Last updated: 6 January 2026
Privacy Policy
Privacy Policy
Introduction
Guestpulse Ltd. (“Guestpulse”, “we”, “us”, or “our”) is committed to protecting your privacy and handling personal data in a transparent, secure, and lawful manner.
This Privacy Policy explains how we collect, use, disclose, store, and otherwise process personal data:
when you visit our website;
when you contact us, request a demo, register for events, or otherwise interact with us;
when we provide our software-as-a-service platform and related services to our customers; and
when we process personal data in connection with integrations, analytics, support, security, and legal compliance.
For the purposes of this Privacy Policy, “personal data” means any information relating to an identified or identifiable natural person.
We may update this Privacy Policy from time to time to reflect changes in our services, technology, legal obligations, or business practices. Where required, we will notify you of material changes. The latest version will always be published on our website.
Who We Are
Guestpulse Ltd. is a private limited company incorporated in Ireland.
Company name: GUESTPULSE LIMITED
Company registration number: 805313
Registered office: 18 Mallow Street Upper, Limerick, LIMERICK, V94N12Y, Ireland
Website: www.guestpulse.com
Privacy contact: legal@guestpulse.com
Guestpulse provides software and data services for the hospitality industry, including a customer data platform that helps hotels integrate, transform, analyze, and visualize data from multiple operational and marketing systems in a secure, unified environment.
Our Role Under Data Protection Law
- 3.1. When we act as a controller
We act as a controller when we determine the purposes and means of processing personal data for our own business purposes, for example when we:
operate our website;
respond to inquiries or demo requests;
manage our business relationships;
send service-related or marketing communications;
administer events, partnerships, and recruitment;
maintain security, compliance, and internal records.
- 3.2. When we act as a processor
We act as a processor when we process personal data on behalf of our hotel customers in connection with the provision of our platform and services.
our customer is typically the controller;
we process personal data only on the customer’s documented instructions, subject to applicable law; and
our processing is governed by our customer contract and any applicable Data Processing Agreement.
If you are a guest, contact, or other individual whose data is processed by a hotel customer through our platform, you should direct privacy requests to the relevant hotel first. We will assist our customers in responding to valid requests where required by law and contract.
- 3.1. When we act as a controller
What Information We Collect and Process
- 4.1. Information you provide directly to us
We may collect personal data that you voluntarily provide, including when you submit a contact form, request a demo, subscribe to updates, register for an event, or communicate with us. This may include:
first and last name;
business email address;
telephone number;
company name;
job title;
country or region;
the contents of your message or request; and
any other information you choose to provide.
- 4.2. Website and device information
When you visit our website, we may automatically collect certain technical and usage information, such as:
IP address or masked IP address;
browser type and version;
device type and operating system;
pages viewed and navigation paths;
date and time of access;
referring URLs;
approximate location derived from IP address; and
diagnostic, analytics, and performance information.
- 4.3. Account, user, and customer relationship information
If you or your organization use our services, we may collect and process:
account registration information;
user profile and login details;
support communications;
billing and contract administration information;
service configuration and integration settings; and
records relating to your use of our platform.
- 4.4. Usage and log data
When our platform is used, we may collect usage and log data, including:
login activity;
timestamps;
feature usage;
system events;
audit logs;
device and browser information;
error logs; and
security-related activity.
- 4.5. Customer data processed on behalf of hotel clients
As part of providing our platform, we may process personal data on behalf of our hotel customers. Depending on the customer’s implementation and instructions, this may include:
guest names;
contact details;
reservation and stay history;
transactional and spend data;
loyalty information;
customer service interactions;
marketing engagement data;
segmentation attributes;
preference data; and
other hospitality-related customer records.
- 4.6. Social media, advertising, and API-based data
Where enabled by a customer, our platform may ingest data made available through authorized integrations or APIs, including from platforms such as Meta, TikTok, LinkedIn, and similar services. Depending on the integration, this may include:
page or account-level analytics;
aggregated engagement data;
campaign performance metrics;
audience statistics;
lead or conversion data made available by the platform; and
identifiers or metadata provided through the relevant API.
- 4.7. Information from other sources
We may receive personal data from:
our customers;
service providers and integration partners;
publicly available business sources;
event or co-marketing partners; and
other third parties where permitted by law.
- 4.1. Information you provide directly to us
How We Use Personal Data
- 5.1. To provide and operate our website and services
We use personal data to:
operate, maintain, and administer our website and platform;
create and manage accounts;
enable integrations and dashboards;
provide customer support;
process transactions and administer contracts; and
deliver requested products, demos, or services.
- 5.2. To communicate with you
We use personal data to:
respond to inquiries and demo requests;
send service, account, billing, and support communications;
provide onboarding and customer success support;
send event-related messages; and
communicate about relevant products or services, subject to applicable law.
- 5.3. To improve and develop our services
We use personal data, usage information, and analytics to:
understand how our website and platform are used;
troubleshoot issues and fix bugs;
improve user experience, performance, and security;
develop new features, products, and integrations; and
generate aggregated and de-identified insights.
- 5.4. To maintain security and prevent misuse
We use personal data to:
authenticate users;
monitor system access and activity;
detect, investigate, and prevent fraud, misuse, and security incidents;
enforce our contractual terms and acceptable use requirements; and
protect the rights, property, and safety of Guestpulse, our customers, and others.
- 5.5. To comply with legal obligations
We may process personal data to:
comply with applicable laws, regulations, and lawful requests;
maintain tax, accounting, and corporate records;
establish, exercise, or defend legal claims; and
support audits, investigations, or compliance reviews.
- 5.6. For marketing and business development
Where permitted by applicable law, we may use business contact information to send information about our products, services, events, or content that we believe may be relevant to you. You can opt out of marketing communications at any time using the unsubscribe link in our emails or by contacting us.
- 5.1. To provide and operate our website and services
Legal Bases for Processing
Where the UK GDPR, EU GDPR, or similar laws apply, we rely on one or more of the following legal bases:
Performance of a contract: where processing is necessary to enter into or perform a contract with you or your organization.
Legitimate interests: where processing is necessary for our legitimate business interests, such as operating and improving our services, securing our systems, responding to inquiries, and promoting our business, provided those interests are not overridden by your rights and freedoms.
Consent: where we rely on your consent, for example for certain cookies or certain marketing activities where required by law.
Legal obligation: where processing is necessary to comply with legal or regulatory obligations.
If we process personal data for a purpose that is materially different from the purpose for which it was originally collected, we will ensure there is an appropriate legal basis for that further processing.
How We Share Personal Data
- 7.1. Service providers and subprocessors
We may share personal data with trusted third-party service providers that support our business and services, including providers of:
cloud hosting and infrastructure;
analytics;
customer support tools;
CRM or communication tools;
security and monitoring services;
payment or invoicing services; and
integration or technical support services.
- 7.2. Customers and customer-authorized parties
Where we act as a processor, personal data may be disclosed to or made available to the relevant customer and persons authorized by that customer.
- 7.3. Business transfers
If Guestpulse is involved in a merger, acquisition, financing, reorganization, sale of assets, or similar corporate transaction, personal data may be disclosed as part of that process, subject to appropriate safeguards.
- 7.4. Legal and regulatory disclosures
We may disclose personal data where necessary to:
comply with a legal obligation;
respond to lawful requests by public authorities, regulators, or courts;
enforce our agreements;
investigate fraud, security issues, or unlawful activity; or
protect our rights, users, customers, or the public.
- 7.5. Professional advisers
We may share personal data with our legal, accounting, insurance, and other professional advisers where necessary for legitimate business or legal purposes.
- 7.1. Service providers and subprocessors
International Data Transfers
Guestpulse may process and store personal data in the European Economic Area, the United Kingdom, and other jurisdictions where we or our service providers operate.
Where personal data is transferred outside the EEA or UK, we implement appropriate safeguards as required by applicable law, which may include:
the European Commission’s Standard Contractual Clauses;
the UK International Data Transfer Addendum or other approved UK transfer mechanism;
adequacy regulations or adequacy decisions; and
supplementary technical, contractual, and organizational safeguards where appropriate.
You may contact us for more information about the safeguards we use for international transfers.
How We Store and Protect Personal Data
We implement appropriate technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
These measures may include:
encryption in transit and at rest;
access controls based on roles and least privilege;
multi-factor authentication;
secure cloud infrastructure;
monitoring and audit logging;
data minimization practices;
vulnerability management and security reviews; and
policies, training, and internal procedures relating to privacy and security.
No method of transmission or storage is completely secure. However, we take reasonable and appropriate steps to protect personal data in line with industry standards and legal requirements.
Data Retention
We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, including to:
provide our services;
fulfil contractual obligations;
maintain business and financial records;
comply with legal, tax, accounting, and regulatory requirements;
resolve disputes; and
enforce our agreements.
Retention periods may vary depending on the type of data, the context in which it was collected, and applicable legal obligations.
When personal data is no longer needed, we will delete, anonymize, or securely isolate it, unless continued retention is required or permitted by law.
Data Subject Rights
Depending on your location and applicable law, you may have the right to:
request access to your personal data;
request correction of inaccurate or incomplete data;
request deletion of your personal data;
request restriction of processing;
object to processing based on legitimate interests;
withdraw consent where processing is based on consent;
request data portability; and
lodge a complaint with a competent supervisory authority.
If we process personal data on behalf of one of our customers, you should contact the relevant customer directly in the first instance. We will assist our customers with valid requests as required by law and contract.
To exercise your rights, please contact: legal@guestpulse.com
We may need to verify your identity before acting on a request. We will respond within the timeframe required by applicable law, usually within one month unless an extension is permitted.
API and Platform Data Compliance
Where our services process data obtained through third-party platforms or APIs, and where applicable law requires it, we support appropriate data subject rights and compliance processes, including:
access;
rectification;
erasure;
restriction;
portability; and
objection.
We maintain operational safeguards such as:
internal request handling procedures;
audit logs;
secure deletion processes; and
contractual data protection commitments.
Where we act as a processor, we support the relevant customer, as controller, in fulfilling such obligations without undue delay, subject to the terms of our agreements and technical feasibility.
Cookies and Similar Technologies
We use cookies and similar technologies on our website to support functionality, remember preferences, analyze traffic, and improve performance.
These technologies may include:
strictly necessary cookies;
preference or functionality cookies;
analytics cookies; and
social media or embedded-content related technologies.
Where required by law, we will obtain your consent before placing non-essential cookies on your device.
You can manage cookie preferences through your browser settings and, where available, through our cookie banner or cookie settings tool. For more detailed information, you may wish to publish a separate Cookie Policy.
Social Media Features and External Services
Our website may include social media buttons, embedded content, and third-party features. These services may collect information such as your IP address, browser data, and details about your interaction with the relevant page, and may set cookies or similar technologies.
Your use of such third-party features is subject to the privacy policies of the relevant third parties, and we encourage you to review those policies.
Third-Party Websites
Our website or services may contain links to third-party websites, services, or content. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy notices before providing personal data.
Children’s Privacy
Our website and services are intended for business users and are not directed to children. We do not knowingly collect personal data directly from children through our website or services for our own purposes.
To the extent our customers use our platform to process data relating to minors, they are responsible for ensuring they have an appropriate legal basis and comply with applicable law.
If you believe we have collected personal data from a child inappropriately, please contact us and we will take appropriate steps.
Complaints
If you have concerns about how we handle personal data, we encourage you to contact us first so that we can try to resolve the issue.
You also have the right to lodge a complaint with the data protection authority in your country or region, including the Irish Data Protection Commission where applicable.
Contact Us
If you have any questions about this Privacy Policy or our privacy practices, please contact us:
GUESTPULSE LIMITED
Company Registration Number: 805313
18 Mallow Street Upper, Limerick, LIMERICK, V94N12Y, Ireland
Email: legal@guestpulse.com
Website: www.guestpulse.com