Security & privacy

Yes. We use enterprise-grade security with encryption at rest and in transit. Your property information is stored securely and only accessible to you and your authorized guests.

Only the property host can view guest conversations through their dashboard. Hostigram staff do not access conversation content. Guest conversation data is not used to train AI models. Guest data is never sold or shared with third parties.

Active service data is retained as long as your account and subscription are active. For inactive services (after subscription expires): 90 days, service remains accessible in read-only mode. 180 days, final deletion warning is sent. 210 days, service-specific data (knowledge base, chat history, guest records) is permanently purged. Your account profile and structure are preserved indefinitely. You can manually delete any data at any time from your dashboard.

Yes. We follow GDPR principles including data minimization, purpose limitation, and the right to erasure. Guests can request deletion of their data, and hosts can delete all property data at any time. Data is processed via Supabase (database), OpenAI (AI responses), and Resend (emails), all with appropriate data processing agreements in place.