What encryption does HospitalitAI use?

AES-256 encryption at rest and TLS 1.3 for all data in transit.

Is HospitalitAI GDPR compliant?

Yes. Data processing agreements are available on request. Right to erasure, data portability, and consent management are built in.

Security & Privacy

Q: Does HospitalitAI collect guest personal information?

No. HospitalitAI does not collect, store, or process guest personally identifiable information. The platform focuses strictly on room conditions and operational tasks.

We take data protection seriously from day one. HospitalitAI is designed with privacy by default: collecting only what's needed, securing it properly, and giving you full control.

Our commitments

Data Isolation

Row-level security on every table. Each property's data is logically isolated at the database level. No cross-property access.

GDPR-Aware

Configurable data retention per property. Inspection images auto-deleted on schedule. Data export available via REST API.

Privacy by Design

No guest PII collected or stored. Automatic face redaction on captured photos. Room condition data only, the minimum needed.

How we protect your data

Privacy-first security architecture

Zero Guest PII

GDPR-Aware

Encryption

AES-256-GCM encryption for PMS credentials at rest. HTTPS enforced for all data in transit.

Authentication

JWT-based authentication with secure session management. Token refresh handled automatically.

Access Control

Six roles with server-side enforcement on every endpoint. Staff see only their department.

Logging

Structured request logging on all API endpoints. Client-side error tracking and reporting via Sentry.

Data Retention

Configurable per property: 30, 60, 90, 180, or 365 days. Automated daily cleanup of expired inspection images.

Security Headers

HSTS, X-Frame-Options DENY, Content-Type nosniff, and XSS protection on all responses.

Privacy Policy

Last updated: February 2026

Your privacy matters

HospitalitAI does not collect, store, or process guest personally identifiable information. Our platform focuses strictly on room conditions and operational tasks.

Overview

HospitalitAI ("we", "our", or "us") is committed to protecting the privacy of our customers and their guests. This Privacy Policy explains how we collect, use, and safeguard information when you use our website and services.

Information We Collect

Contact Information: When you request a demo or contact us, we collect your name, email address, phone number, and property/company name.

Usage Data: We collect standard analytics data about how you interact with our website (pages visited, time spent, referral source).

No Guest PII: HospitalitAI's inspection platform does not collect, store, or process guest personally identifiable information. The platform focuses strictly on room conditions and operational tasks.

How We Use Your Information

We use the information we collect to:

●Respond to your inquiries and demo requests
●Provide and improve our services
●Send relevant communications about our platform (with your consent)
●Analyze website usage to improve the user experience

Data Security

We implement industry-standard security measures to protect your information, including HTTPS encryption in transit and AES-256-GCM encryption for sensitive credentials at rest. Access to personal data is restricted to authorized personnel only.

Data Retention

We retain contact information for as long as necessary to fulfill the purposes for which it was collected. You may request deletion of your personal data at any time by contacting us.

Your Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or port your personal data. To exercise these rights, please contact us at the email below.

Contact Us

For privacy-related questions or requests, please contact us at HelpHospitalitAI@gmail.com.

Have security or privacy questions?

Security documentation available on request. We're happy to discuss your specific compliance requirements.