← Back to Registration

Privacy Policy

Last updated: April 19, 2026

Roomsly is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our hotel management platform. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site.

Important Notice: Data Controller vs. Data Processor

For users in the European Union (EU) and United Kingdom (UK), it is important to understand the distinction between data controllers and data processors under the General Data Protection Regulation (GDPR):

  • Hotel (You) as Data Controller: When you use Roomsly to manage your hotel operations, you are the data controller for any guest information, booking data, or personal data you collect and store in our system. You determine the purposes and means of processing this data.
  • Roomsly as Data Processor: Roomsly acts as a data processor, meaning we process personal data only on your behalf and according to your instructions. We do not control or own the guest data you store in our platform.
  • Your Responsibilities: As a data controller, you are responsible for:
    • Obtaining proper consent from guests before collecting their data
    • Providing privacy notices to your guests
    • Ensuring you have a legal basis for processing guest data
    • Responding to guest requests regarding their data rights
    • Complying with all applicable data protection laws in your jurisdiction

1. Information We Collect

Personal Information You Provide

We collect information that you provide directly to us, including:

  • Account Information: Name, email address, password, and other contact information when you create an account
  • Hotel Information: Hotel name, address, contact details, tax information, and business registration details
  • Payment Information: Credit card details and billing information for subscription payments (processed securely through Stripe)
  • Communications: When you contact us for support, we collect the information you provide in your messages

Guest Data (Processed on Your Behalf)

As a data processor, we store and process the following types of data on behalf of hotels:

  • Guest names and contact information
  • Booking details and stay history
  • Payment records and transaction history
  • Special requests and preferences
  • Any other information you choose to store about your guests

Important: You are responsible for ensuring you have the legal right to share this information with Roomsly and to authorize us to process it on your behalf.

Automatically Collected Information

  • Usage Data: How you interact with our platform, features used, pages visited, and time spent
  • Device Information: IP address, browser type, operating system, and device identifiers
  • Log Data: Server logs that record activity when you access our services

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our hotel management services
  • Process your transactions and send related information
  • Send you technical notices, updates, and support messages
  • Respond to your comments, questions, and requests
  • Monitor and analyze trends, usage, and activities
  • Detect, investigate, and prevent fraudulent transactions and unauthorized access
  • Comply with legal obligations and enforce our terms
  • Process guest data strictly according to your instructions as the hotel

3. Legal Basis for Processing (GDPR)

For users in the EU and UK, we process personal data under the following legal bases:

  • Contract Performance: Processing necessary to perform our contract with you (providing the Roomsly platform)
  • Legitimate Interests: Processing for our legitimate business interests, such as improving services, preventing fraud, and ensuring security
  • Legal Obligation: Processing necessary to comply with applicable laws and regulations
  • Consent: Processing based on your explicit consent, which you may withdraw at any time

4. Data Sharing and Disclosure

We do not sell your personal information. We may share information with:

  • Service Providers: Third-party vendors who perform services on our behalf, such as hosting, payment processing, analytics, and customer support
  • Legal Requirements: When required by law, subpoena, or other legal processes, or to protect our rights and safety
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, where your information may be transferred as part of the transaction
  • With Your Consent: When you explicitly consent to the sharing of your information

Guest Data: We never share guest data with third parties except as required to provide services (e.g., payment processors for guest payments) or as instructed by you, the hotel.

5. Data Security

We implement appropriate technical and organizational security measures to protect your information, including:

  • Encryption of data in transit using SSL/TLS technology
  • Secure storage of data with access controls and authentication
  • Regular security assessments and vulnerability testing
  • Employee training on data protection and confidentiality
  • Secure data backup and disaster recovery procedures

Important: While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

Your Account Data

We retain your account information for as long as your account is active or as needed to provide services. You may request deletion of your account at any time.

Guest Data

As the data controller, you determine how long guest data is retained. Roomsly stores guest data according to your hotel's retention policies. You are responsible for:

  • Establishing appropriate retention periods for guest data
  • Complying with legal requirements for data retention in your jurisdiction
  • Deleting guest data when it is no longer needed or when requested by the guest

We will assist you in fulfilling data deletion requests and provide tools to manage data retention.

7. Your Data Protection Rights (GDPR)

If you are located in the EU or UK, you have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data under certain circumstances
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Request transfer of your data to another service provider
  • Right to Object: Object to certain types of processing, such as direct marketing
  • Right to Withdraw Consent: Withdraw previously given consent at any time

For Guest Data: Guests who wish to exercise their data rights should contact the hotel directly. As the data controller, the hotel is responsible for responding to guest requests. Roomsly will assist hotels in fulfilling these requests as the data processor.

To exercise your rights regarding your account data, contact us at roomsly.app@gmail.com

8. International Data Transfers

Roomsly may transfer personal data to countries other than the one in which you live. When we transfer data from the EU or UK to other countries, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses: We use EU-approved contractual clauses to ensure adequate protection
  • Adequacy Decisions: We transfer data to countries with adequacy decisions from the European Commission
  • Additional Safeguards: Technical measures such as encryption to protect data during transfer and storage

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Remember your preferences and settings
  • Understand how you use our platform
  • Improve user experience and platform functionality
  • Analyze usage patterns and trends

You can control cookie settings through your browser. However, disabling cookies may limit your ability to use certain features of our platform.

10. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: roomsly.app@gmail.com

For EU/UK data protection inquiries, you may also contact your local data protection authority if you believe we have not addressed your concerns.