KipyKipy

Privacy Policy

Last updated: March 2026

1. Who we are

Kipy (“we”, “us”, “our”) provides a hotel operations platform (“Service”) for internal hotel teams. Our contact email is hello@kipyapp.com.

2. Data we collect

  • Account data: name, email address, and hashed password when you register.
  • Hotel data: hotel name, room configuration, floor layout, and common areas.
  • Operational data: room statuses, housekeeping tasks, maintenance reports, daily messages, and planning schedules.
  • Guest feedback: star ratings and optional comments submitted via QR feedback pages.
  • Photos: images uploaded for maintenance reports or chat messages.
  • Payment data: processed securely by Stripe. We store your Stripe customer ID and subscription ID but never your card details.
  • Usage data: activity logs recording actions within the platform (status changes, task completions).

3. How we use your data

  • To provide and operate the Service.
  • To manage your account and subscription.
  • To enable real-time communication between hotel team members.
  • To generate operational reports for hotel managers.
  • To process guest feedback and route it to the appropriate team.
  • To send transactional emails (account verification, password reset).

4. Data storage and security

Your data is stored on Supabase (PostgreSQL) hosted in Europe West. Photos are stored in Supabase Storage. All data is transmitted over HTTPS. We use Row Level Security (RLS) to ensure each hotel can only access its own data. Payments are handled by Stripe with PCI DSS compliance.

5. Data sharing

We do not sell your data. We share data only with:

  • Supabase: database and file storage provider.
  • Stripe: payment processing.
  • Vercel: application hosting.
  • Resend: transactional email delivery.

6. Your rights (GDPR)

If you are in the European Economic Area, you have the right to:

  • Access your personal data.
  • Rectify inaccurate data.
  • Erase your data (“right to be forgotten”).
  • Port your data to another service.
  • Restrict or object to processing.
  • Withdraw consent at any time.

To exercise any of these rights, contact us at hello@kipyapp.com. We will respond within 30 days.

7. Data retention

We retain your data for as long as your account is active. If you delete your account or your subscription expires and is not renewed, we retain data for up to 90 days before permanent deletion. Activity logs and operational data are retained for reporting purposes for up to 12 months.

8. Cookies

We use essential cookies only for authentication (Supabase session tokens). We do not use tracking cookies or third-party analytics cookies.

9. Changes to this policy

We may update this policy from time to time. We will notify registered users of significant changes via email.

10. Contact

For any questions about this privacy policy or your data, contact us at hello@kipyapp.com.