SmartGuest – Privacy Policy and "Cookies" Policy

I. How SmartGuest protects the privacy of Partners, Administrators, Users, and End Users

This Policy applies to the website domain mysmartguest.com (the "Website") and the SmartGuest System made available by SmartHotel spółka z ograniczoną odpowiedzialnością, with its registered office in Kraków (trading name: SmartGuest), address: ul. Pawia 9, 31-154 Kraków, Poland, entered into the register of entrepreneurs of the National Court Register (KRS) maintained by the District Court for the Capital City of Warsaw, XII Commercial Division, under KRS number 0000812741, NIP (tax ID) 5252807928, REGON 384929793, share capital PLN 10,000.00, e-mail address: hello@mysmartguest.com, phone: +48 733 970 033 (hereinafter "SmartGuest").

SmartGuest exercises due diligence in selecting and applying appropriate technical and organizational measures to protect personal data. It safeguards personal data against unauthorized access, unlawful processing, alteration, loss, damage, or destruction.

All terms used in this Privacy Policy should be interpreted in accordance with the definitions set out in the Partner Terms of Service, available at https://smartguest.co/rules.


II. Legal basis for processing your data by Partners

The data controller within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 ("GDPR") is, in each case, the Partner who has entered into an Agreement with SmartGuest for the provision of services covered by the Terms of Service, or the entity designated by the Partner. SmartGuest remains the data controller with respect to the data of Partners, Administrators, Owners, and Users, as well as visitors to the Website. SmartGuest processes personal data as a controller in accordance with this Policy, or on the basis of an applicable data processing agreement concluded with the Partner acting as controller, or with an entity designated by the Partner.

The scope of data entrusted by the Partner, or by an entity designated by the Partner, is determined individually by the Partner in each case and depends on the type of Services covered by the Agreement between SmartGuest and the Partner, as well as on how the End User uses those Services.

SmartGuest is the entity to which the Partner entrusts the processing of End Users' personal data. As a processor, SmartGuest processes such data solely within the scope and for the purposes specified below, and in connection with the provision of the Services set out in the Terms of Service. Processing in the capacity of processor takes place only for the duration of the Data Processing Agreement concluded with the Partner.

Personal data is processed by SmartGuest in connection with the use of services under the SmartAutomation Plan and SmartChat. The System under the SmartHotel Plan (previously: the SmartGuest Plan) does not collect or process End Users' personal data — under this plan, SmartGuest uses cookies solely for analytical purposes, as described in Section XI.

By accepting this Policy, the Partner, Administrator, Owner, User, and End User, as well as any visitor to the Website, consent to the processing of their personal data by SmartGuest.


III. Purpose and legal basis of processing

SmartGuest, acting as controller, processes the data of Partners, Administrators, and Users in order to provide the Services described in the Terms of Service, including ensuring their proper quality, in connection with gaining access to the System by providing the required personal data, in particular to enable communication with SmartGuest.

SmartGuest, acting as controller, processes the data of visitors to the Website.

SmartGuest acts as a processor on the Partner's instructions in order to enable communication between Partners, Administrators, Owners, Users, and End Users via WhatsApp and Messenger, and as controller of End Users' personal data for the purposes of direct communication with the End User — handling complaints, direct marketing of services, and responding to inquiries.

Data is also processed to monitor the proper performance of the Terms of Service, which constitute an Agreement concluded through acceptance by the Partner, Administrator, User, and End User, for the entire duration thereof — Article 6(1)(b) GDPR.

In addition, SmartGuest processes data for the purposes of:

  • fulfilling legal obligations incumbent on SmartGuest — for the time necessary to perform such obligations or for the period required by law, pursuant to Article 6(1)(c) GDPR (e.g., accounting and tax obligations);

  • pursuing its rights or defending against claims brought by Partners, Administrators, Users, and End Users, as well as third parties — Article 6(1)(f) GDPR;

  • sending marketing content by e-mail to the address provided upon newsletter subscription — until unsubscription, based on consent under Article 6(1)(a) GDPR;

  • making content collected on the Website available, on the basis of SmartGuest's legitimate interest — Article 6(1)(f) GDPR;

  • direct marketing of its own services, including building a database of potential newsletter recipients and assessing their needs — Article 6(1)(f) GDPR;

  • responding to inquiries submitted via contact details made available in the System, contact forms on the Website, and other correspondence — Article 6(1)(f) GDPR;

  • concluding and performing agreements with SmartGuest, and taking steps aimed at their conclusion (scheduling a System demo, preparing an offer, registering and maintaining access, technical support) — Article 6(1)(b) GDPR;

  • handling complaints, including resolving technical issues — Article 6(1)(f) GDPR;

  • generating cookies and collecting data made available within the SmartGuest System and Website, including for direct marketing purposes (e-mail, SMS, phone);

  • tracking the geolocation of mobile devices in order to oversee the provision of Services related to check-in at the Property, based on consent — Article 6(1)(a) GDPR.

Providing personal data is voluntary; however, failure to provide certain required data may result in SmartGuest being unable to perform the Services or respond to an inquiry.

Consent to the processing of personal data may be withdrawn at any time. This does not affect the lawfulness of processing carried out prior to withdrawal.


IV. Categories of End User personal data processed

For the purpose of providing the Services, SmartGuest processes the following categories of End User personal data:

  • first name;

  • last name;

  • e-mail address, used for registration and identification of the End User;

  • room/apartment number at the Property, according to the reservation;

  • phone number;

  • WhatsApp number;

  • activity data — such as System access grants, downloads from the App Store, comments, and ratings;

  • geolocation data of the device used to access the System.

SmartGuest also uses IP addresses collected during internet connections for technical purposes related to server administration; these are also used to collect general, statistical demographic information (e.g., the region from which the connection originates).


V. Categories of personal data of Partners, Administrators, and Users

For the purpose of providing the Services, SmartGuest processes the following categories of personal data of Partners, Owners, Administrators, and Users:

  • first name;

  • last name;

  • e-mail address, used for registration and identification;

  • phone number;

  • WhatsApp number;

  • position/role held with the Partner;

  • activity data — such as System access grants, downloads from the App Store, comments, and ratings.

SmartGuest also uses IP addresses collected during internet connections for technical purposes related to server administration, which are also used to collect general, statistical demographic information.


VI. Categories of personal data of Website visitors

SmartGuest processes the following categories of personal data of Website visitors:

Visitors viewing the Website's content:

  • device IP address or other identifiers, and information collected via cookies.

Visitors using the contact form on the "Contact Us" page:

  • first name;

  • last name;

  • e-mail address;

  • phone number.

Visitors scheduling a demo via the "Book a Demo" widget:

  • first name;

  • last name;

  • e-mail address;

  • phone number;

  • contact details of the represented Property;

  • position/role held at the represented Property.

SmartGuest also uses IP addresses collected during internet connections for technical purposes related to server administration.


VII. Obligations relating to the processing of personal data

Partners, Administrators, Owners, Users, End Users, and Website visitors are required to provide SmartGuest with complete, current, and accurate data.

They are also required not to provide SmartGuest with third parties' personal data without a valid legal basis. Where such data is provided, they warrant that they have the legal basis required to disclose it.


VIII. Data subject rights

Partners, Administrators, Owners, Users, End Users, and Website visitors have the right to access their data, and the right to rectification, erasure, restriction of processing, data portability, and the right to object to processing carried out on the basis of SmartGuest's legitimate interest.

These rights may be exercised — in the case of data erasure — primarily by discontinuing use of the System, and further by sending a request to gdpr@mysmartguest.com together with the requester's first name, last name, and e-mail address.

Data subjects also have the right to lodge a complaint with a supervisory authority if they believe that the processing of their personal data violates applicable data protection law, including the GDPR.


IX. Recipients of personal data

Data may be disclosed to entities authorized to receive it under applicable law, including judicial authorities. Data may be transferred to entities processing it on SmartGuest's behalf: hosting partners, entities administering and managing the System, providers of IT support services, electronic payment processors, accounting firms, lawyers, and state authorities authorized under separate legislation (tax offices, courts, bailiffs). SmartGuest provides Services worldwide and cooperates with partners globally; accordingly, data may be accessible to partners located in regions where data protection laws differ from European law. Data is transferred to another country only where a Partner, Administrator, Owner, User, or End User uses the Property's Services in that country. Where Services are used outside the European Economic Area (including the United States), data is transferred to the local distributor in that country. Where data is transferred to countries for which the European Commission has not issued an adequacy decision, SmartGuest applies the safeguards required under the GDPR, including standard contractual clauses. Information about the safeguards applied, and copies thereof, may be obtained at SmartGuest's registered office. Personal data of Website visitors is not transferred outside the European Economic Area.


X. Data retention period and other information

Personal data is retained only for as long as necessary to achieve the purpose for which it was collected, including performance of the Terms of Service and compliance with legal requirements.

Personal data of Partners, Owners, Administrators, Users, and End Users is retained for:

  • the period during which the End User uses the System, or the period during which the End User uses the Services offered by the Partner;

  • the duration of the cooperation between SmartGuest and the Partner for whom the Administrator or User works or whom they represent;

  • until consent is withdrawn or modified, where processing is based on consent (for mobile device geolocation data — until the End User stops using the System);

  • the time necessary to achieve other purposes.

Beyond these periods, data is retained for the period required by applicable law, or for as long as necessary for SmartGuest to protect or pursue its rights.

Upon termination of the Terms of Service, resulting in discontinued use of the System by a Partner, Owner, Administrator, User, or End User, SmartGuest will delete the data stored therein, including all personal data, without the possibility of subsequent recovery.

SmartGuest does not carry out automated profiling of Partners, Owners, Administrators, Users, End Users, or Website visitors.


XI. Cookie Policy

Cookies are text files saved and stored in the memory of a device used to browse websites (e.g., PC, notebook, tablet, palmtop, mobile phone). Once saved, one or more servers connect to these files and gain corresponding access to them.

SmartGuest uses cookies for the following purposes:

  • statistical purposes;

  • configuring the SmartGuest System and Services — enabling settings and features to be adjusted according to the preferences of Partners, Owners, Administrators, Users, End Users, and Website visitors;

  • enabling the use of QR codes;

  • authentication — enabling the System to recognize when a Partner, Administrator, User, Owner, or End User is accessing the System, so that the website can display the relevant information and features;

  • analyzing and studying the behavior of Partners, Administrators, Owners, Users, End Users, and Website visitors — enabling the analysis of preferences in order to improve and develop products and services.

Information is collected anonymously, without identifying the personal data of individual Partners, Administrators, Owners, Users, End Users, or Website visitors, unless the end device's settings allow for such identification.

By changing the settings of the software used to access the SmartGuest System and Website, it is possible to determine the conditions for storing and accessing cookies used by the System and Website, including the option to disable them entirely. However, deleting or blocking cookies may result in certain sections of SmartGuest and the Website not functioning properly. Information on how to change cookie settings can be obtained from the technical support resources for the relevant software or from its provider. Failure to change the software settings constitutes, pursuant to Article 173(2) of the Polish Telecommunications Law, consent to the use of cookies by the SmartGuest System for the purposes set out above.


XII. Changes to the Privacy Policy

Due to the ongoing development of technology, the rules set out in this Policy may change. You will be notified of any such changes in advance, no later than 7 days before they take effect, by publishing the updated content of this document at https://smartguest.co/pl/privacy-policy.


This document is based on the previous SmartHotel Privacy Policy, updated to reflect the SmartGuest brand.

I. How SmartGuest protects the privacy of Partners, Administrators, Users, and End Users

This Policy applies to the website domain mysmartguest.com (the "Website") and the SmartGuest System made available by SmartHotel spółka z ograniczoną odpowiedzialnością, with its registered office in Kraków (trading name: SmartGuest), address: ul. Pawia 9, 31-154 Kraków, Poland, entered into the register of entrepreneurs of the National Court Register (KRS) maintained by the District Court for the Capital City of Warsaw, XII Commercial Division, under KRS number 0000812741, NIP (tax ID) 5252807928, REGON 384929793, share capital PLN 10,000.00, e-mail address: hello@mysmartguest.com, phone: +48 733 970 033 (hereinafter "SmartGuest").

SmartGuest exercises due diligence in selecting and applying appropriate technical and organizational measures to protect personal data. It safeguards personal data against unauthorized access, unlawful processing, alteration, loss, damage, or destruction.

All terms used in this Privacy Policy should be interpreted in accordance with the definitions set out in the Partner Terms of Service, available at https://smartguest.co/rules.


II. Legal basis for processing your data by Partners

The data controller within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 ("GDPR") is, in each case, the Partner who has entered into an Agreement with SmartGuest for the provision of services covered by the Terms of Service, or the entity designated by the Partner. SmartGuest remains the data controller with respect to the data of Partners, Administrators, Owners, and Users, as well as visitors to the Website. SmartGuest processes personal data as a controller in accordance with this Policy, or on the basis of an applicable data processing agreement concluded with the Partner acting as controller, or with an entity designated by the Partner.

The scope of data entrusted by the Partner, or by an entity designated by the Partner, is determined individually by the Partner in each case and depends on the type of Services covered by the Agreement between SmartGuest and the Partner, as well as on how the End User uses those Services.

SmartGuest is the entity to which the Partner entrusts the processing of End Users' personal data. As a processor, SmartGuest processes such data solely within the scope and for the purposes specified below, and in connection with the provision of the Services set out in the Terms of Service. Processing in the capacity of processor takes place only for the duration of the Data Processing Agreement concluded with the Partner.

Personal data is processed by SmartGuest in connection with the use of services under the SmartAutomation Plan and SmartChat. The System under the SmartHotel Plan (previously: the SmartGuest Plan) does not collect or process End Users' personal data — under this plan, SmartGuest uses cookies solely for analytical purposes, as described in Section XI.

By accepting this Policy, the Partner, Administrator, Owner, User, and End User, as well as any visitor to the Website, consent to the processing of their personal data by SmartGuest.


III. Purpose and legal basis of processing

SmartGuest, acting as controller, processes the data of Partners, Administrators, and Users in order to provide the Services described in the Terms of Service, including ensuring their proper quality, in connection with gaining access to the System by providing the required personal data, in particular to enable communication with SmartGuest.

SmartGuest, acting as controller, processes the data of visitors to the Website.

SmartGuest acts as a processor on the Partner's instructions in order to enable communication between Partners, Administrators, Owners, Users, and End Users via WhatsApp and Messenger, and as controller of End Users' personal data for the purposes of direct communication with the End User — handling complaints, direct marketing of services, and responding to inquiries.

Data is also processed to monitor the proper performance of the Terms of Service, which constitute an Agreement concluded through acceptance by the Partner, Administrator, User, and End User, for the entire duration thereof — Article 6(1)(b) GDPR.

In addition, SmartGuest processes data for the purposes of:

  • fulfilling legal obligations incumbent on SmartGuest — for the time necessary to perform such obligations or for the period required by law, pursuant to Article 6(1)(c) GDPR (e.g., accounting and tax obligations);

  • pursuing its rights or defending against claims brought by Partners, Administrators, Users, and End Users, as well as third parties — Article 6(1)(f) GDPR;

  • sending marketing content by e-mail to the address provided upon newsletter subscription — until unsubscription, based on consent under Article 6(1)(a) GDPR;

  • making content collected on the Website available, on the basis of SmartGuest's legitimate interest — Article 6(1)(f) GDPR;

  • direct marketing of its own services, including building a database of potential newsletter recipients and assessing their needs — Article 6(1)(f) GDPR;

  • responding to inquiries submitted via contact details made available in the System, contact forms on the Website, and other correspondence — Article 6(1)(f) GDPR;

  • concluding and performing agreements with SmartGuest, and taking steps aimed at their conclusion (scheduling a System demo, preparing an offer, registering and maintaining access, technical support) — Article 6(1)(b) GDPR;

  • handling complaints, including resolving technical issues — Article 6(1)(f) GDPR;

  • generating cookies and collecting data made available within the SmartGuest System and Website, including for direct marketing purposes (e-mail, SMS, phone);

  • tracking the geolocation of mobile devices in order to oversee the provision of Services related to check-in at the Property, based on consent — Article 6(1)(a) GDPR.

Providing personal data is voluntary; however, failure to provide certain required data may result in SmartGuest being unable to perform the Services or respond to an inquiry.

Consent to the processing of personal data may be withdrawn at any time. This does not affect the lawfulness of processing carried out prior to withdrawal.


IV. Categories of End User personal data processed

For the purpose of providing the Services, SmartGuest processes the following categories of End User personal data:

  • first name;

  • last name;

  • e-mail address, used for registration and identification of the End User;

  • room/apartment number at the Property, according to the reservation;

  • phone number;

  • WhatsApp number;

  • activity data — such as System access grants, downloads from the App Store, comments, and ratings;

  • geolocation data of the device used to access the System.

SmartGuest also uses IP addresses collected during internet connections for technical purposes related to server administration; these are also used to collect general, statistical demographic information (e.g., the region from which the connection originates).


V. Categories of personal data of Partners, Administrators, and Users

For the purpose of providing the Services, SmartGuest processes the following categories of personal data of Partners, Owners, Administrators, and Users:

  • first name;

  • last name;

  • e-mail address, used for registration and identification;

  • phone number;

  • WhatsApp number;

  • position/role held with the Partner;

  • activity data — such as System access grants, downloads from the App Store, comments, and ratings.

SmartGuest also uses IP addresses collected during internet connections for technical purposes related to server administration, which are also used to collect general, statistical demographic information.


VI. Categories of personal data of Website visitors

SmartGuest processes the following categories of personal data of Website visitors:

Visitors viewing the Website's content:

  • device IP address or other identifiers, and information collected via cookies.

Visitors using the contact form on the "Contact Us" page:

  • first name;

  • last name;

  • e-mail address;

  • phone number.

Visitors scheduling a demo via the "Book a Demo" widget:

  • first name;

  • last name;

  • e-mail address;

  • phone number;

  • contact details of the represented Property;

  • position/role held at the represented Property.

SmartGuest also uses IP addresses collected during internet connections for technical purposes related to server administration.


VII. Obligations relating to the processing of personal data

Partners, Administrators, Owners, Users, End Users, and Website visitors are required to provide SmartGuest with complete, current, and accurate data.

They are also required not to provide SmartGuest with third parties' personal data without a valid legal basis. Where such data is provided, they warrant that they have the legal basis required to disclose it.


VIII. Data subject rights

Partners, Administrators, Owners, Users, End Users, and Website visitors have the right to access their data, and the right to rectification, erasure, restriction of processing, data portability, and the right to object to processing carried out on the basis of SmartGuest's legitimate interest.

These rights may be exercised — in the case of data erasure — primarily by discontinuing use of the System, and further by sending a request to gdpr@mysmartguest.com together with the requester's first name, last name, and e-mail address.

Data subjects also have the right to lodge a complaint with a supervisory authority if they believe that the processing of their personal data violates applicable data protection law, including the GDPR.


IX. Recipients of personal data

Data may be disclosed to entities authorized to receive it under applicable law, including judicial authorities. Data may be transferred to entities processing it on SmartGuest's behalf: hosting partners, entities administering and managing the System, providers of IT support services, electronic payment processors, accounting firms, lawyers, and state authorities authorized under separate legislation (tax offices, courts, bailiffs). SmartGuest provides Services worldwide and cooperates with partners globally; accordingly, data may be accessible to partners located in regions where data protection laws differ from European law. Data is transferred to another country only where a Partner, Administrator, Owner, User, or End User uses the Property's Services in that country. Where Services are used outside the European Economic Area (including the United States), data is transferred to the local distributor in that country. Where data is transferred to countries for which the European Commission has not issued an adequacy decision, SmartGuest applies the safeguards required under the GDPR, including standard contractual clauses. Information about the safeguards applied, and copies thereof, may be obtained at SmartGuest's registered office. Personal data of Website visitors is not transferred outside the European Economic Area.


X. Data retention period and other information

Personal data is retained only for as long as necessary to achieve the purpose for which it was collected, including performance of the Terms of Service and compliance with legal requirements.

Personal data of Partners, Owners, Administrators, Users, and End Users is retained for:

  • the period during which the End User uses the System, or the period during which the End User uses the Services offered by the Partner;

  • the duration of the cooperation between SmartGuest and the Partner for whom the Administrator or User works or whom they represent;

  • until consent is withdrawn or modified, where processing is based on consent (for mobile device geolocation data — until the End User stops using the System);

  • the time necessary to achieve other purposes.

Beyond these periods, data is retained for the period required by applicable law, or for as long as necessary for SmartGuest to protect or pursue its rights.

Upon termination of the Terms of Service, resulting in discontinued use of the System by a Partner, Owner, Administrator, User, or End User, SmartGuest will delete the data stored therein, including all personal data, without the possibility of subsequent recovery.

SmartGuest does not carry out automated profiling of Partners, Owners, Administrators, Users, End Users, or Website visitors.


XI. Cookie Policy

Cookies are text files saved and stored in the memory of a device used to browse websites (e.g., PC, notebook, tablet, palmtop, mobile phone). Once saved, one or more servers connect to these files and gain corresponding access to them.

SmartGuest uses cookies for the following purposes:

  • statistical purposes;

  • configuring the SmartGuest System and Services — enabling settings and features to be adjusted according to the preferences of Partners, Owners, Administrators, Users, End Users, and Website visitors;

  • enabling the use of QR codes;

  • authentication — enabling the System to recognize when a Partner, Administrator, User, Owner, or End User is accessing the System, so that the website can display the relevant information and features;

  • analyzing and studying the behavior of Partners, Administrators, Owners, Users, End Users, and Website visitors — enabling the analysis of preferences in order to improve and develop products and services.

Information is collected anonymously, without identifying the personal data of individual Partners, Administrators, Owners, Users, End Users, or Website visitors, unless the end device's settings allow for such identification.

By changing the settings of the software used to access the SmartGuest System and Website, it is possible to determine the conditions for storing and accessing cookies used by the System and Website, including the option to disable them entirely. However, deleting or blocking cookies may result in certain sections of SmartGuest and the Website not functioning properly. Information on how to change cookie settings can be obtained from the technical support resources for the relevant software or from its provider. Failure to change the software settings constitutes, pursuant to Article 173(2) of the Polish Telecommunications Law, consent to the use of cookies by the SmartGuest System for the purposes set out above.


XII. Changes to the Privacy Policy

Due to the ongoing development of technology, the rules set out in this Policy may change. You will be notified of any such changes in advance, no later than 7 days before they take effect, by publishing the updated content of this document at https://smartguest.co/pl/privacy-policy.


This document is based on the previous SmartHotel Privacy Policy, updated to reflect the SmartGuest brand.

Ready to start?

Talk with our team

Ready to start?

Talk with our team

Online check-in, messaging, entry instructions, upsells - all automated for every guest.

Online check-in, messaging, entry instructions, upsells - all automated for every guest.

Online check-in, messaging, entry instructions, upsells - all automated for every guest.