Privacy Policy

Ostelflow is a hospitality platform that helps independent hotels and property managers run their properties — managing inventory across OTAs, taking direct bookings, communicating with guests, and handling owner statements. "We", "us", and "Ostelflow" in this document refer to the entity operating the Ostelflow service.

This page explains what personal data we handle, why, how long, and your rights over it. It applies to two audiences:

• Hoteliers — the businesses and individuals who sign up for an Ostelflow account.
• Guests — the people who stay at properties using Ostelflow. We process guest data on behalf of the hotelier, who is the data controller for guest data.

• Account data: name, email, phone, password (stored hashed), preferred language.
• Property data: property name, address, units, photos, pricing, descriptions, channel-manager credentials.
• Application data: when you submit our public application form, the property + contact info you provide.
• Billing data: Stripe customer + subscription identifiers (full payment details stay on Stripe; we never see your full card number).
• Usage data: standard application logs (which pages, which actions, error traces) for debugging and abuse prevention.

• Booking data: guest names, contact details, stay dates, room assignments, prices.
• Check-in data: identity document numbers and scans, nationality, date of birth — whatever local hospitality law requires the hotelier to collect (e.g. fiche de police in France and Morocco; tax forms in Tunisia).
• Messages: guest-to-hotelier chat from OTAs (Booking.com, Airbnb, etc.), WhatsApp, and direct messages — for the inbox feature.
• Reviews: public reviews left by guests on OTAs, mirrored into our Reputation module.

For guest data, the hotelier is the data controller and Ostelflow is the processor. If you are a guest, please contact the property directly to exercise your rights (access, deletion, correction).

• To provide the service: running your property management workspace, syncing inventory, taking bookings, sending transactional emails.
• To bill you: subscription management via Stripe.
• To support you: when you contact us, we read your account context to help.
• To improve the product: aggregated, anonymised usage patterns — never individual behavior data sold or shared.
• Legal compliance: hospitality registration forms, tax reporting, fraud prevention.

We share data only with sub-processors strictly necessary to deliver the service. As of the last-updated date above, these are:

• Vercel (United States / global edge) — hosting, compute, network.
• Neon (EU region) — managed Postgres database.
• Octorate (Italy) — channel manager API for pushing inventory and pulling reservations from Booking.com, Airbnb, Expedia, Vrbo, and other OTAs.
• Stripe (Ireland for EU) — subscription billing and payment processing.
• Resend (United States) — transactional email delivery.
• Meta WhatsApp Business Cloud API (Ireland) — when a property enables WhatsApp guest messaging.
• Cloudflare — bot protection on our public form (Turnstile captcha).
• Anthropic (United States) — AI inference for the optional smart-reply feature, when enabled.

We do not sell personal data. We do not share data with marketing or advertising third parties.

The primary application database lives in the European Union. Some sub-processors above operate from other regions and may transfer data internationally under Standard Contractual Clauses (SCCs) or equivalent safeguards.

• Active account data: for as long as your account is active.
• After account closure: 30 days of soft-delete (recoverable on request), then hard delete. Billing records are retained for the period required by applicable tax law (typically 10 years).
• Online check-in photos: 90 days from the stay, then automatically deleted.
• Application logs: 30 days.

Under GDPR and equivalent regimes, you can request:

• Access — a copy of the personal data we hold about you.
• Rectification — correction of inaccurate data.
• Deletion — removal of your account and data (subject to legal retention obligations).
• Portability — export of your data in a structured format.
• Objection — to specific processing activities.

Hoteliers can export their data and request deletion from Settings → Your data inside the app, or by emailing privacy@ostelflow.com.

Guests should contact the property where they stayed directly — the property is the data controller for their booking, check-in, and messaging data.

We use one essential cookie: a session token that keeps you logged in. We do not use marketing, advertising, or third-party analytics cookies. No cookie consent banner is shown because no non-essential cookies are set.

Passwords are stored hashed (bcrypt/scrypt-class). Channel-manager credentials are encrypted at rest. Payment card data is handled exclusively by Stripe — we never store full card numbers. Backups and access logs are maintained for the database. We work towards industry-standard practices but do not currently hold a formal certification such as ISO 27001 or SOC 2.

If we materially change this policy we will email account owners and update the "last updated" date at the top of this page.

For any privacy question, request, or complaint: privacy@ostelflow.com. If you are in the EU and want to escalate, you can also contact your local data protection authority.