Privacy Policy

HotelDispatch ("we", "us", "our") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains what information we collect, how we use it, and what rights you have in relation to it.

1. Information We Collect

Information You Provide Directly

• Account information: name, email address, phone number, job title, organization name, and password (stored as a bcrypt hash).
• Operational data: the workflow data you and your team enter into the platform — shift records, checklist responses, photos, messages, notes, complaints, and other operational content.
• Communications: messages you send to our support, sales, or partnership teams.
• Payment information: billing details collected through our payment processor. We do not store full payment card numbers on our servers.

Information We Collect Automatically

• Usage data: pages visited, features used, timestamps, and user actions within the Service.
• Device data: IP address, browser type, operating system, device identifiers, and approximate location derived from IP.
• Cookies and similar technologies: session cookies for authentication and limited analytics. We do not use third-party advertising cookies.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service;
• Authenticate users and secure accounts;
• Process payments and manage subscriptions;
• Communicate with you about your account, the Service, and product updates;
• Respond to your inquiries and provide customer support;
• Detect, prevent, and address security incidents and fraud;
• Comply with legal obligations.

3. How We Share Your Information

We do not sell your personal information. We may share information in the following limited circumstances:

• Service providers: with vendors who help us operate the Service (hosting, email delivery, SMS delivery, payment processing). These providers are contractually bound to use your information only for the services they provide to us.
• Within your organization: operational data you submit to the platform is visible to other authorized users in your organization based on the role and permission scope assigned to them.
• Legal compliance: when required by law, court order, or government request, or to protect our rights, property, or safety, or that of others.
• Business transfers: in connection with a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change in ownership.

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Service. After your account is terminated, we will retain your data for a reasonable period to comply with legal obligations, resolve disputes, and enforce our agreements. You may request deletion of your data at any time, subject to legal retention requirements.

5. Data Security

We implement industry-standard security measures to protect your information, including bcrypt password hashing, encrypted credential storage, prepared SQL statements to prevent injection, CSRF protection on all forms, role-based access control enforced server-side, and rate-limited authentication. While no system can be guaranteed completely secure, we work continuously to improve our security posture.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access: request a copy of the personal information we hold about you;
• Correction: request that we correct inaccurate or incomplete information;
• Deletion: request that we delete your personal information, subject to legal retention requirements;
• Portability: request a copy of your data in a structured, machine-readable format;
• Objection: object to certain uses of your information;
• Withdraw consent: where we rely on consent, withdraw it at any time.

To exercise any of these rights, please contact us at privacy@hoteldispatch.com.

7. International Data Transfers

Your information may be transferred to and processed in countries other than the one in which you reside. We take steps to ensure that any international transfers are protected by appropriate safeguards consistent with applicable law.

8. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete it.

9. Cookies

We use a small number of cookies that are strictly necessary for the Service to function:

• Session cookies: required to keep you logged in and to verify CSRF tokens.
• Preference cookies: remember your active property and organization context across sessions.

We do not use third-party advertising cookies, cross-site tracking, or behavioral profiling cookies.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. The "Last updated" date at the top of this page indicates when the policy was most recently revised.

11. Contact Us

If you have questions about this Privacy Policy or how we handle your personal information, please contact us:

• Email: privacy@hoteldispatch.com
• Mail: HotelDispatch, [address to be added]