Privacy Policy

1.  Who is Hotel-Spider?

Hotel-Spider is a cloud-based hospitality distribution platform. We help hotels manage their room inventory, pricing, and availability across online travel agencies (OTAs), global distribution systems (GDS), booking engines, and metasearch channels — all in one place. The platform is operated by Tourisoft Sàrl, a Swiss company incorporated in Nyon, Canton de Vaud, Switzerland. We operate globally, with subsidiaries in Germany and India.

Legal name	Tourisoft Sàrl
Address	Route de Champ-Colin 18, CH-1260 Nyon (VD), Switzerland
Company number	CHE-109.910.707  |  RC CH-550.1.031.179-7
Privacy contact	privacy@hotel-spider.com
EU representative	See our Legal Notice for Art. 27 GDPR contact

2.  What information do we collect?

We only collect information that helps us run our business and serve you better. Here’s what that looks like in practice:

Information you give us directly

When you fill in a contact form, request a demo, or email us, you typically share:

• Your name and job title
• Your business email address and phone number
• Your company name and location
• The content of your message or enquiry

Information we collect automatically

When you visit our website, we automatically collect some technical data. This includes your IP address (anonymised where possible), browser type, pages you visited, and how long you spent on them. We use this to keep the site working properly and to understand what’s useful to our visitors.

Information from third parties

Occasionally we receive contact details from trusted partners — for example, at industry events or through referrals. We only use information from third parties who have confirmed they have the right to share it with us.

3.  How do we use your information?

We use the information we collect for the following purposes:

• To respond to your enquiries and get back to you when you reach out
• To schedule product demonstrations and walk you through Hotel-Spider
• To send you relevant updates about our products, features, and the hospitality technology sector
• To manage our commercial relationship with you and your organisation
• To keep our website running smoothly and improve it over time
• To comply with legal and regulatory obligations

We will always be clear about why we’re using your data at the point we collect it. If we ever want to use it for something new, we’ll let you know.

4.  Who do we share your information with?

Our group companies

As explained in Section 5 below, your information may be shared within the Hotel-Spider group — our Swiss parent company, our German subsidiary, and our India subsidiary. All group companies follow the same data protection standards and are bound by intra-group agreements.

Technology providers

Like most software companies, we use third-party tools to run our business — things like cloud hosting, email delivery, and website analytics. These providers only process your data on our behalf and under our instructions. They are not allowed to use your data for their own purposes, and we require them to maintain appropriate security standards. You can request our current list of providers by writing to privacy@hotel-spider.com.

Legal and regulatory obligations

We may disclose your information if required by law, court order, or a regulatory authority — for example, to comply with a valid legal request from a government body. We’ll always try to notify you when legally permitted to do so.

Business transfers

If Hotel-Spider is ever involved in a merger, acquisition, or sale of all or part of its business, your information may be transferred to the new owners. We will inform you before that happens and ensure the same privacy standards continue to apply. We will never sell your personal data to any outside party for their own marketing or commercial purposes. Full stop.

5.  Do we share data within the Hotel-Spider group?

Yes — and we want to be upfront about it. Hotel-Spider is operated by Tourisoft Sàrl and has two subsidiaries:

Tourisoft Sàrl	Nyon, Switzerland  —  Parent company & data controller
Hotel-Spider Germany GmbH	Berlin, Germany  —  EU subsidiary
Tourisoft India Private Limited	Gurugram, India  —  India subsidiary (CIN: U74999HR2019FTC079476)

Your information may be accessed by colleagues in any of these three entities — but only for Hotel-Spider-related commercial and operational purposes. No group company may use shared data for independent purposes unrelated to Hotel-Spider. All intra-group transfers are governed by formal data sharing agreements that impose the same data protection obligations across all entities. Transfers to Germany (EU) follow GDPR rules. Transfers to India are covered by Standard Contractual Clauses and aligned with India’s DPDPA 2023.

6.  Do we sell your data?

No. We do not sell, rent, or license your personal data to any third party for their own commercial purposes. Your information is used within the Hotel-Spider group only, to provide and promote our services.

7.  International data transfers

Tourisoft Sàrl is based in Switzerland. Your data may be processed by our group entities or technology providers in other countries, including within the EU and in India. Wherever your data travels, we make sure it stays protected:

• Transfers to Hotel-Spider Germany GmbH (Germany) fall within the EU/EEA and are covered by the GDPR.
• Transfers to Tourisoft India Private Limited are covered by Standard Contractual Clauses (SCCs) and comply with India’s DPDPA 2023.
• Transfers from Switzerland use the FDPIC-approved mechanisms under the revised Swiss Federal Act on Data Protection (nDSG).

We can provide copies of our Standard Contractual Clauses on request — just email privacy@hotel-spider.com.

8.  How long do we keep your information?

We keep your information for as long as we need it to serve the purpose for which it was collected.

Contact & prospecting data	24 months from your last interaction with us
Active client data	For the duration of our business relationship, plus any statutory retention period
Legal & compliance records	As long as required by Swiss, EU, or Indian law (e.g. accounting records under Swiss OR)

When the retention period expires, we securely delete or irreversibly anonymise your data — across all group entities. You can also ask us to delete your data earlier: see Section 9.

9.  Your rights

Depending on where you’re based, you have a range of rights over your personal data. We’ve listed them all below — and the same single contact handles requests for all three group entities, so you only ever need to contact us once.

Access

You can ask us to confirm whether we hold your personal data and, if so, to send you a copy — including which group entities hold it.

Correction

If any of your information is inaccurate or out of date, just let us know and we’ll fix it across all group entities.

Deletion

You can ask us to delete your data. We’ll act on this across all group entities, unless we’re legally required to keep it (for example, for accounting purposes).

Objection to marketing

You can opt out of marketing communications at any time by clicking ‘unsubscribe’ in any email we send you, or by contacting us directly. We’ll action your request immediately.

Other rights

You also have the right to restrict how we process your data, request a portable copy of it, or withdraw consent where our processing is based on consent. These rights apply under the GDPR, the Swiss nDSG, and India’s DPDPA, as relevant to your location. To exercise any of these rights, email us at privacy@hotel-spider.com. We’ll respond within 30 days. We may ask you to confirm your identity before we action a request. If you’re in the EU or Switzerland and feel we haven’t handled your request properly, you have the right to complain to your local data protection authority:

• Switzerland: Federal Data Protection and Information Commissioner (FDPIC) — edoeb.admin.ch
• EU: Your national data protection authority (e.g. BfDI in Germany, CNIL in France)
• India: The Data Protection Board of India (once fully operational under the DPDPA 2023)

10.  Cookies

We use cookies and similar technologies on our website to keep things working, understand how visitors use the site, and — with your consent — to show relevant content. Strictly necessary cookies are always active because the site can’t function without them. For analytics and marketing cookies, we ask for your consent when you first visit. You can change your cookie preferences at any time using the cookie settings link in our website footer. Our full Cookie Policy has all the details on what we use and why.

11.  How do we protect your information?

We take security seriously across the entire Hotel-Spider group. Our measures include:

• Encryption of all data in transit (TLS) and at rest
• Role-based access controls — only people who need your data can see it
• Regular internal security reviews and assessments
• Binding security obligations in all contracts with sub-processors and group entities

If a data breach occurs that poses a risk to your rights, we will notify the relevant supervisory authority within 72 hours and inform affected individuals as required by law.

12.  Changes to this policy

We may update this policy from time to time — for example, when we add new services or when the law changes. The date at the top of this page always shows when it was last updated. If we make a significant change that affects how your data is used, we’ll let you know — either by email or with a clear notice on our website — before the change takes effect.

13.  How to contact us

Have a question about this policy or about how we handle your data? We’re happy to help.

Email	privacy@hotel-spider.com
Post	Tourisoft Sàrl, Route de Champ-Colin 18, CH-1260 Nyon, Switzerland
Phone	+41 (0)22 360 03 70
Response time	We aim to respond to all privacy enquiries within 30 days

One request covers all group entities. Whether your data is held by Tourisoft Sàrl (CH), Hotel-Spider Germany GmbH (DE), or Tourisoft India Private Limited (IN) — a single email to privacy@hotel-spider.com is all it takes.