Privacy Policy

Estancia (the “Service”, “we”, “us”, or “our”) is a hotel management platform. We are committed to protecting your privacy and ensuring you have a positive experience on our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our Service.

We collect information that identifies, relates to, describes, or is reasonably capable of being associated with you. The types of data we collect include:

• Account Data: Your name, email address, organization name, and authentication identifiers. We use Clerk to securely handle user authentication.
• Hotel Data: Information about your property, such as hotel name, subdomain, custom domain, currency, timezone, address, theme settings, and operational configurations.
• Guest Data (You as Data Controller): When you manage reservations, you collect data about your guests (name, email, phone, notes, booking history). Estancia processes this information strictly as a data processor on your behalf. You are responsible for ensuring you have the legal right to collect and process your guests' data.
• Payment Data: Payment processing is handled securely by Stripe Connect. We do not store or process full credit card numbers on our servers.
• Operational and Usage Data: We collect log data, request metadata, error traces, and audit logs to monitor system performance, troubleshoot issues, and improve the Service.

• To provide, operate, and maintain the Service.
• To process transactions and send related information, including confirmations and invoices.
• To manage your account and provide customer support.
• To communicate with you about updates, security alerts, and administrative messages.
• To analyze usage patterns and improve our platform.
• To detect, investigate, and prevent fraudulent transactions and other illegal activities.

We employ third-party companies and individuals to facilitate our Service, provide the Service on our behalf, perform Service-related operations, or assist us in analyzing how our Service is used. Our current sub-processors include:

• Clerk: For secure user authentication and identity management.
• Neon: For managed, serverless Postgres database hosting.
• Stripe: For secure payment processing and financial services.
• Resend: For delivering transactional emails.
• Vercel: For cloud hosting and global infrastructure.

These third parties have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements). We implement appropriate technical and organizational security measures designed to protect the security of any personal information we process.

For Hotel Operators: You can access, update, or delete your account information at any time within your dashboard settings. You may also request a complete export of your hotel's data or request full account deletion by contacting us.

For Guests: If you are a guest of one of the hotels using Estancia, the hotel is the Data Controller of your personal information. Please contact the hotel directly for any requests regarding access, correction, or deletion of your data.

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last updated” date. You are advised to review this Privacy Policy periodically for any changes.

If you have any questions or concerns about this Privacy Policy, or our practices regarding your personal information, please contact us at: privacy@estancia.com.