Privacy Policy

Privacy Policy

Last updated: 07.02.2026

Hotel Staff Deal (“we”, “our”, “us”) is operated by StaffDeals OÜ, an Estonian company. We are committed to protecting your privacy and handling your personal data transparently and securely, in compliance with the General Data Protection Regulation (GDPR) and applicable data protection laws.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you use www.hotelstaffdeal.com (the “Platform”).

1. Who We Are

Controller:
StaffDeals OÜ
Estonia (EU)
Email: support@hotelstaffdeal.com
Website: www.hotelstaffdeal.com

StaffDeals OÜ is the data controller responsible for your personal data.

2. What Data We Collect

Depending on how you use the Platform, we may collect the following data:

2.1 Account & Profile Data

  • Name and surname
  • Email address
  • Password (encrypted)
  • User role (Employee / Hotel / Admin)
  • Profile information provided voluntarily

2.2 Employment Verification Data

  • Corporate email address
  • Employer name
  • Uploaded verification documents (if required)
  • Verification status and timestamps

Verification documents are accessed only by authorized staff and are never shared with third parties except where legally required.

2.3 Booking & Transaction Data

  • Booking details (hotel, dates, guests)
  • Payment status and transaction IDs
  • Billing details required by law
  • Commission and payout records

Payment card data is never stored on our servers. Payments are processed securely by third-party payment providers.

2.4 Hotel Partner Data

  • Hotel profile details
  • Availability and pricing data
  • Payout information (e.g. bank account or Stripe Connect ID)

2.5 Technical & Usage Data

  • IP address
  • Device and browser information
  • Log files
  • Cookies and similar technologies

3. How We Use Your Data

We process personal data only when legally permitted. Purposes include:

  • Creating and managing user accounts
  • Verifying employee eligibility
  • Enabling hotel listings and bookings
  • Processing payments and payouts
  • Preventing fraud and abuse
  • Providing customer support
  • Meeting legal and accounting obligations
  • Improving the Platform and user experience

4. Legal Basis for Processing (GDPR)

We rely on the following legal bases:

  • Contractual necessity – to provide bookings and services
  • Legal obligation – accounting, tax, and compliance requirements
  • Legitimate interest – fraud prevention, platform security, analytics
  • Consent – where explicitly requested (e.g. marketing emails)

5. Payments & Third-Party Processors

Payments on Hotel Staff Deal are handled by trusted providers:

  • Stripe / Stripe Connect – payment processing and payouts
  • WooCommerce – order and transaction management

These providers act as independent data controllers for payment data. We encourage you to review their privacy policies separately.

6. Data Sharing

We do not sell your personal data.

Data may be shared only with:

  • Payment providers (for transactions and payouts)
  • Hotels (only booking-related data required to fulfill a reservation)
  • Service providers (hosting, email, security)
  • Authorities, when legally required

All partners are contractually bound to comply with GDPR.

7. Data Retention

We retain personal data only as long as necessary:

  • Account data: while your account is active
  • Booking & financial records: as required by law (typically 7–10 years)
  • Verification data: deleted once no longer necessary or upon account deletion, unless legally required

8. Your Rights (GDPR)

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request deletion (“right to be forgotten”)
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time

Requests can be sent to support@hotelstaffdeal.com.
We may require identity verification before fulfilling requests.

9. Account Deletion

Users can request account deletion from their dashboard (where available) or by contacting us.
Some data may be retained if legally required.

10. Cookies

We use cookies to:

  • Enable core site functionality
  • Maintain login sessions
  • Improve performance and analytics

You can manage cookies via your browser settings. Disabling cookies may affect site functionality.

11. Security Measures

We apply appropriate technical and organizational safeguards, including:

  • SSL encryption
  • Secure hosting
  • Role-based access control
  • Limited access to sensitive data

No system is 100% secure, but we continuously improve our protections.

12. International Data Transfers

Our services are hosted within the EU or with providers offering GDPR-compliant safeguards.
Where data is transferred outside the EU, appropriate legal protections are applied.

13. Changes to This Policy

We may update this Privacy Policy from time to time.
The latest version will always be available on this page.

14. Contact

For any privacy-related questions or requests:

📧 support@hotelstaffdeal.com

© Hotel Staff Deal 2025