Privacy Policy

Last Updated: March 2026

1. Introduction

LoftDesk Inc. ("LoftDesk," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

Information You Provide Directly

• Account Registration: Name, email, phone, hotel name, address, billing information
• Communications: Messages, emails, phone calls, and support inquiries
• Payment Information: Billing details and payment method information (processed by secure third-party processors)
• Profile Information: Hotel details, number of rooms, staff information
• Guest Data: (Optional) Guest information you choose to sync with our platform

Information Collected Automatically

• Log Data: IP address, browser type, pages visited, time spent, referring URL
• Cookies and Similar Technologies: We use cookies for authentication, preferences, analytics
• Device Information: Device type, operating system, unique identifiers
• Usage Data: Features accessed, frequency of use, user behavior patterns

Information From Third Parties

• Service Providers: Payment processors, email providers, analytics platforms
• Business Partners: Third-party integrations you authorize

3. How We Use Your Information

We use collected information for:

• Service Delivery: Operating, maintaining, and improving LoftDesk
• Communication: Support, updates, announcements, marketing (with consent)
• Analytics: Understanding usage patterns and optimizing services
• Security: Detecting and preventing fraud, abuse, or security incidents
• Compliance: Meeting legal obligations and enforcing terms
• Legal Bases: Legitimate business interests, contract performance, legal compliance, consent

4. Information Sharing & Disclosure

We share information in these circumstances:

• Service Providers: Third-party vendors who assist in delivering services (payment processors, hosting providers, analytics platforms)
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In case of merger, acquisition, or asset sale
• With Consent: When you explicitly authorize sharing
• Aggregate Data: Non-identifying, aggregated information for analytics

We do NOT sell your personal information to third parties.

5. Data Security

We implement comprehensive security measures:

• Encryption: SSL/TLS for data in transit; AES-256 for data at rest
• Access Controls: Role-based access, authentication, authorization
• Infrastructure: Secure cloud hosting with regular security audits
• Backups: Redundant backups in geographically distributed locations
• Monitoring: 24/7 security monitoring and intrusion detection

However, no security system is impenetrable. We cannot guarantee absolute security.

6. Data Retention

• Account Data: Retained while account is active and 30 days after deletion
• Transaction Data: Retained for 7 years for accounting and legal purposes
• Communication Data: Retained for support purposes
• Cookies: Retained per cookie policy settings

You may request deletion of your data subject to legal retention requirements.

7. Your Rights & Choices

Data Access & Portability

• Right to access personal data we hold about you
• Right to export your data in portable format

Correction & Deletion

• Right to correct inaccurate information
• Right to request deletion (subject to legal requirements)

Marketing Communications

• Unsubscribe from promotional emails anytime
• Manage notification preferences in account settings

Cookie Management

• Manage cookie preferences in browser settings
• Opt-out of non-essential tracking cookies

Regional Rights

• GDPR (EU/EEA): Right to restrict processing, object to processing, file complaints
• CCPA (California): Right to know, right to delete, right to opt-out of sales
• Other Regulations: Rights under applicable privacy laws

8. Children's Privacy

LoftDesk Services are not intended for children under 13. We do not knowingly collect information from children under 13. If we discover such information, we will delete it promptly.

9. Third-Party Links & Services

Our website may contain links to third-party websites. We are not responsible for their privacy practices. Review their privacy policies before sharing information.

10. International Data Transfers

LoftDesk is based in the United States. Your information may be transferred to, stored in, and processed in countries other than your country of residence, which may have different data protection laws. By using LoftDesk, you consent to such transfers.

11. Updates to This Policy

We may update this Privacy Policy periodically. Changes become effective when posted. Continued use of LoftDesk after changes constitutes acceptance of the updated policy.

12. Contact Us

Questions or concerns about this Privacy Policy?

LoftDesk Inc.
Email: [email protected]
Address: 123 Hospitality Plaza, San Francisco, CA 94105, USA
Phone: +1 (415) 714-9230

Data Protection Officer: [email protected]

We will respond to privacy inquiries within 30 days.

Last Updated: March 16, 2026