Data Protection
How The Hotel Pulse collects, handles, and safeguards personal data to meet our legal obligations and protect your rights.
Last updated: March 16, 2026
Definitions
| The Hotel Pulse | means The Hotel Pulse, a private technology company providing integrated hotel solutions. |
| GDPR | means the General Data Protection Regulation (EU) 2016/679. |
| Responsible Person | means the designated Data Protection Officer or senior executive at The Hotel Pulse responsible for overseeing data protection compliance. |
| Register of Systems | means the internal register of all systems, platforms, and contexts in which personal data is processed by The Hotel Pulse. |
Overview
The Hotel Pulse collects and uses certain information about individuals in the normal course of its business operations. These individuals may include customers, suppliers, business contacts, employees, contractors, and other people with whom the organization has a relationship or may need to communicate. This policy sets out how personal data must be collected, handled, and stored to ensure The Hotel Pulse meets its data protection standards and complies with applicable law.
Purpose of This Policy
This data protection policy exists to ensure that The Hotel Pulse:
- Meets its obligations under data protection law and follows good practice.
- Respects and protects the rights of its staff, customers, and partners.
- Maintains transparency about how it stores and processes personal data.
- Mitigates the risks associated with data breaches and unauthorized access.
Data Protection Law
The General Data Protection Regulation (GDPR) 2016/679 establishes how organizations—including The Hotel Pulse—must collect, handle, and store personal information. These obligations apply regardless of whether the data is stored electronically, on paper, or in any other format. To comply with the law, personal information must be collected and used fairly, stored securely, and not disclosed unlawfully.
The Eight Principles of Data Protection
The GDPR is built upon eight foundational principles that govern how personal data must be treated. At The Hotel Pulse, we adhere to each of these principles as a core part of our operations:
- Fair and Lawful Processing — Personal data must be processed fairly, transparently, and with a clear legal basis. Individuals must be informed about how their data will be used.
- Purpose Limitation — Data must be obtained only for specific, clearly defined, and lawful purposes. It must not be processed in any manner incompatible with those purposes.
- Data Minimization — Only the data that is adequate, relevant, and proportionate to the stated purpose should be collected. Excessive or unnecessary data collection is prohibited.
- Data Accuracy — Personal data must be accurate and kept up to date. The Hotel Pulse is committed to taking reasonable steps to ensure the correctness of all records. All employees who handle personal data are responsible for verifying and updating information as needed.
- Storage Limitation — Personal data must not be retained for longer than necessary. All personal data will be automatically purged from our systems 10 years after the booking check-out date. When data is deleted, it must be done securely so that it is irrecoverable.
- Rights of Data Subjects — Data must be processed in accordance with the rights of the individuals it relates to, including the right to access, correct, and request deletion of their data.
- Security — Personal data must be protected using appropriate technical and organizational measures. Modern encryption standards (including SSL/TLS) must be applied to data in transit and at rest. Access must be restricted to authorized personnel only.
- International Transfers — Personal data must not be transferred outside the European Economic Area unless the receiving country or territory ensures an adequate level of data protection, or appropriate safeguards are in place.
Scope and Applicability
This policy applies to:
- All offices and operational locations of The Hotel Pulse.
- All full-time and part-time staff members of The Hotel Pulse.
- All contractors, freelancers, suppliers, and third parties working on behalf of The Hotel Pulse.
- All volunteers and temporary workers engaged by The Hotel Pulse.
This policy covers all data relating to living, identifiable individuals—even if such data does not technically fall within the scope of the GDPR. This includes, but is not limited to:
- Names and personal identifiers.
- Postal and physical addresses.
- Email addresses and contact details.
- Telephone numbers.
- Any other information that directly or indirectly identifies an individual.
Data Protection Risks
This policy is designed to safeguard The Hotel Pulse against several material data security risks, including:
- Breaches of confidentiality: Information being disclosed to unauthorized parties, whether accidentally or intentionally.
- Failure to provide choice: Individuals must always have the ability to control how their personal data is used by the organization.
- Reputational damage: A data breach could significantly harm the company's reputation, erode customer trust, and expose the organization to regulatory penalties.
Responsibilities
Every individual who works for or with The Hotel Pulse has a responsibility to ensure that personal data is collected, stored, and handled in accordance with this policy and applicable data protection law. Each team that processes personal data must ensure its practices align with the principles described in this document.
Data Accuracy
Applicable law requires The Hotel Pulse to take reasonable steps to ensure that personal data is accurate and up to date. The more critical the data, the greater the effort required to maintain its accuracy. All staff who work with personal data are expected to take reasonable steps to verify and update information on an ongoing basis.
Security
The Hotel Pulse is committed to protecting personal data with robust, modern security practices:
- Personal data is stored securely using up-to-date software and infrastructure, with regular security patches and updates applied.
- Access to personal data is restricted to personnel who need it for their work, with role-based access controls and appropriate authentication measures in place.
- All data transmitted between users and our systems is protected using industry-standard SSL/TLS encryption protocols.
- All personal data will be automatically purged from our systems 10 years after the booking check-out date.
- When personal data is deleted, it is done so securely and irreversibly, ensuring the data cannot be recovered.
- Comprehensive backup and disaster recovery solutions are maintained to protect against data loss.
Providing Information to Individuals
The Hotel Pulse is committed to ensuring that individuals are informed when their data is being processed. Individuals should understand:
- How their data is being collected and used.
- How to exercise their rights regarding their personal data.
To fulfil this commitment, The Hotel Pulse maintains a comprehensive Privacy Policy that describes how personal data relating to individuals is used across the organization.
Contact
If you have any questions or concerns about this Data Protection Policy or how The Hotel Pulse handles your personal information, please contact us at info@thehotelpulse.com.