Cookies | Concierge

Privacy & Data Protection Policy

Last update: November 2025

INTRODUCTION

Futura (“we”, “our”, “us”) is committed to protecting the privacy and personal data of all users, clients, and guests who interact with our platform, website, and AI services.
This Privacy & Data Protection Policy explains how we collect, process, store, and protect personal information in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and other applicable data protection laws.
By using Futura’s services, you acknowledge that you have read and understood this policy and agree to the practices described herein.

DATA CONTROLLER

The Data Controller responsible for processing your personal data is:
Thehootels.app GmbH
Registered Office: A-9141 Eberndorf, Bleiburgerstr. 20
Email: info@the-concierge.ai
If you have any questions regarding this Policy or wish to exercise your rights, please contact our Data Protection Officer (DPO) at the same address.

DATA WE COLLECT
Futura collects only the data necessary to provide and improve its services. The types of data collected include:
a. Hotel and Partner Data

Business name, contact details, and operational information
Staff accounts, credentials, and role-based permissions
Integration data (property management systems, CRM tools, APIs)

b. Guest Data

Name, contact information (email, phone), and booking reference
Communication history (messages, requests, preferences)
Hotel stay details (check-in/check-out dates, room preferences, service requests)
Optional personal preferences voluntarily shared by the guest

c. Technical Data

IP address, device identifiers, browser type, and session data
Usage logs and analytics necessary for performance and diagnostics
Cookies and similar tracking technologies (see Section 10)

Futura does not intentionally collect or process sensitive data (such as health information or political opinions) unless voluntarily provided and strictly necessary for service delivery.

PURPOSE AND LEGAL BASIS FOR PROCESSING

Futura processes personal data only for legitimate business purposes, including:

Service delivery – to provide AI-driven communication, concierge, and guest assistance services.
Performance of a contract – to manage agreements with hotels, partners, and guests.
Customer support and system maintenance – to respond to requests, feedback, and technical issues.
Service improvement – to enhance Futura’s AI capabilities within each hotel’s private environment.
Legal compliance – to fulfill obligations under applicable laws and regulations.

The lawful bases for processing are Article 6(1)(a) (consent), (b) (contract performance), and (f) (legitimate interest) of the GDPR.

DATA RETENTION

Futura retains personal data only as long as necessary for the purposes described above or as required by law.

Guest communication data is typically retained for up to 24 months after the end of the stay.
Hotel and partner account data may be retained for the duration of the contract plus up to 5 years for legal compliance and audit purposes.
Anonymized analytical data may be stored indefinitely for statistical purposes.

Once data is no longer required, it is securely deleted or anonymized.

DATA SHARING AND TRANSFERS
Futura does not sell, rent, or disclose personal data to third parties for marketing purposes.
We may share limited data only with:

Authorized service providers (e.g., hosting providers, system integrators) strictly for operational purposes;
Legal authorities, if required by law or court order;
Hotel partners, solely for managing the guest’s booking and experience.

All third-party processors are bound by data processing agreements compliant with Article 28 of the GDPR.
Data is hosted within the European Union and not transferred outside the EEA unless equivalent safeguards (such as Standard Contractual Clauses) are in place.

DATA SECURITY

Futura employs industry-standard security measures to protect all data against loss, misuse, or unauthorized access, including:

Encryption at rest and in transit (TLS 1.3, AES-256)
Access control and authentication protocols
Network segmentation and intrusion detection
Regular penetration testing and vulnerability assessments

In the event of a data breach, Futura will notify affected parties and relevant supervisory authorities as required under Articles 33 and 34 of the GDPR.

RIGHTS OF DATA SUBJECTS

Under the GDPR, you have the following rights regarding your personal data:

Right of access – to know what data we hold about you.
Right to rectification – to correct inaccurate or incomplete data.
Right to erasure (“right to be forgotten”) – to request deletion of your data where legally possible.
Right to restriction of processing – to limit how your data is used.
Right to data portability – to receive your data in a structured, machine-readable format.
Right to object – to processing based on legitimate interests.

To exercise these rights, contact us at: privacy@futuratech.ai.
We will respond to all valid requests within 30 days as required by GDPR.

AI AND AUTOMATED DECISION-MAKING

Futura’s AI system is designed to assist hospitality interactions, not to make binding decisions affecting individuals.
All automated responses are supervised by trained models and human editorial oversight to ensure accuracy, tone, and compliance.
Futura does not use personal guest data to train external AI models or share training data with third parties.

COOKIES AND TRACKING

Futura’s website and dashboard may use cookies or similar technologies to:

Improve user experience
Remember session preferences
Analyze website traffic and usage patterns

You can manage cookie preferences through your browser settings or our cookie banner.
Essential cookies required for the site’s operation cannot be disabled.
For more details, refer to our Cookie Policy (available on the website footer).

CHILDTREN'S DATA

Futura’s services are not directed at individuals under 16 years of age.
We do not knowingly collect personal data from minors.
If such data is discovered, it will be promptly deleted upon notification.

UPDATES TO THIS POLICY

Futura reserves the right to update this Privacy & Data Protection Policy from time to time.
Any changes will be published on this page with an updated “Last Modified” date.
We encourage users to review this Policy periodically to stay informed about our practices.

CONTACT INFORMATION

If you have questions, requests, or concerns about your personal data, please contact us at:
thehootels.app GmbH
Email: info@the-concierge.com
Address: A-9141 Eberndorf, Bleiburgerstr. 20

Privacy & Data Protection Policy

Last update: November 2025

Business name, contact details, and operational information

Staff accounts, credentials, and role-based permissions

Integration data (property management systems, CRM tools, APIs)

b. Guest Data

Name, contact information (email, phone), and booking reference

Communication history (messages, requests, preferences)

Hotel stay details (check-in/check-out dates, room preferences, service requests)

Optional personal preferences voluntarily shared by the guest

c. Technical Data

IP address, device identifiers, browser type, and session data

Usage logs and analytics necessary for performance and diagnostics

Cookies and similar tracking technologies (see Section 10)

Service delivery – to provide AI-driven communication, concierge, and guest assistance services.

Performance of a contract – to manage agreements with hotels, partners, and guests.

Customer support and system maintenance – to respond to requests, feedback, and technical issues.

Service improvement – to enhance Futura’s AI capabilities within each hotel’s private environment.

Legal compliance – to fulfill obligations under applicable laws and regulations.

The lawful bases for processing are Article 6(1)(a) (consent), (b) (contract performance), and (f) (legitimate interest) of the GDPR. DATA RETENTION Futura retains personal data only as long as necessary for the purposes described above or as required by law.

Guest communication data is typically retained for up to 24 months after the end of the stay.

Hotel and partner account data may be retained for the duration of the contract plus up to 5 years for legal compliance and audit purposes.

Anonymized analytical data may be stored indefinitely for statistical purposes.

Once data is no longer required, it is securely deleted or anonymized. DATA SHARING AND TRANSFERS Futura does not sell, rent, or disclose personal data to third parties for marketing purposes. We may share limited data only with:

Authorized service providers (e.g., hosting providers, system integrators) strictly for operational purposes;

Legal authorities, if required by law or court order;

Hotel partners, solely for managing the guest’s booking and experience.

Encryption at rest and in transit (TLS 1.3, AES-256)

Access control and authentication protocols

Network segmentation and intrusion detection

Regular penetration testing and vulnerability assessments

In the event of a data breach, Futura will notify affected parties and relevant supervisory authorities as required under Articles 33 and 34 of the GDPR. RIGHTS OF DATA SUBJECTS Under the GDPR, you have the following rights regarding your personal data:

Right of access – to know what data we hold about you.

Right to rectification – to correct inaccurate or incomplete data.

Right to erasure (“right to be forgotten”) – to request deletion of your data where legally possible.

Right to restriction of processing – to limit how your data is used.

Right to data portability – to receive your data in a structured, machine-readable format.

Right to object – to processing based on legitimate interests.

Improve user experience

Remember session preferences

Analyze website traffic and usage patterns

The lawful bases for processing are Article 6(1)(a) (consent), (b) (contract performance), and (f) (legitimate interest) of the GDPR.

DATA RETENTION

Futura retains personal data only as long as necessary for the purposes described above or as required by law.

Once data is no longer required, it is securely deleted or anonymized.

DATA SHARING AND TRANSFERS
Futura does not sell, rent, or disclose personal data to third parties for marketing purposes.
We may share limited data only with:

In the event of a data breach, Futura will notify affected parties and relevant supervisory authorities as required under Articles 33 and 34 of the GDPR.

RIGHTS OF DATA SUBJECTS

Under the GDPR, you have the following rights regarding your personal data: