Privacy overview

Privacy controls for hospitality teams handling sensitive guest data.

This page is an operational privacy summary for guided pilots and early SaaS conversations. A full customer privacy policy should be finalized with legal counsel before self-service commercial launch. Requires legal review before broad public launch.

Purpose-limited collection

Guest check-in details and identity documents are collected only for hospitality operations and legal registration workflows.

Private document handling

Identity documents and optional verification videos are handled through encrypted storage and signed access paths.

Role-aware access

Owners, housekeeping, maintenance, and accountant roles do not receive guest identity document access.

Retention planning

Formal retention and deletion automation is planned before self-service SaaS launch. Current production use requires trained staff procedures.

Current privacy commitments

Luxstay does not position public pages as a place to upload guest identity documents. Guest uploads happen only through secure check-in links tied to a booking workflow.

Product dashboards are designed to show operational metadata without exposing raw identity numbers, storage paths, token hashes, or encrypted document internals.

Guided pilot privacy notice

Guided pilot access is invite-only. Public signup is not enabled, and customer onboarding is handled directly with trained operators.

Real identity documents should only be uploaded through secure guest check-in links when required for hospitality registration.

Retention, deletion, video-verification, and support-access wording must be finalized with legal review before broader SaaS launch.

Ready to see Luxstay with your operation?

Start with a guided demo, not a risky migration.

Request demo