GuestTriage is committed to protecting your privacy. This policy explains what data we collect, why we collect it, and how we handle it. If you have any questions, contact us at hello@guesttriage.com.
1. Who we are
Data Controller (for our website and marketing): SmileStride Sportswear Ltd, trading as GuestTriage, Preston, Lancashire, UK.
Data Processor (for hotel guest data): GuestTriage acts as a data processor on behalf of hotels (the data controllers) who use our platform to manage guest complaints and reviews.
Contact: hello@guesttriage.com
2. What data we collect
2.1 Data collected from hotels (our customers)
- Name and email address of the hotel owner or manager who signs up
- Business name, address and contact details
- Payment information (processed securely by Stripe — we do not store card details)
- Usage data — how the platform is used, complaint volumes, response times
2.2 Data collected from hotel guests (via the guest complaint form)
- Guest name
- Room number
- Email address (optional — only if the guest chooses to provide it)
- Complaint text — the content of their complaint or feedback
- Timestamp and source of submission
2.3 Data collected from our website
- Standard web server logs including IP address and browser type
- Any information submitted via contact forms
3. Why we collect this data
| Data | Purpose | Legal basis |
|---|---|---|
| Hotel account details | Providing the GuestTriage service | Contract performance |
| Payment data | Processing subscription payments | Contract performance |
| Guest complaint data | Enabling hotels to manage and respond to guest feedback | Legitimate interests of the hotel |
| Website usage data | Improving our service and security | Legitimate interests |
4. Who we share data with
We do not sell personal data to any third party. We share data only with the following trusted sub-processors:
| Sub-processor | Purpose | Location |
|---|---|---|
| Supabase Inc | Database hosting and storage | EU (Ireland) |
| Anthropic PBC | AI processing of complaint text | United States |
| Stripe Inc | Payment processing | United States |
| Netlify Inc | Website hosting | United States |
All sub-processors are contractually required to handle data in accordance with GDPR.
5. Data retention
- Hotel account data: retained for the duration of the subscription and 12 months after cancellation
- Guest complaint data: retained for 12 months from the date of submission, then permanently deleted
- Payment records: retained for 7 years in accordance with UK tax law
- Website logs: retained for 90 days
6. International data transfers
Anthropic PBC is based in the United States. Complaint text is sent to Anthropic's API for AI processing. This transfer is made under the UK International Data Transfer Agreement (IDTA) and EU Standard Contractual Clauses (SCCs). Complaint text sent to Anthropic does not include guest email addresses or any directly identifying information beyond names and room numbers.
7. Your rights under GDPR
Individuals whose data we process have the following rights:
- Right to access — request a copy of your personal data
- Right to rectification — request correction of inaccurate data
- Right to erasure — request deletion of your personal data
- Right to restrict processing — request that we limit how we use your data
- Right to data portability — request your data in a machine-readable format
- Right to object — object to processing based on legitimate interests
To exercise any of these rights, contact us at hello@guesttriage.com. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
8. Security
All data is encrypted in transit (TLS) and at rest. Access to the database is restricted to authorised personnel only. We conduct regular reviews of our security practices.
9. Changes to this policy
We may update this privacy policy from time to time. We will notify hotel customers of any material changes by email. The date at the top of this document indicates when it was last updated.
10. Contact
SmileStride Sportswear Ltd, trading as GuestTriage
Email: hello@guesttriage.com
Website: guesttriage.netlify.app