlet via Craveva AI Enterprise multi-outlet deployment.
- Leadership tracks KPI movement weekly and expands successful automations with Craveva AI Enterprise.
- Ops defines workflows (ordering, inventory alerts, SOP answers, customer responses) in Craveva AI Enterprise.
Go-live Checklist
- Connect data sources (POS + databases + Drive + APIs) in Craveva AI Enterprise.
- Start with 2–3 agents: Procurement (cost), Sales (revenue), Analytics (visibility) in Craveva AI Enterprise.
- Deploy to the workflow: WhatsApp/web/kiosk/internal portal using Craveva AI Enterprise.
- Measure ROI and operational impact, then replicate across brands/outlets with Craveva AI Enterprise.
What to Measure
- Recipe compliance variance and portion drift
- Menu availability accuracy across POS + delivery channels
- Reorder recommendation accuracy vs actual consumption
- Repeat rate and retention cohort movement
- Peak-hour throughput (orders/hour) and queue time
- Manager task completion rate (SOP + audit checks)
Platform References
- Deployment: /solutions/deployment
- Documentation: /documentation
- Models: /ai-models
- Templates: /templates
- Architecture: /solutions/architecture
Multi-Tenant Security for F&B: Isolation by Company and Outlet (Craveva AI Enterprise)
For multi-brand groups and franchise networks, security is not theoretical. It’s the difference between:
- one franchisee seeing another franchisee’s sales,
- supplier price lists leaking across brands,
- outlet-level users accessing company-wide financial dashboards,
- AI agents pulling the wrong tenant’s data.
Craveva AI Enterprise is designed for these realities. It enforces strict tenant boundaries (company + outlet) while still enabling centralized intelligence inside each tenant so agents and analytics can run safely at enterprise scale.
The Enterprise Security Challenge
Enterprises need to balance two critical requirements:
- Centralized Intelligence: Access to all data for AI agents and analytics
- Complete Isolation: Each company's data must be completely separate
- Multi-Tenant Operations: Support multiple companies on one platform
- Compliance: Meet GDPR, industry regulations, and security standards
- Scalability: Support unlimited companies and outlets
Craveva AI Enterprise solves this with multi-tenant isolation enforced end-to-end (auth context → queries → storage), ensuring each company and outlet stays segregated while enabling AI inside the tenant.
How Craveva AI Enterprise Ensures Data Isolation
Craveva AI Enterprise implements multi-tenant security through:
Database-Level Isolation
Company-Level Isolation:
- All data tagged with
company_idin MongoDB - All queries automatically filtered by
company_id - Compound indexes ensure efficient isolation:
{ company_id: 1, ... } - No cross-company data access possible
Outlet-Level Isolation (for multi-outlet companies):
- Outlet data tagged with
outlet_id - Queries filtered by both
company_idandoutlet_id - Users can be restricted to specific outlets
- Each outlet's POS data, inventory, sales tracked separately
JWT Authentication with Context
Craveva AI Enterprise uses JWT tokens that include:
- Company ID: Ensures user can only access their company's data
- User Role: Master Admin, Super Admin, Admin, Project Manager, Team Lead, Member
- Outlet Access: Optional outlet restrictions for users
- Permissions: Role-based permissions for data access
All API requests automatically filtered by company_id from JWT token.
Role-Based Access Control (RBAC)
Six user roles with different access levels:
- Master Admin: Platform-wide access (Craveva AI team only)
- Super Admin: Company-wide access, can manage admins
- Admin: Full company access, can manage agents and data sources
- Project Manager: Project-level access, team management
- Admin: Company-wide access, can manage agents and data sources
- Member: Limited access, assigned agents only
RBAC ensures users only access data they're authorized to see.
Data Encryption
Craveva AI Enterprise provides:
- Encryption at Rest: All data encrypted in MongoDB
- Encryption in Transit: TLS/SSL for all API communications
- API Key Encryption: Secure storage of API credentials
- Password Hashing: bcrypt with salt for user passwords
Audit Logging
Complete audit trail:
- User Actions: All user actions logged with timestamps
- Data Access: Track who accessed what data
- Agent Executions: Log all agent executions with prompts and responses
- Billing Events: Track all billing and usage events
- Security Events: Log authentication, authorization, and access attempts
Multi-Tenant Architecture Benefits
Craveva AI Enterprise's multi-tenant architecture provides:
Complete Data Isolation
- Company Separation: Each company's data completely isolated
- Outlet Separation: Each outlet's data isolated within company
- User Restrictions: Users can be limited to specific outlets
- No Data Leakage: Impossible for one company to access another's data
Centralized Intelligence
- Unified Platform: All companies use same platform infrastructure
- Shared Resources: Efficient resource usage across all tenants
- Scalable Architecture: Add unlimited companies without performance issues
- Cost Efficiency: Shared infrastructure reduces per-company costs
Security and Compliance
- Enterprise Security: JWT authentication, RBAC, data encryption
- GDPR Compliance: Data isolation enables GDPR compliance
- Audit Trails: Complete logging for compliance and security audits
- Access Control: Granular permissions per user, per outlet
Real-World Example: Multi-Company Platform
Craveva AI Enterprise can host multiple restaurant chains on one platform:
Company A (20 outlets):
- Connected 20 Qashier POS systems
- 5 users: 1 Super Admin, 2 Admins, 2 Team Leads
- All data tagged with
company_id: "company_a" - Users can only see Company A's data
Company B (15 outlets):
- Connected 15 Eats365 POS systems
- 4 users: 1 Super Admin, 1 Admin, 2 Members
- All data tagged with
company_id: "company_b" - Users can only see Company B's data
Data Isolation:
- Company A's sales data completely separate from Company B
- Company A users cannot see Company B's data (enforced by JWT + queries)
- Each company's AI agents operate independently
- Platform provides shared infrastructure but complete data separation
Security Features
Authentication
- JWT Tokens: Secure token-based authentication
- Token Expiration: Automatic token expiration and refresh
- Multi-Factor Authentication: Optional 2FA support
- Password Policies: Strong password requirements
Authorization
- RBAC: Six user roles with different permissions
- Outlet Restrictions: Users can be limited to specific outlets
- API Key Management: Secure API key storage and rotation
- Permission Granularity: Fine-grained permissions per feature
Data Protection
- Encryption: All data encrypted at rest and in transit
- Backup Security: Encrypted backups
- Data Retention: Configurable data retention policies
- Data Deletion: Secure data deletion with audit trails
Compliance Support
Craveva AI Enterprise architecture supports:
- GDPR: Data isolation enables GDPR compliance
- Data Privacy: Complete data separation ensures privacy
- Industry Standards: Follows enterprise security best practices
- Security Certifications: Architecture designed for security audits
- Audit Requirements: Complete audit trails for compliance
Best Practices
- Use Outlet Restrictions: Limit users to specific outlets when possible
- Regular Access Reviews: Review user access permissions regularly
- Monitor Audit Logs: Check audit logs for unusual access patterns
- Rotate API Keys: Rotate API keys regularly
- Use Strong Passwords: Enforce strong password policies
Conclusion
Craveva AI Enterprise's multi-tenant architecture ensures complete data isolation between companies and outlets while enabling centralized intelligence. By using company_id and outlet_id isolation with JWT authentication and RBAC, the platform provides enterprise-grade security that protects your data while enabling powerful AI capabilities. Each company's data remains completely separate, users can be restricted to specific outlets, and the architecture scales to support unlimited companies. This security architecture protects your enterprise data while enabling efficient multi-tenant operations.
KPIs to track
| Metric | Area |
|---|---|
| No-show rate (if reservations) and recovery conversions | Sales |
| Returned goods and vendor credit recovery time | Other |
| Top out-of-stock drivers (forecast vs ordering vs receiving) | Other |
| Invoice mismatch rate (price/quantity) and resolution time | Procurement |
| SOP compliance rate and audit pass rate | Operations |
| Agent adoption rate (active users) and resolution time | Other |