Introduction
As a service provider in the channel management and online booking space, we take protection of information seriously. Please read this policy, as it outlines how we use personal data that you provide to us or that we collect from you.
If you use our websites, our API or our services, either as client, or as a guest making a booking with one of our accommodation clients, you agree to this Privacy Policy.
This Privacy Policy may change periodically so please check back in for updates. If you continue using our products or services after we make changes, it is deemed to be acceptance of those changes.
If you have any questions about the policy or about your data, please use the details in the Contact Us section.
Who are we?
Our legal entity is Logos Ethos and Pathos Consulting (Pty) Ltd, trading as NightsBridge, registered in South Africa.
NightsBridge offers web applications, as well as software, to assist accommodation owners with managing their bookings. We supply solutions for front-office administration (a Property Management System or PMS); for the connection of availability and rates to online travel agents (Channel Management); for payment processing; and for facilitating realtime bookings for our clients’ guests (Online Booking Engine).
The information we collect:
Personal data is information that can be used to uniquely identify or contact a single person. We will collect and process information needed to create or manage our clients’ bookings and business administration, in order to provide our services.
This includes personal data that guests making bookings provide to our clients, or to any online travel agency relating to a guest’s booking. It also includes data we, or our clients, are obliged to collect according to government regulations.
Personal data we process may include, but is not limited to: name, address, e-mail address, phone number and credit card information, ID or passport number, records of our interactions and travel information.
We will hold your personal data on our systems for as long as is reasonable for contracting, fiduciary responsibilities or statutory obligations.
How do we collect your information?
We get information from you directly when you communicate with us by phone, e-mail or through our website. Examples might be to ask about our service or signing up as a client. Or, when you have a query or report a website problem.
If you make a booking via the NightsBridge engine on our clients’ websites, we record and store that information for our client.
When you use our web services, we collect technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser versions and operating system and platform. As a client, we collect your login information.
The travel agents or travel sites that take bookings on behalf of our clients (channel management integrations), pass guest information and travel arrangements to our clients via our interface.
When you use the services we connect to, e.g. payment providers, we collect the data required to conclude the transaction.
Our clients collect information about their guests that we store, as part of our service.
How might we use your information?
We use data for the purposes of concluding a contract the data subject is party to. An example is the processing of guest data to secure a booking with an accommodation provider, or clients agreeing to use our channel management services.
As a client, to provide you with advice, notices, information, products or services you expect from us. Or to tell you about other services or goods we may offer or integrate with, that are similar or complementary to the service we’re already providing you.
We might use your information for internal operations and product improvements, data analysis or testing. Should we use information for research, statistical or survey purposes, we aggregate the data in a manner which safeguards your personal and business anonymity.
We use data from third party agents to facilitate payment processing, booking and other services like guest communication, on behalf of our clients’, as an agreed service.
How do we process your information?
We do not own or manage our clients’ booking information. We merely provide the software platform our clients use to process guest bookings and manage related business functions.
Our clients (the guesthouse, B&B or hotel owner or manager), enters their information into our system directly and maintain that data themselves.
We deliver data between our clients and their online travel agent (OTA) connections. We also offer integrations to some third party systems, e.g. Point-Of-Sale or Financial Accounting.
To provide these services, we must process your personal data as a guest or client and, from time to time, collect and use your personal data in order to make contact with you related to our support, training or maintenance services.
While we advise our clients on best practice regarding data collection, we recommend that you review the privacy policy for the establishment you work with. Use of our products and services is based on acceptance of our terms of use and privacy policies.
Conditions for sharing your information
Any data in our clients’ systems, belongs to the client. We do not share or market any guest information. We only share or process data in a client system, with permission or written instruction from the client.
When clients do ask us to forward data to additional parties, for example a third party service like guest communication systems or an accounting package, we advise the client of their responsibility with regards to data protection compliance.
We ask any partners connecting to us via API or other integrations, to sign a Non-Disclosure Agreement which prohibits the partner from porting data outside of the agreed terms between NightsBridge and the partner, or our client and the partner.
We may share your personal information with:
- An affiliate, in which case we will seek to require the affiliates to honour this privacy and personal information policy;
- Credit bureaus to report account information, as permitted by law.
- by a subpoena or court order;
- to comply with any law;
- to protect the safety of any individual or the general public; and
- to prevent violation of our service terms.
We may need to disclose personal information to our employees that require the personal information to do their jobs.
If we should undergo a change in ownership, or a sale of assets to another entity, we may assign our rights to the personal information we process to a successor, purchaser, or separate entity. We will disclose the transfer on the website. If you are concerned about your personal information migrating to a new owner, you may request us to delete your personal information.
Security of personal information
We take reasonable measures to secure your personal or payment information from accidental loss and from unauthorised access, use or alteration. Generally we use computer safeguards such as firewalls and data encryption.
We authorise access to personal information only for those employees who require it to fulfill their job responsibilities. We require our staff to review safety protocols and implement secure processes. Our technical team monitors security standards on employee workstations.
Please be aware that no security measures are perfect or impenetrable. We cannot control the actions of the recipients you connect to, who may forward them to other third parties or otherwise disclose them. The safety and security of your information also depends on you. Although we take efforts to protect your personal information, we cannot guarantee the security of your personal information transmitted to a website. Any transmission of personal information is at your own risk.
Some of our clients store guest data and other personal information offline, via our downloaded software. We do not accept responsibility for data breaches at the offline software environment as we have no control over access at these locations. We recommend that clients get professional advice to ensure their infrastructure and environment is secure.
Client responsibility advisory
We reserve the right to suspend a client connection with immediate effect where we suspect that data protection policies are being violated.
Our subscriber policy
We only communicate with our clients to advise on changes or updates to our system, or to provide education material. Email addresses and personal data that individuals consent to provide us with, is only used for contacting the individual with business related information. We do not port private information to other data collectors.
Should an individual wish to no longer receive our correspondence, they can unsubscribe at any time.
Keeping data accurate and up to date
We will try to keep the personal information we collect as accurate, complete and up to date as is necessary for the purposes explicitly defined in this policy. From time to time we will request you to update your personal information on our system.
You are able to review or update any personal information that we hold on you by accessing your account online, by emailing us, or by phoning us. Please note that in order to better protect you and safeguard your personal information, we take steps to verify your identity before granting you access to your account or making any corrections to your personal information.
Retention of personal information
We will only retain your personal information for as long as we determine is necessary to fulfill the purposes explicitly set out in this policy, or a period reasonably required in the legitimate interest of our business activities.
During the period of retention, we will continue to abide by our obligations. Unless explicitly directed otherwise, your access of our website or use of our services is deemed consent to retain records of the information outlined in this privacy and personal information policy.
Transfer of personal information outside South Africa
We may transmit or transfer personal information outside South Africa to a foreign country. Personal information may be stored on servers located outside South Africa in a foreign country whose laws protecting personal information may not be as stringent as the laws in South Africa. You consent to us processing your personal information in a foreign country whose laws regarding processing of personal information may be less stringent.
Limitation
We are not responsible for, give no warranties, nor make any representations in respect of the privacy policies or practices of linked or any third party websites.
Contact Us
If you have any questions or concerns arising from this privacy & personal information policy or the way in which we handle personal information, please contact us at:
Company Name: NightsBridge
Company Tel: +27 21 790 9910
Company Address: 62 Victoria Ave, Hout Bay, 7872 South Africa
Company Email: info@nightsbridge.co.za
View our PAIA Manual.