Legal

Privacy Policy

Last updated: June 21, 2026 · Version 1.1

This Privacy Policy explains how MyHotelCare ("MyHotelCare," "we," "us") handles information in connection with our hotel service-recovery platform (the "Service"). It applies to our marketing website and to the Service provided to hotel customers ("Customers").

Contents
  1. Information we collect
  2. Confidentiality of guest concern records
  3. How we use information
  4. Service providers
  5. Data retention
  6. Security
  7. Customer responsibilities
  8. International users
  9. Your privacy rights
  10. Changes to this policy
  11. Contact

1. Information we collect

Account and contact information

When a Customer signs up, requests a demo, starts a pilot, or contacts us, we may collect names, business email addresses, phone numbers, job titles, hotel or group names, number of properties, and the content of messages sent to us.

Inquiry records

When you submit a demo, pilot, pricing, or general contact request, we store the submitted details, the inquiry source, timestamp, IP address, browser/user-agent details, and a reference number so we can respond, troubleshoot delivery, and prevent abuse.

Hotel / Customer data

To provide the Service we process information about the Customer's organization and configuration — such as property details, user accounts and roles, departments, notification recipients, and settings the Customer establishes.

Guest complaint and service-recovery data

Customers' authorized users enter information into the Service in the course of managing guest concerns. This may include descriptions of complaints, guest names or room details where the user records them, follow-up notes, compensation recorded, case status, and activity history. This data is controlled by the Customer. We process it on the Customer's behalf to operate the Service.

Cookies and preferences

Our website uses a small essential session cookie to keep the site functioning, including protecting forms. With consent, we may also use analytics to understand site usage. Cookie choices are stored in the visitor's browser. See our Cookie Policy and Cookie Preferences.

Technical and log data

Like most web services, we may automatically record limited technical information such as IP address, browser type, timestamps, requested pages, and error details for security, troubleshooting, service reliability, and abuse prevention.

2. Confidentiality of guest concern records

The guest concerns, follow-up notes, compensation records, incident notes, escalation history, internal staff notes, and case history that a Customer's authorized users enter into the Service (together, "Guest Concern Records") are confidential Customer information. They belong to and are controlled by the Customer, and we handle them accordingly.

  • Customer ownership and control. Guest Concern Records are the Customer's data. We process them on the Customer's behalf to provide the Service, and as the Customer directs.
  • Limited use. We use Guest Concern Records only to provide, secure, maintain, support, configure, troubleshoot, repair, migrate, and improve the Service for that Customer, and as required to comply with legal obligations.
  • Need-to-know internal access. Access by MyHotelCare personnel is limited to authorized individuals with a legitimate need to operate, secure, maintain, support, configure, troubleshoot, repair, migrate, or investigate issues affecting the Service, or to comply with legal obligations. We do not browse Customer case records casually or for any unrelated purpose.
  • Role-based and sensitive-case restrictions. Within a Customer's account, who can see what follows the roles and permissions the Customer configures. Designated sensitive concern types can be restricted so they are visible only to authorized roles.
  • Separation between customers. Each hotel operates in a separate tenant environment. Records from one customer organization are not made available to another customer organization through the Service. Within a multi-property customer organization, access is controlled by the roles and property permissions configured for that organization.
  • No sale of data. We do not sell Customer data or Guest Concern Records.
  • No marketing or public use without permission. We do not use a Customer's name, logo, identifiable records, recognizable incident details, or specific case examples in marketing, testimonials, public case studies, sales materials, or advertising without the Customer's prior written permission. We may describe general, anonymized product-use patterns only where they do not reasonably identify a hotel, property, guest, employee, or specific incident.
  • Limits. No method of storage or transmission is completely secure, and we cannot promise that the Service is free from all risk. This section describes our general practices; the specific confidentiality, retention, deletion, and data-handling terms that apply to a Customer are set out in that Customer's order, subscription, pilot agreement, mutual non-disclosure agreement, or data processing addendum, which control where they differ from this policy.

3. How we use information

  • To provide, operate, maintain, and improve the Service.
  • To respond to demo, pilot, pricing, support, and general inquiries.
  • To authenticate users, secure accounts, and prevent abuse.
  • To send service-related and transactional communications, such as notifications and password resets.
  • To understand and improve how our website and Service are used.
  • To comply with legal obligations and enforce our agreements.

We do not sell personal information.

4. Service providers

We rely on a limited set of third-party providers to operate the Service, such as hosting infrastructure and an email-delivery provider for transactional messages and inquiry notifications. These providers process information on our behalf under appropriate terms and only as needed to provide their services. A current list is available on request.

5. Data retention

We retain account and Customer data for as long as the Customer's relationship with us is active and thereafter as needed for legitimate business, security, backup, audit, dispute-resolution, or legal purposes. Guest service-recovery data entered by a Customer is retained according to the Customer's instructions and the applicable agreement; on termination, we will return or delete such data as described in that agreement.

Marketing and contact inquiries are generally retained for up to 24 months unless a longer period is needed for an active business relationship, dispute, legal requirement, or security review. Operational application logs are generally retained for a limited period appropriate to security and troubleshooting needs, unless a longer period is required for investigation or legal reasons.

6. Security

We take reasonable measures designed to protect information, including role-based access controls, secure password handling, per-tenant data separation, CSRF protection on forms, restricted-case handling for sensitive categories, and serving the Service over encrypted connections. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. See our Security page for more detail.

7. Customer responsibilities

Customers are responsible for the guest and operational data their users enter. Customers are responsible for obtaining any necessary notices or consents from guests and staff; configuring user access appropriately; entering only the data they are permitted to process; maintaining their own hotel, safety, employment, brand, and legal procedures; and using the Service in accordance with applicable law. Where required by law, MyHotelCare processes Customer-controlled data on the Customer's behalf.

8. International users

Information may be processed in the United States and in other locations where our service providers operate. Where required, we will put in place appropriate safeguards for cross-border transfers.

9. Your privacy rights

Depending on your location, you may have rights to access, correct, delete, or restrict the processing of your personal information, to object to certain processing, or to data portability. Because much of the data in the Service is controlled by our Customers, requests relating to guest or operational data should generally be directed to the relevant Customer; we will assist our Customers in responding. To exercise rights with respect to information we control, contact us using the details below.

10. Changes to this policy

We may update this policy from time to time. We will revise the "Last updated" date above and, where appropriate, provide additional notice.

11. Contact

Questions about this policy or our data practices can be sent to support@myhotelcare.com or through our contact form.