Conoce

Política de privacidad

Política de privacidad

Effective from: August 14, 2025

Sirvoy Limited, a company registered in the Republic of Ireland (“Sirvoy,” “We,” “Us,” or “Our”), is committed to protecting your privacy. This Privacy Policy describes how we collect, use, and disclose personal information through Sirvoy’s website (https://sirvoy.com), our booking/booking system (the “System”), mobile applications, and other related products and services (collectively, “Online Services”). This policy also outlines your choices regarding your personal information and how you can access and update it.

By using Sirvoy’s Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about this Privacy Policy, please contact our Data Protection Officer at dpo@sirvoy.com.

For purposes of data protection laws, specifically the  EU General Data Protection Regulation (GDPR) and the Irish Data Protection Acts 1988-2018, Sirvoy Limited, registered in the Republic of Ireland and is the data controller responsible for your information when we determine the purposes and means of processing. Whenever Sirvoy acts on behalf of a hotel or similar entity using our System, that entity shall be the data controller, and Sirvoy shall be the data processor. In such cases, this policy applies where relevant to Sirvoy’s role as data processor, and you should contact the relevant hotel/entity for queries about their data processing practices.

What Information We Collect

We only collect information about you if we have a legitimate reason to do so, for example, to provide our Services, to communicate with you, or to make our Services better. We collect information in three ways: if and when you provide information to us, automatically through operating our services, and from outside sources.

Information You Provide to Us

We collect information that you directly provide to us. The amount and type of information depend on the context and how we use the information.

  • Basic Account Information: When you register for our Services (including free trials) or contact us, you may provide information such as your name, email address, physical address, and phone number. Your phone number is collected for onboarding support and assistance with system setup.
  • Transaction and Billing Information: If you purchase paid Services, you will provide additional personal and payment information required to process the transaction, such as your name, credit card information (number, expiration date, verification code), and contact details.
  • Communications with Us: You may provide us with information when you respond to our emails, communicate with us via telephone, or engage with our customer support. In the regular course of our business, Sirvoy may monitor and record phone conversations or email communications between you and Sirvoy employees for training and quality assurance purposes.
  • Surveys and Testimonials: We may provide opportunities to participate in surveys to measure customer satisfaction, or collect testimonials and reviews from satisfied customers. If you participate, we may request certain personally identifiable information..“We will obtain your explicit consent before displaying your testimonial in any format,  for example text, audio, or video.

Information We Collect Automatically

We also collect certain information automatically when you use our Online Services.

  • Usage Information: We collect information about your usage of our Services, including what happens when you use them. This information helps us provide our Services, understand user interaction, and improve our offerings.
  • Traffic Data: Sirvoy or its third-party service providers may collect visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data («Traffic Data»). We use Traffic Data to compile statistics about website usage, diagnose server problems, administer our site, and display content according to your preferences.
  • Location Information: When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
  • Information from Cookies & Other Technologies: Sirvoy uses cookies and other technologies like pixel tags to help us identify and track visitors, usage, and access preferences for our Services, as well as track and understand email campaign effectiveness and deliver targeted ads.

Information from Cookies & Other Technologies

Sirvoy uses cookies and other technologies like pixel tags (web beacons) to help us identify and track visitors, usage, and access preferences for our Services. Pixel tags are small blocks of code placed on websites and e-mails. These technologies also help us track and understand email campaign effectiveness and deliver targeted ads.

The use of tracking technologies by our service providers, technology partners, or other third-party assets (such as social media links) on the site is not covered by this Privacy Policy. We do not have access to or control over these technologies.

Information We Collect from Other Sources

We may also obtain information about you from other sources. For example, if you connect to our website, we may receive aggregated information from Google Analytics. The information we receive depends on the services you authorize in your browser and any available options. We may also get information from third-party services about individuals who are not yet our customers, which we may use for marketing and advertising purposes.

How We Use Information

We only process your personal data when we have a clear legal ground under the EU GDPR, specifically the bases listed in Articles 6(1)(a)–(f) (and Article 9 for special-category data). We use information about you for the following purposes:

  • To Provide Our Services: To set up and maintain your account, process payments, facilitate bookings (where Sirvoy acts as processor), and deliver the core functionality of the Sirvoy System.
  • To Further Develop and Improve Our Services: By analyzing trends, monitoring user interaction, and adding new features that benefit our users.
  • To Ensure Security and Prevent Fraud: To monitor and protect the security of our Services, detect and prevent fraudulent transactions and other illegal activities, fight spam, and protect the rights and property of Sirvoy and others.
  • To Communicate with You: To send you updates, obtain feedback, keep you informed about Sirvoy and our products, and communicate offers and promotions that we think will be of interest to you. This includes service-related communications such as account management messages, system updates, and reactivation campaigns for expired trial accounts.
  • To Personalize Your Experience: To provide content recommendations, display dynamic content on our website based on your interactions, and serve relevant advertisements based on your preferences and usage patterns.
  • To Facilitate Transactions: To facilitate your transactions with our third-party payment processors.
  • To Comply with Legal Obligations: To meet our legal and regulatory requirements or as otherwise permitted by law.
  • To Enforce Our Legal Terms: To ensure compliance with our Terms & Conditions and prevent abuse or misuse of our Services.

We may combine information collected through the Online Services with information obtained from other sources. We may also aggregate and/or de-identify information to limit or prevent identification of any particular user or device, which may then be used for any purpose, including research and marketing.

How We Share Information

We do not sell our users’ private personal information. We share information about you in the limited circumstances outlined below and with appropriate safeguards on your privacy:

  • Subsidiaries, Employees, and Independent Contractors: We may disclose information to our subsidiaries, employees, and independent contractors who need to know the information to help us provide our Services or process information on our behalf. They are required to follow this Privacy Policy. We rely on our legitimate interest in operating the platform (GDPR Art 6 (1)(f)), and access is controlled through role-based permissions.
  • Third-Party Vendors/Service Providers: We may share information with third-party vendors who provide services to us, such as payment providers, analytics providers, and marketing partners. These companies require information to perform their functions and are required to agree to privacy commitments. A list of our sub-processors is available on Sirvoy’s website.
  • As Required by Law: We may disclose information in response to a subpoena, court order, or other governmental request. (Art 6 (1)(c))
  • To Protect Rights and Property: We may disclose information when we believe in good faith that it is reasonably necessary to protect the property or rights of Sirvoy, third parties, or the public at large.
  • Business Transfers: In the event of a merger, sale of company assets, or acquisition of all or a portion of our business, user information would likely be one of the transferred assets. This Privacy Policy would continue to apply to your information.
  • With Your Consent/Direction: We may share and disclose information with your explicit consent or at your direction. For example, if you authorize us to share your information with third parties (e.g., social media services).(Art 6 (1)(a))
  • Aggregated and De-Identified Information: We may share information that has been aggregated or reasonably de-identified, so it cannot reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services.
  • Published Support Requests: If you send us a support request or feedback, we reserve the right to publish it to help clarify or respond to your request, or to support other users.
  • Publicly Shared Information: Information you consent to make public (e.g., public profile, posts, comments on other websites using our services) is disclosed publicly and may be indexed by search engines or used by third parties.

Cookies and Similar Technologies

Sirvoy uses cookies and other technologies for various purposes, including website functionality, security, performance analysis, and advertising. By using the Sirvoy website, you agree to the use of cookies and similar technologies in accordance with your consent preferences set via our cookie consent modal.

  • Necessary Cookies
    • Description: These cookies are essential for our website to operate correctly. They enable functions like page navigation, security, and remembering your cookie consent choices.
    • Purpose: Website operation, security, user authentication.
    • Legal Basis: Legitimate Interests (strictly necessary for providing the requested service) [GDPR Art. 6(1)(f)].
    • Duration: Typically session-based or up to 6 months (for consent preference).
  • Analytics Cookies
    • Description: These cookies allow us to count visits and traffic sources to measure and improve site performance and understand how users interact with our Services.
    • Purpose: Website analytics, performance monitoring, service improvement.
    • Legal Basis: Explicit Consent [GDPR Art. 6(1)(a); ePrivacy Directive Art. 5(3)].
    • Duration: Up to 13 months.
  • Advertisement Cookies
    • Description: These cookies collect information on user behaviors and interests to deliver targeted advertisements. Our advertising partners may use them to build a profile of your interests.
    • Purpose: Personalized advertising, retargeting, campaign measurement.
    • Legal Basis: Explicit Consent [GDPR Art. 6(1)(a); ePrivacy Directive Art. 5(3)].
    • Duration: Up to 90 days.
  • Performance Cookies
    • Description: These cookies help provide enhanced functionality and personalization, such as remembering your preferences and settings.
    • Purpose: Enhanced website functionality and user experience.
    • Legal Basis: Explicit Consent [GDPR Art. 6(1)(a); ePrivacy Directive Art. 5(3)].
    • Duration: Up to 12 months.

Managing Your Cookie Preferences

You can manage your cookie preferences at any time by clicking on the «Cookie Settings» link typically found in the footer of our website. This will re-open the cookie consent modal, allowing you to change your choices. You can also usually set your browser to remove or reject browser cookies. However, please note that if you reject cookies, certain features of Sirvoy’s websites may not function properly. Sirvoy does not currently respond to “do not track” signals across all of our Services. However, we respond to and abide by opt-out preference signals sent through the Global Privacy Control (GPC). Any opt-out preferences you have exercised through GPC will only apply to the specific device/browser on which you made them. For more information on GPC, see www.globalprivacycontrol.org.

Legal Basis for the Retention and Processing of Personal Data (EEA, Switzerland, and UK Individuals)

Our legal grounds for processing your information are as follows:

  1. Contractual Necessity (Article 6(1)(b) GDPR): Personal data is processed as necessary to fulfill our contractual obligations to our clients.Sirvoy relies on this legal ground when it acts as the data controller and the processing of personal data is strictly required to perform a contract with you or to take steps at your request before entering into that contract. In practice, this means we process your data to create and maintain your Sirvoy user account, facilitate payment transactions you have authorised, and provide any onboarding support you request during a free-trial period. When Sirvoy processes guest or booking data solely on behalf of a hotel or similar entity using our system, that entity is the data controller and determines the lawful basis under Article 6; in those circumstances Sirvoy acts exclusively as a data processor, handling your personal data only in accordance with the controller’s documented instructions and the requirements of Article 28 GDPR.
  2. Consent (Article 6(1)(a) GDPR & e-Privacy Directive): We rely on your freely given, specific, informed and unambiguous consent for certain processing activities. This includes the use of analytics, advertising and performance cookies; sending promotional emails; personalised advertising (including retargeting and look-alike audiences); and WhatsApp marketing or profiling. Where we process special-category data, we will obtain your explicit consent. You may withdraw your consent at any time via the “unsubscribe” link in any promotional message, by updating your cookie settings in our website footer, or by emailing dpo@sirvoy.com without affecting the lawfulness of any processing carried out before withdrawal
  3. Legitimate Interests (Article 6(1)(f) GDPR): We process personal data to further our legitimate interests in commercial activities, provided these interests are not overridden by your fundamental rights and freedoms. This includes:
    • Operating our business and the Online Services.
    • Providing security for our websites, products, software, or applications.
    • Improving our services and developing new features.
    • Sending service-related communications, such as account management messages and reactivation campaigns for expired trial clients, as this is related to a service you initiated and expect updates on.
    • Receiving payments and preventing fraud.
    • Knowing the customer to whom we are providing the Online Services.
    • Using phone numbers for direct onboarding support and system setup during trials, as this ensures successful trial usage and client satisfaction.
  4. Legal Obligation (Article 6(1)(c) GDPR): Certain personal data must be processed and retained to comply with legal and regulatory obligations, such as financial record-keeping, reporting requirements, or responding to lawful requests from public authorities.

Your Rights

You have several choices available when it comes to information about you. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note that certain information may be exempt from such requests in some circumstances if we need to keep processing your information for our legitimate interests or to comply with a legal obligation.

If these rights apply to you, they may permit you to request that we:

  • Right to Information: Request information about the collection and use of your personal data.
  • Right of Access: Request to access a copy of the personal data we hold about you.
  • Right to Rectification: Request to correct inaccurate or incomplete personal data we maintain about you.
  • Right to Erasure (Right to be Forgotten): Request the deletion of certain information we hold about you, unless retention is required by law or other legitimate reasons.
  • Right to Restriction of Processing: Request to restrict the way that we process and disclose certain of your information.
  • Right to Data Portability: Request the transfer of your information to a third-party provider of services.
  • Right to Object: Object to the processing of your personal data, particularly when processing is based on legitimate interests or for direct marketing purposes (including profiling).
  • Right to Withdraw Consent: Where Sirvoy is processing your personal data based on your consent, you are entitled to withdraw that consent at any time, subject to applicable law. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

For more information on how to exercise these rights, please contact our Data Protection Officer at dpo@sirvoy.com. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.

In instances where we process personal information on behalf of our customer (e.g., when a hotel uses our System), rights requests should be directed to the relevant customer (the hotel). Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded to that customer.

Data Retention Periods

Sirvoy is committed to retaining personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws and regulations. We adhere to the principle of data minimization, ensuring that only the necessary amount of personal data is collected and processed.

Once the retention period expires, personal data will be securely deleted or anonymized to prevent unauthorized access and ensure compliance with GDPR.

  • Customer Account Information: We retain your account data for as long as your account is active and for 2 years after your last interaction to resolve disputes and manage our relationship, in line with our legitimate interests [Data retention, Customer Services Department].
  • Financial and Transaction Data: Invoices, billing information, and transaction records are retained for 6 years plus the current year, as required by Irish company and tax law [Data retention, Finance Department].
  • Marketing Data: Information used for marketing purposes is retained for 24 months following your last interaction with us, unless you withdraw your consent sooner [Data retention, Marketing Department].
  • Credit Card Information: Credit card details processed for bookings are deleted 30 days after the guest’s check-out date.

International Data Transfers

We store most personal data on servers in Ireland and elsewhere in the EEA. Some service providers may access or process personal data in third countries—including the United States and Japan—for purposes such as support, reliability, analytics and, where you consent, advertising/retargeting.

Where the recipient is EU-U.S. Data Privacy Framework-certified, we rely on that adequacy decision. For Japan, we rely on the EU’s adequacy decision. In other cases, we use the European Commission’s Standard Contractual Clauses, supported by transfer impact assessments and supplementary measures (e.g., encryption and strict access controls). Our current vendors and their locations are listed on our Sub-processors/Vendors page, and you can request a copy of the relevant safeguards. We review our transfer mechanisms regularly and only permit processing outside the EEA (and, where relevant, the UK and Switzerland) where an adequate level of protection or appropriate safeguards are in place

Data We Process on Behalf of Our Customers

We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Identity Data, and other sensitive information necessary to generate legal documents or manage bookings. We process such data only in accordance with our customers’ instructions. For such data, the customer is the «data controller» (for purposes of GDPR) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer directly. If we receive any rights requests concerning instances where we act as data processor, we will forward your query to the relevant customer. Sirvoy is authorized to act as the “data processor” of personal data on behalf of the customer, who will be the “data controller” of such data. The customer may request a data processing agreement (DPA) from Sirvoy to supplement these terms and conditions.

We may also collect the information of third-party individuals on behalf of our customers (e.g., guests whose payments are recorded or put through using Sirvoy’s platform). Sirvoy primarily uses this information for the purpose of administering and improving its services for our customers.

Third-Party Websites

Our Website may contain links to third-party websites. These links are provided solely as a convenience to you. Sirvoy has no control over the legal documents and privacy practices of third-party websites; as such, you access any such third-party websites at your own risk. This Privacy Policy applies only to Sirvoy Online Services and not to other websites accessible from Sirvoy or that you use to access Sirvoy. It is your responsibility to review the privacy policies of non-Sirvoy websites.

Policy Changes

Although most changes are likely to be minor, Sirvoy may change its Privacy Policy from time to time. Sirvoy encourages visitors to frequently check this page for any changes to its Privacy Policy. If we make any material changes to the ways we collect, use or share your personal data, we will notify you in advance by email or in-app notice or and, where those changes affect processing that relies on your consent, we will ask you to review and actively re-confirm your choices before those changes take effect. 

Data Protection Officer (DPO) Contact Information

Sirvoy Limited has appointed a Data Protection Officer (DPO) to oversee compliance with data protection laws and to handle any queries or concerns you may have regarding your personal data.

You can contact our DPO at:
Email: dpo@sirvoy.com

Our DPO is responsible for ensuring that your personal data is processed in compliance with applicable data protection laws, including GDPR. Should you have any questions about this privacy policy or the way your personal data is handled, please reach out to our DPO using the contact information provided above.

Translations

This Privacy Policy has been originally drafted in English. Any translations into other languages are provided for convenience only. In the event of any inconsistency or ambiguity between a translated version and the English version, the English version shall prevail.