Legal
HOTEL PRIVACY
POLICY
Last Updated: May 2026For Hotels OnlyData Controller GuideGlobal
Last Updated: May 2026 | This policy is reviewed every 6 months and updated whenever we add new features, enter new markets, or when applicable laws change.
This Privacy Policy applies specifically to hotel operators, owners, managers, and staff who use the Travdigi Hotel Portal for guest check-in management, digital register compliance, and report generation.
This policy explains what data Travdigi collects about your hotel and staff, how guest data is processed on your behalf, your responsibilities as a hotel using our platform, and how we protect all data involved.
The Travdigi hotel portal is available globally — any hotel, hostel, resort, guesthouse, or Airbnb worldwide may register and use Travdigi. The traveler app is also available globally — guests from any country may use Travdigi to check in at your property.
Important legal note: Under applicable data protection laws worldwide — including the India DPDP Act 2023, EU GDPR, UK GDPR, US CCPA, Australia Privacy Act, Singapore PDPA, South Africa POPIA, Russia Federal Law 152-FZ, China PIPL, UAE PDPL, and all other applicable national and regional data protection frameworks — your hotel is the Data Controller for your guests' personal data. Travdigi is the Data Processor operating on your instructions. This means your hotel has legal responsibilities for how guest data is collected, used, and protected regardless of your jurisdiction.
All Travdigi legal documents are maintained in English only. English is the internationally recognized language for legal documents. For assistance please contact hello@Travdigi.com
This policy applies to:
- Hotel Owners — the registered account holder responsible for the hotel's Travdigi subscription and all activity under their account
- Hotel Managers — staff with elevated access to full guest data and report generation
- Hotel Staff / Employees — front desk and reception staff who use the QR scanner for guest check-in and check-out
By registering your hotel on Travdigi and using our hotel portal, you agree to this policy and confirm that your hotel will use Travdigi in compliance with applicable laws in your jurisdiction.
When your hotel registers on Travdigi we collect:
- Hotel identity: Hotel name, registered address, property type, number of rooms or beds
- Contact details: Email address, phone number, website
- Owner details: Owner name and contact email — used for account and billing communications
- Staff accounts: Names, email addresses, roles, and access levels of staff members you add to the portal
- Subscription data: Plan type, payment history, renewal dates
- Usage data: Check-in volumes, report generation history, portal activity
- Audit logs: Every action taken in the hotel portal — which staff member scanned a QR, generated a report, or viewed guest data — permanently logged with timestamp
Staff audit logging: Every action by every staff member in the Travdigi hotel portal is permanently logged. This includes QR scans, guest data views, and report generation. These logs are available to the hotel owner and to Travdigi for security and compliance purposes.
Your hotel is the Data Controller for your guests' personal data. Travdigi processes this data on your behalf as Data Processor. This means:
- Your hotel is legally responsible for ensuring you have a lawful basis to collect guest identity data — hospitality laws in most countries provide this basis automatically
- Your hotel is responsible for informing walk-in guests that their details are being recorded digitally — Travdigi provides an on-screen prompt to assist with this
- Your hotel is responsible for ensuring staff use Travdigi only for its intended purpose — guest compliance records
- Your hotel is responsible for any misuse of guest data by your staff members
- Your hotel must not use Travdigi guest data for any purpose other than lawful compliance reporting
Staff misuse warning: Hotel staff must not attempt to photograph, copy, screenshot, or share any guest data accessed through Travdigi. All access is logged and audited. Misuse of guest data is a violation of this agreement and may constitute a criminal offence under applicable data protection laws.
Travdigi enforces strict role-based access control at both application and infrastructure level. This cannot be overridden.
| Role |
What They Can See |
What They Cannot See |
| Hotel Staff / Employee |
Masked guest details only — first name, last initial, last 4 digits of document number, low-resolution watermarked face photo. Check-in and check-out status. |
Full documents, passport number, date of birth, full photo, verification video, guests of other hotels |
| Hotel Manager / Owner |
Full guest details for their hotel's guests only. Complete check-in history for their property. Compliance PDF generation. |
Guests of any other hotel. Traveler's history at other hotels. Verification video. Any Travdigi system data. |
Data isolation: Your hotel can only see data for guests who checked in at your property. You cannot access guest records from any other hotel on Travdigi. A guest's full history across multiple hotels is visible only to the traveler themselves — not to any hotel, not to Travdigi administration.
When checking in a guest without the Travdigi app, your staff collects the guest's name, mobile number, email address, and a photo of their government-issued ID.
Your hotel's responsibilities for walk-in check-ins:
- Inform the guest at the point of check-in that their details are being recorded digitally for compliance purposes — use the Travdigi on-screen prompt provided
- Capture the guest's email address accurately so they receive their automatic check-in confirmation
- Collect only the minimum required information — name, mobile, email, and ID photo
- Never use walk-in guest data for any purpose other than legal compliance
Automatic guest notification: Travdigi automatically sends every walk-in guest a confirmation email with their check-in details and an unsubscribe option. If the guest unsubscribes, no further emails will be sent to them from Travdigi. The check-in record is maintained regardless — it fulfills a legal compliance obligation not dependent on the guest's consent or acknowledgment. This satisfies the notification requirement under applicable data protection laws. Your hotel does not need to send a separate notification.
Hotel owners and managers can generate compliance PDF reports for submission to Authority, immigration, or other legal authorities when formally required.
- Reports are generated on demand — no pre-generated reports are stored anywhere
- Guest identity data is fetched in real time from the traveler's home country regional server at the moment of generation
- Combined with your hotel's check-in and check-out timestamps
- Delivered as a watermarked, timestamped PDF — tamper-proof and court-admissible
- Every report generation is permanently logged — who generated it, when, and for which guest
Report usage restriction: Compliance reports may only be used for lawful compliance purposes — submission to Authority, immigration, or other legal authorities when formally requested. Reports must not be used for any commercial, marketing, or other non-compliance purpose. Misuse is a violation of this agreement and applicable law.
PDF security: All Travdigi reports carry a unique Travdigi watermark and generation timestamp on every page. Any tampering is immediately identifiable. Each report includes an audit reference number verifiable by authorities in Travdigi's system.
Travdigi operates a separate dedicated portal for authorized law enforcement authorities. Hotels should be aware:
- Authority access is restricted to their authorized geographic zone — city and state only. No cross-border or cross-state access exists.
- Every Authority access is timestamped, logged, and permanently audited
- Authority access guest records directly through their portal — they do not need to visit your hotel or request data from your staff
- Travdigi does not proactively share data with Authority — access occurs only under formal government authorization obtained before any law enforcement access is activated
Replaces physical register: Using Travdigi fulfils your legal obligation to maintain a guest register accessible to authorities. You are not required to maintain a separate paper register for guests who check in through Travdigi. Travdigi digital records satisfy this legal requirement.
| Data Type |
Retention Period |
Reason |
| Guest check-in and check-out records |
Minimum 5 years or as required by local law |
Hospitality compliance obligation |
| Compliance PDF generation logs |
Minimum 7 years |
Audit and legal accountability |
| Staff access and activity logs |
Minimum 5 years |
Security audit and legal defence |
| Hotel account and subscription data |
Duration of subscription plus 3 years |
Billing records and compliance |
| Walk-in guest records |
Minimum 5 years or as required by local law |
Hospitality compliance obligation |
After subscription ends: If your hotel cancels its Travdigi subscription, portal access will be disabled. Guest check-in records are retained for the legally required minimum period and remain accessible to authorized authorities during this time. You can request a full export of your records before cancelling.
Travdigi implements the following security measures protecting hotel and guest data:
- AES-256 encryption for all data at rest
- TLS 1.3 encryption for all data in transit between hotel portal and Travdigi servers
- Role-based access control enforced at application and infrastructure level
- Zero local storage — no guest identity data is stored on hotel devices or systems
- Watermarked tamper-proof PDF reports — Travdigi logo, timestamp, and audit reference on every page
- Dynamic single-use QR codes — rotating every 60 seconds, usable exactly once
- Complete permanent audit trails — every staff action logged with who, when, and what
- Regional data storage — guest identity documents stored in their home country's server based on citizenship
- Separate server infrastructure — hotel portal isolated from traveler app, authority portal, and tourism portal
- Verification video protection — all identity verification videos are watermarked with Travdigi logo and timestamp, cryptographically hashed using SHA-256 for tamper detection, stored in view-only mode with no download capability for any party including Travdigi founders and employees, and every view is permanently logged
- Two-system data architecture — profile data and biometric files stored in completely separate systems — a breach of one cannot compromise the other
Travdigi offers hotels a 3-month free period upon registration. After the free period, an annual subscription applies based on hotel size. Revenue is subscription only — hotels are never charged per check-in.
For current pricing information please visit www.Travdigi.com or contact hello@Travdigi.com
The traveler app is free for all travelers worldwide. No per-check-in charges apply to hotels at any time.
By registering on Travdigi, your hotel agrees to the following obligations:
- Use Travdigi only for its intended purpose — lawful guest identity verification and compliance record keeping
- Ensure all staff who use Travdigi are trained on correct usage and data handling responsibilities
- Never attempt to download, copy, screenshot, or share any guest identity data accessed through Travdigi
- Collect walk-in guest details accurately and completely — inaccurate records are the hotel's legal responsibility
- Generate compliance reports only when formally required by an authorized government authority
- Never use guest data for any commercial, marketing, or non-compliance purpose
- Report any suspected misuse of the Travdigi system by staff members to Travdigi immediately
- Keep hotel portal login credentials secure — never share credentials between staff members
- Notify Travdigi immediately in the event of any suspected unauthorized access to your hotel portal account
- Physical verification responsibility: While Travdigi provides digitally verified guest identity — hotel staff are responsible for physically cross-checking the guest's face against their ID document at check-in when required by local law, hotel policy, or when the guest's physical appearance raises reasonable concern. Travdigi's digital verification does not replace the hotel's duty of reasonable care at the point of check-in.
- Comply with all applicable local hospitality laws and guest registration requirements in your jurisdiction
Hotel liability: Travdigi provides a secure and verified digital identity platform. However hotels remain the Data Controller and bear legal responsibility for the accuracy of walk-in guest records, the conduct of their staff, and compliance with local hospitality regulations. Travdigi's liability is limited to the accuracy and security of data within its own platform.
If your hotel wishes to stop using Travdigi:
- Contact hello@Travdigi.com with subject "Hotel Account Cancellation"
- Request a full export of your hotel's guest records before cancellation if required for your own records
- Hotel portal access will be disabled within 30 days of cancellation request
- Guest check-in records are retained for the legally required period as described in Section 8
- All staff accounts associated with your hotel will be disabled simultaneously
- You will receive written confirmation of cancellation and data handling
We may update this policy as we expand to new markets, add features, or when laws change. When material changes are made:
- Registered hotels will be notified in advance by email before changes take effect
- Continued use of the hotel portal after the effective date constitutes acceptance of the updated policy
- Previous versions are available on request
- This policy is reviewed every 6 months and updated whenever we add new features, enter new markets, or when applicable laws change
Language: All Travdigi legal documents are maintained in English only. English is the internationally recognized language for legal documents. For assistance in your language please contact hello@Travdigi.com
For any questions about this policy, your hotel's data, compliance requirements, or to report a concern:
All hotel queries are responded to within 48 hours on business days.