Root Stay Privacy Policy

Our Commitment to Your Privacy

At Root Stay, we recognize that privacy is a cornerstone of trust in the digital age, especially within the sensitive hospitality industry. Our unwavering commitment is to safeguard the personal information of both our hotel clients and their guests with the highest standards of data protection and privacy compliance. We believe that robust privacy practices are not just a regulatory requirement but a fundamental aspect of providing truly innovative and trustworthy technology solutions.

We are dedicated to exceeding industry benchmarks for security and transparency. Our approach involves comprehensive data protection measures, adherence to global compliance standards such as GDPR, and clear, transparent policies regarding data usage. We continuously review and update our secure data handling and storage protocols to ensure your information remains protected.

This policy outlines how Root Stay collects, uses, protects, and discloses information for our Property Management System (PMS), online booking engine, channel manager, guest relationship management tools, revenue management modules, housekeeping & maintenance scheduling, and analytics & reporting services. By using our services, you agree to the practices described in this Privacy Policy.

Information We Collect and How We Use It

Root Stay collects various types of information to provide and improve our comprehensive hospitality software solutions. This includes:

• Client Account Information: Business names, contact details, payment information, and configuration settings for our services. Used for service delivery, billing, and technical support.
• Hotel Guest Data: Information entered by guests through online booking engines (e.g., name, contact details, stay preferences, payment information) and data related to their stay managed within the PMS. This data is processed strictly on behalf of our hotel clients to facilitate bookings, check-ins, and personalized guest experiences. Root Stay does not independently use guest data for marketing without explicit consent from the hotel and guest.
• Usage and Analytics Data: Non-personally identifiable data regarding how our software is accessed and used (e.g., features utilized, performance metrics, device information). This is used to enhance service functionality, optimize performance, and for aggregated, anonymized reporting.
• Technical Support Information: Data provided by clients when seeking assistance, which may include details about their system, issues encountered, and contact information. Used solely for troubleshooting and resolving support requests.

We are committed to handling hotel guest data with utmost care, ensuring it is used only for the purposes agreed upon with our hotel clients and in full compliance with relevant data protection laws. Our systems are designed to protect this sensitive information throughout its lifecycle.

How We Protect Your Information

Protecting your information is paramount at Root Stay. We employ a multi-layered security architecture designed to safeguard your data against unauthorized access, disclosure, alteration, and destruction. Our measures include:

• Technical Security: We utilize industry-standard encryption protocols (e.g., TLS 1.3) for data in transit and robust encryption for data at rest. Our infrastructure is protected by firewalls, intrusion detection systems, and regular vulnerability assessments.
• Physical Security: Our data centers adhere to strict physical security protocols, including biometric access controls, 24/7 surveillance, and environmental monitoring. Access to Root Stay offices and systems is tightly controlled and monitored.
• Employee Training and Access Control: All Root Stay employees undergo mandatory data privacy and security training. Access to sensitive data is granted only on a need-to-know basis and subject to stringent authentication and authorization procedures.
• Regular Audits and Compliance Monitoring: We conduct regular internal and third-party security audits to identify and mitigate potential risks. Our systems and processes are continually monitored for compliance with relevant data protection regulations and best practices.

Our commitment to security extends to every aspect of our operations, ensuring that the trust you place in Root Stay is well-founded.

Your Rights and Data Controls

Root Stay respects your rights concerning your personal data. For our hotel clients, our platform provides tools and functionalities to manage guest data in accordance with privacy regulations. For individuals whose data is processed by Root Stay (as a data processor on behalf of our clients or as a data controller for our business interactions), you have the right to:

• Access and Rectification: Request access to the personal data we hold about you and request corrections to any inaccurate or incomplete information.
• Erasure (Right to Be Forgotten): Request the deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
• Data Portability: Request to receive your personal data in a structured, commonly used, and machine-readable format, and have the right to transmit that data to another controller.
• Object to Processing: Object to the processing of your personal data where we are relying on a legitimate interest as our legal basis for processing.
• Marketing Communications: Opt-out of receiving marketing communications from Root Stay at any time.

To exercise any of these rights, or if you have any questions or concerns regarding this Privacy Policy or our data practices, please contact our Data Protection Officer:

Root Stay Privacy Division
789 Oakleaf Drive, Suite 200
Portland, ME 04101, United States
Email: info@rootstay.com
Phone: (207) 555-1234

We are committed to resolving any complaints about our collection or use of your personal data. Please contact us first to address your concerns.