Privacy Policy

Version 1.0,
Last update on March 1st, 2022

PRIVACY POLICY


This Privacy Policy (“Policy”) has been prepared for providing information on processing of the personal information by SAAS Hospitality Limited (“HotelRunner” or “Company”) in case services of HotelRunner offered to Wix users are used over the website of Wix.Com Ltd (“Wix”).

Please click the headings below to access any section of the Policy about which you would like to get information:

  1. Scope of the Policy
  2. How does HotelRunner Act During the Processing of Personal Information?
  3. Which Personal Information is Processed?
  4. What are the Methods of Collecting Personal Information?
  5. What are the Purposes of HotelRunner in Processing Personal Information?
  6. To Whom Personal Information is Transferred?
  7. What is the Duration of Storing Personal Information?
  8. What are Your Rights?
  9. Children’s Information
  10. Contact Us

  1. Scope of the Policy

    HotelRunner offers services where small, medium and large-sized hotels, chain hotels, B&Bs, motels, daily and monthly rentals, hostels (collectively “Property”) can manage their properties and accommodation services online including operations, guest relations and sales. HotelRunner enables its users to increase their sales and easily reach different guests around the world by creating innovative sales channels.

    HotelRunner services are integrated into the website you created on Wix.com and your administrative dashboards on Wix.com. Within the scope of your website created via Wix.com, you have the HotelRunner services created for the management of your Property and your bookings that are integrated into your website and your dashboards. All rights of the HotelRunner Platform ("Platform") that you will use through Wix.com are owned by HotelRunner.

    During provision of the services within the scope of the Platform, HotelRunner will have access and process the personal information of your Property's authorized representatives and guests. However, HotelRunner processes guest information and personal information of authorized persons of your Property in different ways. This Policy includes explanations regarding both processing activities.

    For the purposes of this Policy, “Data Protection Requirements” means all laws and subordinate regulations applicable in connection with the processing of personal information including but not limited to Law on the Protection of Personal Data numbered 6698, United Kingdom Data Protection Law 2018, and the European Union General Data Protection Regulation (GDPR).

  2. How does HotelRunner Act During the Processing of Personal Information?

    • Processing of the Information of Your Property's Guests by HotelRunner

    In line with your use of HotelRunner services, you provide us with certain information about your guest. HotelRunner's duty in these services is to ensure that guest information is entered into the Platform in the most accurate and easy way, and that you use the Platform appropriately. HotelRunner does not use the guest information you enter on the Platform for its own purposes. HotelRunner's access to guest information is limited to your use of the Service and the Platform. In this context, HotelRunner acts solely as a data processor. Accordingly, you, as the data controller, are responsible for the compliance of your guests’ information with the Data Protection Requirements.

    Your Property is responsible for complying with Data Protection Requirements for the processing of guest information. Accordingly, your Property must inform the guests whose personal information will be entered on the Platform and obtain their explicit consent when legally required. In case guests make a request regarding the processing of their personal information, HotelRunner is not responsible for responding to these requests. In case there is a request forwarded to HotelRunner, HotelRunner provides the necessary support to forward this request to you and your Property. In addition, if there is a technical intervention required by your Property in connection with guest information, we may also perform these activities upon your request.

    • Processing of the Information of Your Property's Authorized Representatives by HotelRunner

    HotelRunner systematically gets your registration through Wix to ensure that you can benefit from the Platform. For this reason, it processes the personal information of the authorized persons of your Property (this person may be the owner or representative of the Property) and makes the necessary system registrations.

    HotelRunner acts as a data controller when processing personal information regarding the Property's authorized representatives. Acting as a data controller means that it is obliged to comply with the Data Protection Requirements in these processes. HotelRunner has prepared this Policy to inform the Property's authorized representatives within the scope of Data Protection Requirements. The following sections contain detailed information on how HotelRunner processes the information of the data subjects included in this scope.

  3. Which Personal Information is Processed?

    The authorized persons of your Property (for example, the owner or a representative) share their personal information with HotelRunner. The personal information that HotelRunner processes related to the Property's authorized representatives are provided below:

    Your Identity and Contact Details

    This information can directly identify you. This information may be used alone or in combination with other information.

    As HotelRunner, we process the following identity and contact details:

    • Name and surname of the authorized person,
    • Telephone number, email address and address of the authorized person,
    • Signature circulars,
    • Company employing the authorized person and his/her position in the company.

    Information on Transaction Security

    This information are technical information we obtain in connection with the devices you use. These are as provided below:

    • IP address of the device used to connect to the Platform,
    • ID of the device used to connect to the Platform,
    • The type of browser used to connect to the Platform,
    • Your information about the transactions you perform within the scope of using and visiting the Platform (logs),
    • The operating system used.

    HotelRunner also automatically tracks certain information regarding your transactions and behaviour on the Platform. HotelRunner uses this information to better understand your use of the Platform and to provide useful changes, updates, and improvements.

    Other Personal Information

    This information are obtained within the scope of the communication you establish with our Company. These are as provided below:

    • Information regarding the written communication between HotelRunner and your Property,
    • Information within the scope of email correspondences between HotelRunner and your Property,
    • Information you convey to HotelRunner within the scope of your requests, inquiries and complaints,
    • Your feedback regarding the delivery of the Service and the Platform.
  4. What are the Methods of Collecting Personal Information?
    • Your Use of HotelRunner Services: When you create an account on Wix.com, your personal information is automatically shared with us because the Platform is integrated with Wix and its platforms and the website you will create using Wix.com. When you create a Wix.com website, your personal information is shared with us by Wix.com. In this context, we make the necessary adjustments to create your system authorizations and enable you to benefit from the Service.
    • Visits to the Internet Site: We may only process certain personal information as part of your visit to our website even when you do not have a HotelRunner user account. This personal information includes information about your visit, such as browser type, operating system, actions you take on the site, and the IP address you use to access pages on the site. For information on personal information processing activities within the scope of the website, please visit: https://hotelrunner.com/en/privacy.
    • Question, Inquiry and Complaint Channels: We also collect your personal information through the correspondence we conduct in electronic and physical environments, the feedback you share with us, your questions, inquiries, and complaints submitted to HotelRunner. For example, you can forward your questions, inquiries and complaints to us through our support channels.
  5. What are the Purposes of HotelRunner in Processing Personal Information?

    We only process the personal information you share with us in order to achieve certain purposes. We assure that your personal information is safe with HotelRunner and that your personal information is not subject to any processing activities other than the purposes listed below. In case your personal information will be processed for a purpose other than those specified in this Policy, we will inform you in advance.

    Provision of HotelRunner Services

    HotelRunner's main purpose in processing your personal information is to allow you to benefit from the services offered by HotelRunner. In this context, we process your personal information within the scope of the agreement made between you and HotelRunner. During provision of the services, our purposes for processing your personal information also include:

    • Making system registrations for the Property's authorized representatives, creating user accounts and authorizations,
    • Accepting and managing online and offline reservations from your website and your dashboard, promoting your Property in online and offline channels through travel agencies, providing integration with systems and platforms that enable reservations, promotion, sales and acceptance of payments, providing central reservation, revenue and guest relationship management,
    • Ensuring the control, management and supervision of the business operations conducted through HotelRunner,
    • Providing technical support within the scope of access and use of the Platform.

    Communication Processes

    HotelRunner contacts you for your requests, inquiries and suggestions during the provision of services. HotelRunner cares about your feedback regarding the services it offers and takes it into account to improve its services. These processes are carried out within the legitimate interests of HotelRunner. The purposes of processing your personal information within the scope of carrying out communication activities are as follows:

    • Receiving and processing your questions, inquiries and complaints,
    • Receiving your feedback about the Platform and our services,
    • Developing and improving the Platform and our services within the scope of your feedbacks,
    • Contacting you regarding the Services and the Platform updates, changes and improvements.

    Execution of Legal Processes

    HotelRunner processes your personal information in order to protect its rights in case of a potential dispute. In addition, there may be situations where HotelRunner requires to disclose the information to the governmental authorities and agencies in order to perform its legal obligations.  The objectives of processing your personal information as a requirement of legal processes include:

    • Performance of our legal obligations in cases the governmental authorities and agencies make a request from our Company or when we need to notify these entities (for example, sharing your personal information when a public institution requests information about a transaction that is suspected to be illegal),
    • Protecting our Company rights, reputation and the rights of the Properties with which we have a business relationship in the event of a possible dispute.

    Ensuring the Security

    During the processing of your personal information, we take some precautions to ensure compliance with the relevant legislation, identify violations and prevent fraud. In this context, for example, we do not allow a Property to create a user account twice. In taking those protective measures, we aim to protect the rights of both the Properties benefiting from HotelRunner’s services and our Company. In this context, we have listed the purposes for which we process your personal information below:

    • Compliance with applicable legislation and Data Protection Requirements,
    • Investigating security incidents/event suspicions and preventing forgery/fraud,
    • Investigating situations that violate the HotelRunner Terms and Conditions.
  6. To Whom Personal Information is Transferred?

    Please note that your personal information is protected by HotelRunner and is not disclosed to unauthorized third parties.

    Your personal information may be transferred to and processed in countries other than your country of residence. These countries may have data protection regulations that differ from the laws of your country.

    Our Affiliates, third-party service providers and business partners operate in different countries. This means that we may process your personal information in any of these countries. However, please note that we have taken the necessary measures in accordance with the applicable Data Protection Requirements to ensure the protection of your personal information during these transfers.

    The parties with whom we transfer your personal information are listed below:

    Authorized Travel Agencies

    We share your personal information with the travel agencies that we work and integrate with within the scope of the provision of our services. Travel agencies are third parties that provide you with online or offline support, their own services, meet your requests and solve your problems within the scope of the service you use.

    Parties Collaborated for the Provision and Improvement of Services

    Time by time, we collaborate to improve our services and reach more Properties.

    We may need to disclose your personal information with the party we cooperate with in order to provide services within the scope of cooperation. For example, we may offer a service that is integrated with a service offered by a third party. In this case, third parties process your personal information in accordance with their own privacy policies. We recommend that you review their privacy policy for information on how the relevant third party processes your personal information.

    You can benefit from the Platform integrated with the website you have created on Wix.com through our cooperation with Wix. Wix.com processes your personal information in accordance with its respective privacy policy (for detailed information on how Wix.com processes personal information, we recommend you to review https://www.wix.com/about/privacy).

    Service Providers

    We work with carefully selected service providers who perform specific tasks on our behalf. These parties are service providers that provide technology infrastructures, storage, aggregation and analysis of data, processing payments, legal or other professional services to us. In this context, we share your personal information with these service providers.

    In sharing personal information with service providers, we ensure that they comply with this Policy and Data Protection Requirements.

    Affiliates

    If necessary, we share your personal information with our Company's shareholders and  affiliates (HotelRunner Inc., HotelRunner Bilgi Teknolojileri Ticaret A.Ş. and HotelRunner Teknoloji A.Ş.). In doing so, we aim to ensure compliance and standardization with our affiliate’s policies and procedures, coordinate business operations effectively, and carry out reporting processes.

    Government Authorities and Agencies

    We share your personal information for the performance of our legal obligations in cases the government  agencies make a request from our Company or when we need to notify these entities (for example, sharing your personal information when a public institution requests information about a transaction that is suspected to be illegal).

  7. What is the Duration of Storing Personal Information?

    Please note that we do not retain your personal information permanently. We comply with the applicable Data Protection Requirements for the retention of personal information. If a legal period is specified, we are obliged to comply with this period as a rule. Therefore, when deciding how long we will retain your personal information, we consider these legal periods as priority. If the applicable Data Protection Requirements do not provide a specific period for the retention of your personal information, then we retain your personal information within the framework of the principle of "keep it as long as you need". We delete, destroy or anonymize personal information completely when we no longer need the information.

    We securely store your personal information within HotelRunner. For protecting your personal information, we prefer safe storage methods suitable for the nature of the personal information we process. We take all necessary technical and organizational measures regarding the protection of personal information.

  8. What are Your Rights?

    In accordance with the applicable Data Protection Requirements, you have certain rights as a data subject. These rights allow you to have detailed information about how your personal information is processed. In case you submit a request regarding your rights to HotelRunner, our Company will respond to your request within a specified time in accordance with the applicable Data Protection Requirements. In accordance with the Data Protection Requirements, you have the following main rights:

    • Right to Get Information refers to your right to know whether we process your personal information and if we are doing so, the purpose of processing your personal information.   
    • Right to Access refers to your right to obtain a copy of your personal information together with the purpose of processing, the type of information processed, the persons who we transferred your personal information.   
    • Right to Correction refers to your right to claim correction/update of your personal information which you think is inaccurate or not up to date.    
    • Right to Erasure refers to your right to request erasure of your personal information from all electronic/physical media where it is stored (in case you request the erasure of your personal information, in some cases, we may keep your personal information for certain periods in accordance with our legal obligations. Please review the explanations given under the section G of this Policy).
    • Right to Transferable Information refers to your right to collect and reuse your personal information from our Company collectively. You may transfer your personal information from our Company to a different third party, or you may request this transfer from our Company.
    • Right to Object Processing of Information refers to the right to object to the processing of your personal information by our Company. You may also exercise your right to object to the processing of your personal information for certain processes such as marketing communications. In order to exercise this right, you do not have to object to the processing of all your personal information by our Company.
    • Right to File a Complaint to Data Protection Authority: You have the right to file a complaint to the data protection authority about our processing of your personal information. Please contact your local data protection authority for more information.

    HotelRunner operates in multiple countries. Our lead data protection supervise authority is   Information Commissioner's Office of the United Kingdom.

  9. Children’s Information

    We do not knowingly collect or solicit personal information from anyone under the age of 18. If you are under 18, please do not send any personal information about yourself without your parent’s or legal guardian’s explicit consent. If we learn that we have collected personal information from a child under the age of 18 without consent from the parent or legal guardian, we will investigate and delete that information as soon as reasonably practicable. If you believe that a child under 18 may have provided us personal information, please contact us using the contact information in the “Contact Us” section.

  10. Contact Us

    You may contact us at any time when you have a question about how we collect, store and use your personal information or when you wish to exercise your rights about your personal information.

    For contacting us, you may use the following email address: dataprivacy@hotelrunner.com