Privacy Policy

Hotelligence®
Effective Date: March 2, 2026

Hotelligence® provides privacy-first incident documentation infrastructure for hotels and lodging operators. This Privacy Policy explains how information is collected, stored, used, and disclosed in connection with:

• The public website
• Account administration and billing
• The SafeScope® incident documentation infrastructure

Hotelligence is designed as neutral infrastructure. It does not monitor individuals, investigate incidents, assign risk, infer identity, or direct operational decisions.

1. Roles and Data Responsibility

The subscribing hotel or lodging operator is the data controller and operator of record for all Incident Records created within its environment.

Hotelligence acts solely as an infrastructure provider and data processor under contract.

Hotelligence does not determine what is documented, what actions are taken, or whether information is escalated. All operational discretion remains with the subscribing organization.

2. System Data Objects

The system contains three distinct objects:

2.1 Incident Record

A staff-visible documentation entry describing what was observed. It may include narrative text, timestamps, and uploaded materials.

2.2 Encrypted Incident Archive

Upon creation of an Incident Record, preserved materials are stored in encrypted, access-restricted storage. The Archive is not staff-editable and exists solely to preserve integrity.

2.3 Encrypted Evidence Bundle (EEB)

An EEB is created only through deliberate management action using “Create Evidence Bundle from Existing Record.” It is a sealed, tamper-evident package prepared for lawful external sharing.

Hotelligence does not automatically create Evidence Bundles and does not independently escalate information.

3. Information Collected

3.1 Account and Administrative Information

• Organization name
• Authorized administrator contact details
• Billing information
• Authentication credentials

3.2 Incident Documentation Information

As entered by the subscribing organization:

• Narrative descriptions
• Uploaded files or media
• Date and time metadata
• Internal reference identifiers

Hotelligence does not require identification of individuals and does not operate an identity layer.

3.3 Technical and Security Logs

• Authentication activity
• Access logs
• System performance logs
• IP address and browser metadata for security purposes

These logs are used solely to maintain system integrity and security.

4. What Hotelligence Does Not Do

• Monitor guests or staff
• Provide real-time surveillance
• Generate alerts or notifications
• Automatically escalate incidents
• Perform facial recognition
• Infer or determine identity
• Assign behavioral scores
• Conduct profiling
• Sell or monetize incident data
• Use advertising networks or behavioral tracking

The system preserves documentation. It does not interpret events or determine conclusions.

5. Purpose of Processing

Information is processed only to:

• Provide incident documentation infrastructure
• Preserve records securely
• Maintain system integrity and availability
• Administer accounts and billing
• Comply with lawful legal obligations

Incident documentation is not used for marketing or advertising purposes.

6. Disclosure of Information

Hotelligence does not access or disclose Incident Records or Encrypted Incident Archives except:

• At the direction of the subscribing organization
• When an authorized administrator creates an Encrypted Evidence Bundle
• When legally compelled by valid court order, subpoena, or statutory obligation
• As required to maintain system integrity and security

Hotelligence does not independently report incidents to law enforcement.

Creation and external sharing of an Encrypted Evidence Bundle occurs only by subscriber choice.

Correlation within the system does not constitute attribution of identity or legal conclusions.

7. Data Retention and Deletion

Retention periods are governed by subscriber configuration and contractual agreement.

Incident Records and Encrypted Incident Archives remain stored until:

• Deleted by authorized subscriber action, or
• Retention period expires under subscriber policy

Upon account termination:

• Subscriber-accessible Incident Records are removed from active systems.
• Encrypted preserved materials are deleted in accordance with contractual obligations.
• Backup copies are securely purged according to documented deletion schedules.

Hotelligence does not retain incident documentation for independent use after termination, except where legally required.

8. Security

Hotelligence employs commercially reasonable safeguards, including:

• Encrypted, access-restricted storage
• Role-based access controls
• Audit logging
• Tamper-evident packaging for Evidence Bundles
• Secure hosting infrastructure

While no system can guarantee absolute security, Hotelligence maintains safeguards consistent with infrastructure service standards.

9. Cross-Sector Participation (If Enabled)

If a subscribing organization elects to participate in cross-sector incident sharing:

• Sharing occurs at the incident level only.
• No identity layer is introduced.
• Participating organizations cannot access each other’s records.
• Staff do not receive cross-property visibility.

Participation is voluntary and governed by subscriber election.

10. International Compliance

Where applicable, Hotelligence supports compliance with:

• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA/CPRA)
• Other applicable data protection regulations

Hotelligence processes data under contractual agreement with the subscribing organization, which remains the data controller.

Data processing agreements are available upon request.

11. Individual Inquiries

Individuals seeking access to or correction of incident documentation should contact the relevant hotel or lodging operator directly.

Hotelligence cannot independently modify Incident Records without subscriber authorization.

12. Changes to This Policy

This Privacy Policy may be updated periodically. Updates will be reflected by revising the Effective Date.

Continued use of the service after changes constitutes acceptance of the revised policy.

13. Contact

contact@myhotelligence.com