HotelVoice← Home
Trust & Security

How we protect your data

This page is maintained by the HotelVoice team to answer common security and privacy questions. It describes practices that are currently enabled in the product. It is not an independent audit, a certification, or a legal commitment.

Security is a shared responsibility: HotelVoice secures the platform; hotels using HotelVoice are responsible for their staff accounts, the data they collect from guests, and how they communicate with them.

Access & authentication
  • Staff sign in with email and password or a supported social provider.
  • Each user is scoped to a single hotel; access to tickets, guest data, branches and billing is restricted to members of that hotel via row-level security in the database.
  • Administrative actions (subscriber management, plans, payment settings, site content) are restricted to platform super-admin accounts only.
  • Sessions use short-lived tokens that refresh automatically; signing out clears them.
Data we store
  • Hotel profile: name, slug, optional logo, optional contact details, branches and rooms. Contact details are visible only to that hotel's staff and to platform admins — not to the public.
  • Guest tickets: the room number, message, category, language, and any contact information the guest chose to share. Tickets are only readable by the receiving hotel's staff.
  • Billing: subscription plan, billing cycle, and payment records linked to the hotel. Payment gateway credentials, when configured by an admin, are restricted to super-admin access.
  • Analytics: if the site owner configures a Google Analytics 4 or Meta Pixel ID in site settings, anonymous page-view events are sent to those services.
Hosting & subprocessors
  • The application runs on a managed edge runtime; the database and authentication are provided by a managed Postgres backend with daily backups handled by the provider.
  • If a hotel enables it, Google Analytics 4 and the Meta Pixel may receive anonymous usage events from the marketing site. These are optional and controlled by the site owner.
  • We do not sell guest or staff data, and we do not share it with third parties beyond the subprocessors required to operate the service.
Retention & deletion
  • Tickets, messages and guest contact details are kept for as long as the hotel's account is active so staff can refer back to them.
  • When a hotel account is deleted by a platform admin, the hotel, its tickets, subscriptions, payments, branches, notification recipients and staff accounts are removed from the database.
  • Guests can ask the hotel that received their feedback to delete their submission; the hotel is the data controller for guest submissions and can remove tickets directly.
Security & privacy contact

To report a suspected vulnerability, request data deletion, or ask a security or privacy question, please contact the site owner using the address shown in the site footer. We will acknowledge security reports as soon as we can and work with you on a fix.

This page describes current practices and may change as the product evolves. It does not create a contract or guarantee. For terms governing your use of HotelVoice, please refer to the agreement you signed when subscribing.