Privacy Policy
Effective date: 25 April 2026 · Last updated: 25 April 2026
1. Who we are
Zoomie ("Zoomie", "we", "us") is a hotel CRM and guest-communication platform operated by [Owner Name], a sole proprietor based in [City, Country]. (This will be replaced by the registered company name once Zoomie is incorporated.) You can reach us at [email protected].
2. What Zoomie does
Zoomie consolidates guest messages from WhatsApp, Instagram, Messenger, and email into a single workspace for hotel staff. An AI assistant powered by Anthropic's Claude API drafts replies, answers common questions from the hotel's knowledge base, and creates operational tasks (housekeeping, maintenance, services) for staff to action. Zoomie also integrates with property management systems such as Cloudbeds for room availability and reservation lookup.
3. Information we collect
3.1 From hotel staff (account holders)
- Name, email address, password (stored as a salted hash).
- Hotel role and permissions, language preference, notification preferences.
- IP address and user-agent on security-sensitive actions, for the audit log.
3.2 From hotel guests (data subjects of our customers)
Provided by the hotel or sent by the guest through a connected channel:
- Name and any notes the hotel records.
- Per-channel contact identifiers: WhatsApp phone number, email address, Instagram user ID, Facebook Messenger PSID.
- Stay information: check-in/check-out dates, room number, PMS reservation ID.
- Conversation and email history exchanged via WhatsApp, Instagram, Messenger, or email.
- Image attachments sent during conversations (re-encoded with EXIF metadata stripped before storage).
- Tasks the hotel logs against the guest (service requests, complaints, etc.).
3.3 From connected Google accounts
When a hotel connects its Google Workspace or Gmail mailbox to Zoomie, we collect:
- The hotel's Gmail address.
- An OAuth access token and refresh token (stored encrypted at rest using a Fernet symmetric cipher).
- The content and metadata of guest emails read via the
gmail.readonlyscope, and replies sent on the hotel's behalf via thegmail.sendscope.
4. Google API Services User Data Policy — Limited Use
Zoomie's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- We use Gmail data only to display the hotel's guest emails inside Zoomie's inbox and to send replies authorised by the hotel.
- We do not transfer Gmail data to third parties except as needed to provide or improve the service, comply with applicable law, or as part of a merger, acquisition, or sale of assets with continued protections.
- We do not use Gmail data for advertising.
- We do not allow humans to read Gmail data, except (a) with the hotel's explicit consent for support, (b) for security or abuse investigations, (c) to comply with applicable law, or (d) where the data has been aggregated and anonymised.
- We do not use Gmail data to develop, improve, or train generalised or non-personalised AI/ML models. Gmail message content is sent to our LLM providers (Anthropic Claude, with OpenAI GPT-4o as a fallback) at inference time only, solely to generate replies for the same hotel that owns the message. Both providers operate under zero-retention API terms and do not retain content for training.
5. How we use information
- To provide and operate the Zoomie service (route messages, draft AI replies, sync emails, sync rooms with Cloudbeds).
- To build a hotel-specific knowledge base that answers future guest questions for that hotel only.
- To notify staff of new conversations, tasks, and bookings.
- To debug, monitor, and secure the service.
- To comply with legal obligations.
6. Sharing with third parties
Zoomie shares the minimum necessary data with the following processors. Each is bound by its own terms of service and privacy obligations:
| Processor | Purpose | What we share |
|---|---|---|
| Meta (WhatsApp, Instagram, Messenger) | Send and receive guest messages | Guest channel ID, message content, attachments |
| Google (Gmail API) | Read inbound and send outbound hotel email | Hotel mailbox content via authorised OAuth |
| Cloudbeds | Property management integration | Reservation IDs, room queries, guest stay data |
| Anthropic (Claude API) | AI reply drafting and task extraction | Conversation content, knowledge-base context |
| OpenAI (GPT-4o, fallback only) | AI reply drafting when Claude is unavailable | Conversation content, knowledge-base context |
| Cloudflare R2 | Image and attachment storage | Re-encoded images (EXIF stripped) |
| Render.com | Application hosting, PostgreSQL database, Redis | All operational data at rest |
| Sentry | Error monitoring | Stack traces, request metadata (no message bodies) |
| 2C2P | Payment gateway (future feature, scaffolded only) | Payment transaction data, when enabled |
We do not sell personal data. We do not share data for advertising purposes.
7. Data retention
- OAuth tokens for connected Gmail accounts are stored until the hotel disconnects the account from Zoomie or revokes access at myaccount.google.com/permissions.
- Gmail message bodies and metadata are cached for the lifetime of the hotel's account so staff can view email history. Hotels may request earlier deletion by emailing support.
- Conversation history, guest profiles, and tasks are retained for the lifetime of the hotel's account.
- On account deletion we remove personal data within 30 days, except where retention is required by law (e.g. financial records).
8. How to access, correct, or delete your data
- Hotel staff can edit their own profile, guest records, and connected channels from the Zoomie dashboard.
- To disconnect a Gmail account: Settings → Email → Disconnect, or revoke at myaccount.google.com/permissions.
- To request a data export or full account deletion: see the Data Deletion Request page for the process and what to include in your email. We respond within 30 days.
- Guests whose data is processed by a hotel using Zoomie should contact that hotel directly; we will assist the hotel as their data processor.
9. Security
- OAuth tokens are encrypted at rest with Fernet symmetric encryption using a key separate from the database.
- All traffic is encrypted in transit over HTTPS.
- The application runs on Render.com with managed PostgreSQL and automated daily backups.
- Access to production systems is restricted to the Zoomie operator and is logged.
- Multi-factor authentication is required for staff accounts via django-allauth MFA.
10. International data transfers
Zoomie's primary infrastructure is hosted with Render.com. LLM API calls (Anthropic, OpenAI) are processed in the United States. By using the service the hotel acknowledges that personal data may be transferred across borders to the regions where these processors operate.
11. Children
Zoomie is a business-to-business service for hotel staff. It is not directed at children under 16, and we do not knowingly collect personal data from children.
12. Your rights
Subject to applicable law (including Thailand's PDPA, Singapore's PDPA, the EU GDPR, and the UK GDPR where they apply), data subjects have the right to access, correct, delete, restrict, or port their personal data, and to object to processing. Submit requests to [email protected].
13. Changes to this policy
We may update this policy as the service evolves. We will post changes on this page and update the "Last updated" date. For material changes affecting how we process Gmail data we will notify connected hotel admins by email at least 30 days before the change takes effect.
14. Contact
Questions, requests, or complaints? Email [email protected]. A registered postal address will be added once Zoomie is incorporated.