Terms and Conditions of Roomwaiy.com
General
Hotels Booking, Hotels Deals.
Point 1: Definitions
For the purposes of these General Terms of Use and Sale (hereinafter the "GTC"), the following terms, whether used in the singular or plural, shall have the meanings defined below:
- “Site” or “Platform”:
Refers to the website accessible at Roomwaiy.com, as well as any mobile application or other digital medium published by the Company, allowing access to the Services.
- “Company”:
Refers to the legal entity operating the Roomwaiy.com Platform, responsible for the publication and provision of the Services.
- “User” or “Customer”:
Refers to any natural or legal person who accesses the Site and uses the Services for the purpose of viewing offers or making a Reservation.
- “Service”:
Refers to all services provided by the Company, primarily the electronic intermediation between Users and Accommodation Providers for the Reservation of hotel stays or similar accommodations.
- “Accommodation Provider” or “Partner”:
Refers to the hotel establishment, hotel, hostel, apartment, or any other third-party entity providing the accommodation and related services, whose offers are presented on the Site.
- “Reservation”:
Refers to the act by which the User confirms the purchase of an accommodation service from an Accommodation Provider via the Site, subject to the applicable pricing conditions and cancellation policy.
- “Accommodation Contract”:
Refers to the contractual agreement concluded directly between the User and the Accommodation Provider, of which the Company’s GTC only constitute an intermediation framework.
- “Personal Data”:
Refers to any information relating to an identified or identifiable natural person, processed by the Company in the context of providing the Services.
Point 2: Prohibited Use (Restrictions on Use)
The User agrees not to use the Site or the Service for any purpose that is unlawful, prohibited by these GTC, or intended to circumvent the proper functioning of the Platform.
Specifically, the User is strictly prohibited from:
- Illegal and Unauthorized Activity:
Using the Site or Service to violate any applicable local, regional, national, or international law or regulation, or to encourage or facilitate any illegal activity.
- Commercial Exploitation (Except for Authorized Bookings):
Reselling, reproducing, deep-linking, using, copying, monitoring, displaying, downloading, or publishing any content or information, software, products, or services available on the Site for any commercial or competitive activity without the express prior written consent of the Company.
- Data Harvesting and Scraping:
Employing any automated device, process, or means (such as "robot," "spider," "scraper," "deep-link," or other data mining tools) to access, acquire, copy, or monitor any portion of the Site, the data, or the content on the Site.
- Security Interference:
Attempting to gain unauthorized access to, interfere with, damage, or disrupt any parts of the Site, the server on which the Site is stored, or any server, computer, or database connected to the Site. This includes introducing viruses, Trojans, worms, logic bombs, or other malicious or technologically harmful material.
- Fraudulent Booking:
Making any speculative, false, or fraudulent Reservation, or any Reservation in anticipation of demand. Reservations must be made with the genuine intent to use the accommodation.
- Misrepresentation and Impersonation:
Impersonating any person or entity, falsely stating or otherwise misrepresenting an affiliation with a person or entity, or using false credit card information or false identities to make a Reservation.
- Harmful or Abusive Conduct:
Posting or transmitting any material that is abusive, obscene, threatening, libelous, defamatory, or otherwise objectionable, or that violates the rights of others, including their privacy or intellectual property rights.
- Disruption of Service:
Taking any action that imposes an unreasonable or disproportionately large load on the infrastructure of the Site or its underlying systems.
Any breach of these prohibitions will constitute a serious breach of these GTC, potentially leading to the immediate termination of the User's access to the Site, cancellation of any existing Reservations, and legal action.
Point 3: Accommodation Provider Terms and Conditions
3.1. Nature of the Contract:
The Company acts exclusively as an intermediary platform for the purpose of facilitating Reservations between the User and the Accommodation Provider. By completing a Reservation through the Site, the User enters into a direct and legally binding contractual relationship with the Accommodation Provider whose details are provided in the booking confirmation (the "Accommodation Contract").
3.2. Incorporation of Partner Terms:
The User acknowledges and agrees that any Reservation is also subject to the specific terms and conditions, house rules, and policies of the respective Accommodation Provider. These Partner Terms govern the provision of the Accommodation Services, including, but not limited to:
- Check-in and check-out times.
- Specific services and amenities (or lack thereof).
- Rules regarding pets, smoking, or use of facilities.
- Liability during the stay.
3.3. Responsibility for the Stay: T
he Company shall not be a party to the Accommodation Contract. The Accommodation Provider is solely responsible for:
- Honoring the confirmed Reservation.
- Providing the accommodation and related services as described on the Site.
- Handling all disputes, claims, and damages arising out of or in connection with the accommodation services or the stay itself.
3.4. Cancellation and Modification Policies:
The specific terms and conditions regarding cancellations, modifications, no-shows, and refunds are determined by the individual Accommodation Provider and are displayed on the Site during the booking process and in the confirmation email. The User must carefully review these policies before making a Reservation, as they are binding upon the User once the Reservation is confirmed.
3.5. Company Liability Limitation:
To the fullest extent permitted by law, the Company shall not be liable for any act, error, omission, breach, gross negligence, misrepresentation, or non-performance by the Accommodation Provider, including any personal injury, property damage, or other loss, resulting from the Accommodation Contract or the User's stay at the property.
Point 4: Competitions, Rewards, and Promotional Offers
4.1. General Applicability:
The Company may, from time to time, offer special promotions, competitions, rewards, loyalty programs, or discounts (collectively, "Promotional Offers"). Unless explicitly stated otherwise in the specific rules for that offer, this Section 4 governs the terms of participation.
4.2. Specific Rules:
All Promotional Offers are subject to these GTC, as well as separate, specific rules that will be made available on the Site for each particular competition or reward program. The specific rules, which may cover eligibility, participation methods, selection criteria, prize details, and expiry dates, will prevail over these general GTC in the event of a conflict.
4.3. Eligibility and Participation:
Participation in any Promotional Offer is open only to eligible Users as defined in the specific rules. By participating, the User agrees to be bound by the specific rules and the decisions of the Company, which shall be final and binding in all respects.
4.4. Redemption and Non-Transferability:
- Non-Monetary Value: Unless otherwise specified, rewards, credits, or prizes have no monetary value and cannot be exchanged for cash.
- Non-Transferable: Rewards, credits, or prizes are non-transferable and may only be used by the User to whom they were originally issued, in accordance with the specific conditions attached to the offer.
4.5. Modification and Termination:
The Company reserves the right, at its sole discretion and without prior notice, to:
- Modify or Terminate any Promotional Offer, loyalty program, or competition at any time.
- Disqualify any User found to be manipulating the entry process or operating in a manner contrary to the specific rules or the spirit of the promotion (e.g., fraudulent activity, abuse of the reward system).
4.6. Liability for Redemption:
The Company is not responsible for the quality or fitness for a particular purpose of any third-party products or services offered as rewards or prizes. Any claims related to the use of a prize must be directed to the third-party supplier.
Point 5: Privacy Policy and Data Protection
5.1. General Commitment and Separate Document:
The Company commits to processing Users' Personal Data with the utmost diligence and in strict compliance with applicable data protection laws and regulations, including, where applicable, the General Data Protection Regulation (GDPR). The complete and exhaustive details concerning the collection, use, storage, and security of the User's Personal Data are described in the Privacy Policy of Roomwaiy.com, which is incorporated into these GTC/GTS by reference and which the User is invited to consult carefully.
5.2. Nature of Data Collected:
The Company collects various categories of Personal Data necessary for the provision and improvement of its Services. This data may include, but is not limited to:
- Identification Data: Name, first name, email address, phone number, postal address.
- Reservation Data: Stay details, names of travelers, accommodation preferences.
- Payment Data: Information necessary for transaction processing (card type, expiry date), which is handled by a secure payment provider, as the Company does not store full bank details.
- Technical Data: IP address, browser type, navigation data, pages visited, access timestamp, and data collected via cookies and other tracking technologies.
5.3. Purposes of Processing:
Personal Data is collected and processed primarily for the following purposes, which constitute the legal basis for processing:
- Contract Execution: To process and manage Reservations, issue confirmations, and ensure service follow-up.
- Legitimate Interest: To improve the User experience, personalize displayed offers, perform statistical analyses on Site usage, and prevent fraud.
- Legal Obligation: To respond to legal requests from authorities or comply with accounting and tax obligations.
- Consent: To send marketing communications and newsletters, where the User's explicit consent has been collected.
5.4. Data Transmission to Partners:
The User understands and accepts that for the purpose of executing the Reservation, the Company must necessarily transfer the relevant Personal Data (Name, First Name, stay dates, preferences) to the Accommodation Provider concerned so that the latter can manage the Accommodation Contract. The Company is not responsible for the privacy practices of Accommodation Providers or linked third-party sites.
5.5. User Rights (GDPR):
In accordance with current regulations, the User has the following rights concerning their Personal Data, which can be exercised by contacting the Company via the dedicated address:
- Right of Access: To obtain confirmation that data concerning them is being processed and, if so, to obtain a copy.
- Right to Rectification: To request the correction of inaccurate or incomplete data.
- Right to Erasure ("Right to be Forgotten"): To request the erasure of their data, under certain conditions.
- Right to Restriction of Processing: To request the restriction of data processing.
- Right to Object: To object to the processing of their data, particularly for direct marketing purposes.
- Right to Data Portability: To receive the data in a structured and machine-readable format transferable to another data controller.
5.6. Data Security:
The Company implements appropriate technical and organizational security measures to protect Personal Data against destruction, loss, alteration, unauthorized disclosure, or illegal access, whether accidental or unlawful.
Point 6: Information Collection
The Company collects Information about the User through various direct and indirect means, as detailed below:
6.1. Information Provided Directly by the User:
This category of data is collected when the User voluntarily interacts with the Site and the Services. The User provides this information when they:
- Create an Account: Registration details, including name and email address.
- Make a Reservation: All necessary details for the booking process, such as travel dates, passenger names, contact information (phone number, address), and accommodation preferences.
- Process Payment: Financial information required for the transaction, such as credit card type, expiry date, and billing address (though full payment details are processed securely by a third-party gateway, not stored by the Company).
- Communicate with Customer Service: Information provided through emails, chat support, or telephone calls, including details about inquiries, complaints, or feedback.
- Participate in Promotions: Data submitted when entering competitions, surveys, or signing up for newsletters and marketing communications.
6.2. Information Collected Automatically During Site Use (Technical Data):
When the User accesses and uses the Site, the Company automatically collects certain technical data via technologies such as cookies, web beacons, and server logs. This includes:
- Device Information: IP address, unique device identifiers, operating system, and browser type.
- Usage Data: Pages viewed, the sequence of pages visited, search queries performed, time spent on the Site, and referral sources (the website the User came from).
- Location Data: Approximate location derived from the IP address, used for statistical purposes and potentially for tailored content (e.g., showing relevant currency or local promotions).
6.3. Information Collected from Third-Party Sources:
In certain circumstances, the Company may receive information about the User from external entities. These sources include:
- Accommodation Providers/Partners: Information related to the stay, such as confirmation of check-in/check-out, modifications, or cancellation status, which helps in managing the Reservation.
- Payment Service Providers: Confirmation regarding the status of the payment transaction (e.g., successful or failed).
- Affiliate Partners: Information about the User's navigation if they accessed the Site via a third-party affiliate link.
- Public Sources: Data from publicly accessible sources, used for verifying identity or improving data accuracy where permitted by law.
6.4. Use of Cookies and Tracking Technologies:
The Site uses cookies to enhance the User experience. These cookies are used to:
- Remember User preferences (e.g., language, currency).
- Analyze Site traffic and user behavior.
- Deliver targeted advertising. Detailed information on the types of cookies used and how the User can manage or refuse their consent is provided in the dedicated Cookie Policy.
Point 7: Information Collected from Third Parties
In addition to the information provided directly by the User (Point 6.1) and the data collected automatically during Site usage (Point 6.2), the Company may obtain certain Personal Data from external sources ("Third Parties"). The collection from these sources is undertaken to ensure the efficiency, personalization, security, and quality of the Service.
7.1. Accommodation Providers (Partners):
The Company receives information from the Accommodation Providers with whom the User has booked a stay. This data is essential for managing the booking life cycle and includes, but is not limited to:
- Booking Status Updates: Confirmation of reservation acceptance, modifications, or cancellation notices.
- Stay Information: Details regarding check-in and check-out to verify the booking fulfillment.
- Post-Stay Feedback: In some cases, feedback or reviews provided to the Partner about the stay which may be relayed to the Company.
7.2. Payment Service Providers (PSPs):
When the User makes a payment, the transaction is handled by independent PSPs. The Company receives confirmation or information from these PSPs regarding:
- Transaction Status: Confirmation that the payment has been successfully processed, failed, or refunded.
- Security & Fraud Checks: Results of fraud screening and risk assessments necessary to protect against unauthorized transactions.
7.3. Business and Marketing Partners (Affiliates):
The Company works with various marketing and affiliate partners to promote the Site. Information received from these sources includes:
- Referral Data: The source that directed the User to the Roomwaiy.com Site (a specific advertisement or partner website).
- Demographic/Interest Data: Non-personally identifiable demographic data or inferred interests (aggregated) used to understand the audience and tailor marketing efforts, where legally permissible.
7.4. Security and Fraud Prevention Entities:
To protect the integrity of the Site and the transactions, the Company may receive data from specialized fraud detection services or credit agencies related to:
- Risk Scores: Assessment scores related to the likelihood of fraudulent activity associated with a given account or transaction.
7.5. Publicly Available Sources:
In certain limited circumstances, the Company may collect data from public sources, such as public databases or social media platforms, for purposes of verifying information or professional networking, provided that such collection complies with applicable laws.
7.6. Legal Basis and Transparency:
The Company only collects and processes data from Third Parties where there is a valid legal basis (contractual necessity, legitimate interest, or explicit consent). The User is entitled to exercise their rights (including access, rectification, and erasure) regarding all collected data, regardless of the source, as detailed in the separate Privacy Policy.
Point 8: Use of Your Information (Purposes of Processing)
The Company uses the User's Personal Data exclusively for the purpose of providing, improving, securing, and promoting the Services of the Roomwaiy.com Platform. These uses are strictly based on the legal grounds described in the Privacy Policy.
8.1. Provision and Execution of the Reservation Service (Contractual Basis):
The primary use of the information is to enable the execution of contractual obligations. This includes:
- Reservation Processing: Confirming, managing, modifying, or canceling Reservations made by the User.
- Essential Communication: Sending Reservation confirmations, receipts, stay reminders, and any necessary communication related to the provision of the Service.
- Account Management: Creating and maintaining the User account, verifying identity, and facilitating access to past and future Reservations.
- Customer Support: Responding to the User's requests, questions, or complaints before, during, and after the stay.
- Payment Processing: Transmitting financial information to payment providers to finalize the transaction and manage refunds or payment disputes.
8.2. Improvement of Experience and Platform (Legitimate Interest):
The information is used to optimize the functioning of the Site and personalize the offer:
- Personalization: Adapting the display of search results, prices, and offers based on the User's browsing history, geographical, or linguistic preferences.
- Performance Analysis: Conducting statistical analyses and market studies on the use of the Site (browsing behavior, popularity of destinations) to identify areas for improvement of the Service and features.
- Development of New Features: Using User feedback and usage data to develop and test new offers, products, or services.
8.3. Marketing and Communication (Consent or Legitimate Interest):
Subject to the User's prior consent (for most direct communications) or within the framework of a legitimate interest for existing customers:
- Promotional Communications: Sending newsletters, price alerts, special offers, rewards, or information about Roomwaiy.com services that may interest the User.
- Targeted Advertising: Displaying relevant advertisements on the Site or on third-party platforms (social media) based on the User's profile and travel preferences.
- Surveys and Reviews: Inviting the User to leave a review of their stay or participate in satisfaction surveys.
8.4. Security, Fraud Prevention, and Legal Compliance (Legal Obligation and Legitimate Interest):
The information is essential for the protection of the Company and its Users:
- Site Security: Detecting, preventing, and investigating any illegal, fraudulent, or unauthorized activity, including platform abuse or unauthorized access attempts.
- Legal Compliance: Complying with applicable laws, regulations, and legal requests (including governmental requests or court orders) and exercising the Company's legal rights in case of litigation.
- Internal Audit: Conducting internal audits to ensure compliance with internal policies and regulatory requirements.
Point 9: Your Privacy Rights (Data Subject Rights)
The Company is committed to ensuring that the User has full control over their Personal Data. In accordance with current laws, particularly the GDPR, the User has a set of rights that they can exercise at any time by contacting the Company's Data Protection Officer (DPO), whose contact details are provided in the full Privacy Policy.
9.1. Right of Access and Confirmation:
The User has the right to obtain confirmation from the Company that their Personal Data is or is not being processed. If it is, the User has the right to access this data and obtain precise information on:
- The purposes of the processing.
- The categories of Personal Data concerned.
- The recipients or categories of recipients to whom the data has been or will be disclosed (especially Partners and service providers).
- The envisaged retention period of the data.
9.2. Right to Rectification (Correction):
The User has the right to obtain the rectification from the Company, without undue delay, of Personal Data concerning them that is inaccurate. Taking into (an) account the purposes of the processing, the User also has the right to have incomplete Personal Data completed, including by providing a supplementary statement.
9.3. Right to Erasure ("Right to be Forgotten"):
The User has the right to obtain the erasure of their Personal Data without undue delay when one of the following grounds applies (subject to legal exceptions, such as the obligation to retain for tax or legal reasons):
- The data is no longer necessary in relation to the purposes for which it was collected.
- The User withdraws the consent on which the processing is based, and there is no other legal ground for the processing.
- The User objects to the processing and there are no overriding legitimate grounds for the processing.
- The data has been unlawfully processed.
9.4. Right to Restriction of Processing:
The User has the right to obtain the restriction of processing from the Company in the following cases:
- The User contests the accuracy of the Personal Data (for a period enabling the Company to verify the accuracy).
- The processing is unlawful, and the User opposes the erasure and requests the restriction of its use instead.
- The Company no longer needs the data for the purposes of the processing, but they are required by the User for the establishment, exercise, or defense of legal claims.
9.5. Right to Data Portability:
Where the processing is based on consent or on a contract and is carried out by automated means, the User has the right to receive the Personal Data concerning them, which they have provided to the Company, in a structured, commonly used and machine-readable format. They also have the right to transmit those data to another controller without hindrance from the Company.
9.6. Right to Object:
The User has the right to object at any time, on grounds relating to their particular situation, to the processing of their Personal Data based on the legitimate interest of the Company, including profiling. In such a case, the Company shall no longer process the data unless it demonstrates compelling legitimate grounds for the processing which override the interests and the rights and freedoms of the User.
- Objection to Direct Marketing: The User has the absolute right to object at any time to the processing of their data for direct marketing purposes.
9.7. Right to Withdraw Consent:
If the processing of data is based on the User's consent, the User has the right to withdraw their consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
9.8. Procedure for Exercising Rights:
To exercise any of these rights, the User must submit a clear and precise request:
- By email to the designated address (e.g., privacy@roomwaiy.com).
- By postal mail to the Company's headquarters address. The Company may require proof of identity to ensure that data is not disclosed to an unauthorized person. The Company undertakes to respond to the request within the legal deadline (generally one month from receipt).
9.9. Right to Lodge a Complaint:
The User has the right to lodge a complaint with a competent supervisory authority if they consider that the processing of their Personal Data constitutes a violation of the applicable legislation.
Point 10: Data Security and Protection (Technical and Organizational Measures)
The Company recognizes the importance of Personal Data security and commits to implementing a set of robust and evolving security measures, both at the technical and organizational levels, to protect data against unauthorized access, disclosure, modification, loss, or destruction, whether accidental or unlawful.
10.1. Technical Security Measures:
- Encryption:
- Secure Transmission: All data communications between the User's browser and Roomwaiy.com servers are encrypted using TLS/SSL (Transport Layer Security / Secure Sockets Layer) technology.
- Encryption at Rest: Sensitive Personal Data (including certain identification and payment data) is stored in encrypted and secured databases where technically feasible and necessary.
- Logical Access Control:
- Access to systems containing Personal Data is strictly controlled by strong authentication mechanisms (robust passwords, Multi-Factor Authentication - MFA).
- Access is limited according to the Least Privilege principle, meaning that only personnel with a legitimate and defined need for the execution of their tasks have access to specific data.
- Network Security:
- Use of Firewalls and Intrusion Detection and Prevention Systems (IDS/IPS) to monitor and block malicious traffic.
- Network segregation (Demilitarized Zones - DMZ) to isolate public servers from internal systems containing sensitive data.
- Backup and Recovery:
- Implementation of regular data backup procedures to ensure the ability to restore the availability and access to Personal Data in the event of a physical or technical incident.
- Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP) are regularly tested.
10.2. Organizational and Procedural Measures:
- Personnel Awareness and Training:
- All Company personnel with access to Personal Data receive regular and mandatory training on security best practices, confidentiality, and legal obligations (GDPR).
- Internal Security Policies:
- Documentation and implementation of clear policies regarding data handling, storage, and destruction.
- Strict procedures for password management and equipment access.
- Security Incident Management:
- Establishment of a detailed plan for responding to security incidents (including personal data breaches) to ensure detection, assessment, notification to supervisory authorities (if required), and to Users (if necessary) within legal deadlines (maximum 72 hours).
- Third-Party Vendor Assessments:
- The Company contractually imposes strict security and confidentiality clauses on all its subcontractors (Accommodation Providers, payment providers, cloud providers) and performs a reasonable verification of their security practices (Due Diligence).
- Audits and Periodic Testing:
- The Company conducts or commissions regular security audits and Penetration Tests to identify and correct system vulnerabilities.
10.3. Data Storage and Retention:
- Location: Personal Data is stored in secure data centers located in jurisdictions offering an adequate level of protection. In case of data transfer outside the European Economic Area (EEA), the Company ensures that appropriate safeguards (such as the European Commission's Standard Contractual Clauses) are in place.
- Retention Period: Personal Data is kept only for the period strictly necessary to fulfill the purposes for which it was collected (Point 8) or for the duration required by law (e.g., tax obligations, litigation). Once this period has elapsed, the data is either anonymized or securely destroyed.
10.4. Exclusion of Liability (Limit): While the Company strives to use commercially acceptable measures to protect Personal Data, no method of transmission over the Internet or electronic storage is completely secure. The User acknowledges that the security of information also depends on their diligence in maintaining the confidentiality of their own access credentials.
Point 11: Children's Privacy
The protection of children's personal data is a priority for the Company. The Roomwaiy.com Site and Services are not intended for minors, and the Company adopts a strict policy to ensure that no child's data is knowingly collected or processed without the required parental consent.
11.1. Age Restriction and Target Audience:
- The Roomwaiy.com Site and Services are exclusively intended for adults (persons 18 years of age and older) or individuals who have reached the age of legal majority in their jurisdiction of residence.
- Use of the Site and the making of Reservations are only authorized for adults capable of entering into a legally binding contract.
11.2. Prohibition of Knowing Collection:
- The Company commits not to knowingly collect Personal Data from children under the required minimum age (generally 16 in Europe or 13 under US laws, unless specific local legislation applies).
- If the Company becomes aware that a minor has provided Personal Data without the verifiable consent of their parents or legal guardians, the Company will immediately take steps to delete this information from its servers and databases.
11.3. Information Regarding Minors in a Family Reservation Context:
- Children's Personal Data may only be collected and processed when this information is provided by a parent or legal guardian as part of a Reservation.
- This information is strictly limited to the Personal Data necessary for the execution of the Accommodation Contract (examples: child's name, first name, and date of birth for determining hotel rates, room allocation, or identification with the Accommodation Provider).
- The parent or legal guardian providing this information guarantees to the Company that they have the necessary and legal consent to disclose the child's data for this purpose.
11.4. Parental Monitoring:
- Parents and legal guardians are encouraged to monitor their children's internet use and to help enforce this Policy by requesting the deletion of any unauthorized information.
- Any parent or guardian who has reason to believe that their minor child has provided Personal Data to the Company without consent must immediately contact the Customer Service or the Data Protection Officer (DPO) of the Company.
11.5. User Responsibility:
- By accepting these GTC/GTS and making a Reservation, the User confirms they are of legal age and legally capable. The User assumes full responsibility in the event of any misrepresentation regarding their age or the unauthorized disclosure of a minor's data.
Point 12: Disclosure of Your Information (Sharing with Third Parties)
The Company commits not to sell, rent, or trade Users' Personal Data for commercial purposes. Your information is only disclosed to third parties to the extent strictly necessary and for the legitimate purposes set out below.
12.1. Direct Reservation Partners (Accommodation Providers):
Disclosure to Accommodation Providers is essential for the execution of the Accommodation Contract. For the Reservation to be honored, the Company must transmit the User's Personal Data directly to the relevant Accommodation Provider. This information includes:
- Identification Data (Name, First Name, contact).
- Reservation details (dates, room type, special preferences, number of people).
- Limited payment information necessary for confirmation or prepayment, where applicable.
12.2. Third-Party Service Providers (Processors):
The Company may use third-party companies and individuals to facilitate its Services (processors within the meaning of the GDPR). These providers act on behalf of Roomwaiy.com and are contractually obliged to ensure a level of data security and confidentiality equivalent to that of the Company. This category includes:
- Payment Providers: For the secure processing of credit/debit card transactions and fraud prevention.
- Cloud Hosting and Storage Providers: For hosting the Platform's servers and databases.
- Analytics Service Providers: For analyzing Site usage and improving performance.
- Communication Services: Platforms for sending emails, SMS, or newsletters.
- Customer Support Services: Tools and systems used to manage User requests.
12.3. Commercial and Marketing Partners (With Consent):
Your information may be shared with business partners or third-party advertisers if you have given your explicit consent to receive offers from them. This may include:
- Advertising platforms for targeting promotions.
- Affiliate services for tracking commissions.
12.4. Business Transfers:
In the event that the Company is involved in a merger, acquisition, reorganization, asset sale, or bankruptcy proceeding, Users' Personal Data may be part of the transferred assets. The Company commits to notifying the User and ensuring that the new entity respects the current Privacy Policy.
12.5. Legal Requirements and Protection of Rights:
The Company may disclose your Personal Data if it believes, in good faith, that such action is necessary to:
- Comply with a Legal Obligation: To comply with a subpoena, court order, legal process, or any other applicable governmental requirement.
- Protect Rights and Safety: To protect the rights, property, or safety of Roomwaiy.com, its employees, its Users, or the public, including enforcing these GTC/GTS and detecting fraud.
- Security Investigations: To assist competent authorities in investigations relating to illegal or potentially illegal activities.
12.6. International Data Transfers:
Given the global nature of booking services, your information may be transferred to countries located outside your jurisdiction of residence or the European Economic Area (EEA). In such a case, the Company ensures that the transfer is framed by appropriate safeguards, such as:
- An adequacy decision by the European Commission.
- Standard Contractual Clauses (SCCs) adopted by the European Commission.
- Obtaining the User's explicit consent for the proposed transfer.
Point 13: International Data Transfer (Transfers Outside the Jurisdiction)
Due to the global nature of travel intermediation services and the technological infrastructure used to operate the Platform, the User's Personal Data is likely to be transferred to countries located outside their jurisdiction of residence, including countries outside the European Economic Area (EEA).
13.1. Necessity of the Transfer:
Transfers of Personal Data outside the jurisdiction are primarily carried out for the following reasons:
- Execution of the Accommodation Contract: The transfer is imperative if the Accommodation Provider selected by the User is located in a third country (e.g., a hotel booked in Asia by a European customer). The transfer is necessary for the conclusion and execution of the Reservation.
- Technical Infrastructure: The use of Cloud service providers, analytical tools, or customer support tools based abroad (e.g., servers in the United States, support centers in Asia).
13.2. Transfer Safeguards (Applicable to EEA/GDPR):
When Personal Data of Users based in the EEA or the United Kingdom is transferred to countries not offering a level of data protection considered adequate by the European Commission, the Company implements strict protection mechanisms to ensure that the data remains protected in accordance with European standards. These safeguards include, but are not limited to:
- Standard Contractual Clauses (SCCs): The signing of standard contractual clauses adopted by the European Commission with data recipients, obliging the recipient to maintain protection standards equivalent to the GDPR.
- Adequacy Decisions: Transfer to third countries that have been subject to an adequacy decision by the European Commission.
- Binding Corporate Rules (BCRs): For transfers within groups of companies, if the Company or the recipient has them.
13.3. Transfers Based on Exceptions (Derogations):
In cases where the above safeguards cannot be implemented (particularly when sending data to a foreign Accommodation Provider), the transfer may be carried out based on a derogation provided for by law, primarily:
- Explicit Consent: When the User has given their explicit consent to the proposed transfer, after being informed of the potential risks.
- Contractual Necessity: When the transfer is necessary for the execution of the contract between the User and the Company (e.g., finalizing the Reservation) or for the implementation of pre-contractual measures taken at the User's request.
13.4. User Responsibility (Transfer to Accommodation Provider):
The User acknowledges that by choosing to book accommodation in a third country, they necessarily accept the transfer of their Personal Data to that country so that the Accommodation Provider can honor the Reservation. The User is informed that the data protection laws in force in the Accommodation Provider's country may not offer the same level of protection as those in their jurisdiction of residence.
Point 14: Group Sharing (Affiliated Entities)
The Company is part of a group of companies (hereinafter the "Roomwaiy Group") and, for operational reasons, administrative efficiency, security, and to offer a more coherent service, the User's Personal Data may be shared with other entities that belong to the same Roomwaiy Group or that are under the same control.
14.1. Purposes of Internal Sharing:
Sharing information within the Group is carried out for the following purposes:
- Centralized Management: Ensuring centralized management and support for Reservations and User accounts.
- Technical Support: Allowing the Group's technical and IT teams to ensure the maintenance, improvement, and security of the systems and databases used by Roomwaiy.com.
- Compliance and Audit: Facilitating compliance with internal Group legal and regulatory obligations (audits, risk management).
- Cross-Service Marketing (Legitimate Interest): Offering the User travel or accommodation related services and products offered by other entities of the Group, unless the User has objected.
14.2. Categories of Shared Data:
The categories of data shared internally are limited to those necessary to achieve the aforementioned purposes and may include:
- Identification Data (Name, contact).
- Reservation history and account activity.
- Site Analysis and Performance Data.
14.3. Guarantee and Legal Basis:
- Legal Basis: This sharing is generally based on the legitimate interest of the Company to ensure the efficiency of its commercial operations within a group of companies.
- Guarantee: All entities in the Roomwaiy Group are contractually bound by the Privacy Policy of Roomwaiy.com and are required to apply data protection and security standards equivalent to those described in these GTC/GTS. Internal transfer is considered data processing on the same basis as if it were carried out by the Company itself.
14.4. Right to Object:
The User has the right to object to the sharing of their Personal Data with other Group entities for direct marketing purposes. To exercise this right, the User must contact the Company's DPO as indicated in Point 9.
Point 15: Your Personal Information at Roomwaiy.com (Detail of Collection and Purposes of Use)
The purpose of this point is to inform you exhaustively about the nature of the Personal Data that the Company collects from you and the precise purposes for which this data is processed, thereby ensuring complete transparency.
15.1. What Personal Data Do We Collect?
The Company collects several categories of information, necessary for the provision and improvement of its Services.
- Identification and Contact Data: This information is provided directly by the User during registration or Reservation. It obligatorily includes your name, first name, valid email address, phone number, postal address, and country of residence. This is essential for contacting you regarding your stay.
- Reservation and Transaction Data: This includes the specific details of your order, such as stay dates, desired room type, names of other travelers, special preferences requested from the Accommodation Provider (e.g., baby crib, accessibility), as well as the history of your past Reservations and their status (cancellation or modification). This data is directly provided by you and updated by our Partners.
- Financial Data (Limited): During payment, we collect information necessary for the transaction. This includes the type of payment card, its expiration date, and the last four digits of the card number. It is important to note that, for your security, full credit card numbers are not stored by Roomwaiy.com but are securely processed by our certified payment provider.
- Technical and Usage Data: This data is automatically collected when you use the Site. It includes your IP address, device identifiers (from cookies), browser type and version, operating system, the pages you visit, the search queries you perform on the Site, the duration of your visit, and the referring website that directed you to Roomwaiy.com.
- Communication and Feedback Data: We collect the content of emails exchanged with our Customer Support, the reviews and ratings you leave on Accommodation Providers, and, where applicable (if legally authorized and notified), recordings of phone calls, for quality and training purposes.
15.2. How (Purposes) Do We Use Your Information?
The collected information is used for specific and legitimate purposes, detailed below by the legal basis of the processing:
A. Execution of Contractual Services (Contractual Necessity): The primary use of your data is to enable the execution of obligations arising from the Reservation. Your Identification, Reservation, and Financial Data are used to process the Reservation, guarantee payment, and send you necessary confirmations and receipts. Furthermore, essential data is imperatively transferred to the Accommodation Provider so that they can honor your stay. Finally, we use this data to ensure effective After-Sales Service, capable of managing your queries, modifications, or cancellations.
B. Platform Improvement and Security (Legitimate Interest of the Company): As part of the continuous improvement of our services, we use your Technical and Usage Data to perform statistical analyses on the Site's effectiveness, browsing flows, and to identify and correct technical errors. We also use Financial Data and IP addresses to implement measures for fraud and platform abuse prevention. To enhance your experience, your Reservation and Technical Data may be used for personalizing the offer displayed on the Site.
C. Commercial and Marketing Communication (User Consent): Subject to having obtained your explicit consent, we use your Identification and Contact Data to send you direct marketing communications, such as newsletters, price alerts, or special promotions. You always retain the right to withdraw this consent and unsubscribe from these communications at any time.
D. Legal Compliance (Legal Obligation): We retain and use certain of your Personal Data (notably Transaction and Identification Data) for compliance with our legal obligations, such as the retention of tax or accounting records required by law, or to respond to legal injunctions or court orders.
Point 16: Your Rights as a User
By using the Roomwaiy.com Platform, the User benefits from contractual and legal rights, which are detailed below:
16.1. Right to Information and Transparency:
The User has the right to be clearly and transparently informed about:
- These General Terms and Conditions (GTC/GTS) before any Reservation.
- The essential characteristics of the accommodation service offered by the Accommodation Provider, including the description, prices, and cancellation policies.
- The complete identity of the Company (Roomwaiy.com) and the Accommodation Provider concerned by the Reservation.
- The total price, all taxes included, encompassing all applicable mandatory fees.
16.2. Contractual Rights Related to the Reservation:
The User has the rights arising from the Accommodation Contract concluded with the Accommodation Provider, subject to the specific cancellation and modification policies of the reservation:
- Right of Withdrawal/Cancellation: The right to cancel or modify a Reservation is governed strictly by the Accommodation Provider's policy as displayed at the time of Reservation. The User is entitled to a refund according to the terms of this policy.
- Right to Conforming Service: The User has the right to expect the Accommodation Provider to provide the accommodation service in accordance with the description made on the Site at the time of Reservation.
- Contractual Claim: In the event of non-conformity or a major problem during the stay, the User has the right to file a claim directly with the Accommodation Provider, and to inform Roomwaiy.com Customer Service for assistance.
16.3. Privacy and Data Protection Rights:
The User benefits from all rights concerning their Personal Data, as exhaustively set out in Point 9 (Your Privacy Rights) of these GTC/GTS. These rights notably include:
- The right to access and rectify their data.
- The right to erasure (right to be forgotten).
- The right to object to the use of their data for direct marketing purposes.
- The right to data portability.
16.4. Right of Recourse:
In case of a dispute with the Company regarding the application of these GTC/GTS, the User has the right to file a recourse or a complaint, according to the procedures provided for in Section VII (Applicable Law and Competent Jurisdiction).
16.5. Exercise of Rights:
To exercise their contractual rights related to a Reservation (cancellation, modification), the User must use the tools made available on the Site or contact Roomwaiy.com Customer Service. To exercise privacy rights, the User must follow the procedure specified in Point 9.
Point 17: Management of Your Information
The Company is committed to ensuring that the Personal Data it holds about the User is accurate, complete, and up to date. We implement procedures to ensure data quality and its secure destruction when it is no longer needed.
17.1. Data Accuracy and Updating:
- User Responsibility: The User is responsible for the accuracy and completeness of the information they provide to Roomwaiy.com. They are required to promptly update their Personal Data via their User account on the Site, or by contacting Customer Service, in case of any change (for example, change of email address or phone number).
- Maintenance by the Company: The Company strives to update Personal Data if it is informed of an inaccuracy (for example, following feedback from the Accommodation Provider or notification from the User).
17.2. Data Retention Period (Retention Policy):
- Limitation Principle: Personal Data is kept only for the period strictly necessary to fulfill the purposes for which it was collected (see Point 15) and in accordance with applicable legal and regulatory requirements.
- Reservation Data: Data related to a specific Reservation (contract) is generally retained for the duration of the contractual relationship, plus the legal statute of limitations period necessary for the establishment, exercise, or defense of legal claims (for example, often 5 or 10 years depending on the jurisdiction).
- Account Data: User account identification data is retained as long as the account remains active. In case of prolonged inactivity (duration defined by internal policy) or deletion requested by the User, the data is anonymized or securely destroyed, subject to minimum legal retention obligations.
- Marketing Data: Data used for direct marketing purposes is retained until the User has withdrawn their consent.
17.3. Destruction and Anonymization Procedures:
- At the end of the applicable retention period, the Company commits to securely delete or anonymize the Personal Data so that it can no longer be linked to the User.
- Anonymization allows the data to be used for aggregated statistical analysis (travel trends) without any possible individual identification.
17.4. User Access and Control:
- The User has direct means (account interface) to view and modify some of their information.
- The full exercise of User rights (access, rectification, erasure, objection, etc.) is governed by Point 9 (Your Privacy Rights) and must be initiated via the specified formal request procedure.
Point 18: Correction of Inaccurate or Incomplete Information
The User has the absolute right to require the Company to rectify or complete Personal Data concerning them that is inaccurate or incomplete without undue delay. This right is a key component of the right to rectification, as stated in Point 9.
18.1. User Obligation of Accuracy:
The User is the initial guarantor of the truthfulness and accuracy of the information they provide during registration and any Reservation. Any modification of their contact details or personal information (for example, change of email address or name) must be reported or carried out without delay.
18.2. Rectification Procedure:
To correct or complete their Personal Data, the User has two options:
- Via the User Account: The User is encouraged to use their Roomwaiy.com account interface to directly modify editable profile information (such as name, phone number, or email address). The rectification is then immediately taken into account in the system.
- Via Formal Request to the DPO: For information that cannot be modified directly online, or to exercise their right to rectification in a formal and documented manner, the User must address a written and dated request to the Company's Data Protection Officer (DPO), clearly specifying:
- The User's identity.
- The current and incorrect data.
- The rectified or completed data.
18.3. Processing Timeframe:
The Company commits to proceeding with the rectification or addition of information as quickly as possible after receipt of the formal request and verification of the User's identity, and in any case within the legal timeframe of one month (unless a justified extension is needed).
18.4. Consequences of Inaccuracy:
The Company declines all responsibility for any consequence resulting from the provision of false, inaccurate, or incomplete information by the User. In case of a Reservation, incorrect data could lead to refusal of access by the Accommodation Provider or essential communication problems.
Point 19: Right of Access to Data and Portability
The Company guarantees the User the exercise of the rights of access and portability of Personal Data, in accordance with applicable data protection laws.
19.1. Right of Access to Data:
- Purpose of the Right: The User has the right to obtain confirmation from the Company that their Personal Data is being processed and, if so, to obtain access to the said data and receive a copy.
- Content of Access: This right gives access not only to the raw data but also to detailed information concerning the processing, notably:
- The purposes of the processing (see Point 15).
- The categories of Personal Data concerned (see Point 15).
- The recipients or categories of recipients (see Point 12).
- The envisaged retention period (see Point 17).
- The existence of the right to request rectification or erasure.
- Modality of Exercise: The request for access must be addressed in writing (mail or email) to the Company's Data Protection Officer (DPO). The Company will provide a response and access within the legal timeframe (generally one month) after verifying the applicant's identity.
19.2. Right to Data Portability:
- Scope of Application: The right to portability applies only to Personal Data that the User has provided to the Company and when the processing is based on consent or the execution of a contract (Reservation), and is carried out using automated means.
- Purpose of the Right: The User has the right to receive their Personal Data in a structured, commonly used, and machine-readable format (e.g., CSV, XML).
- Direct Transfer: The User also has the right to obtain that their Personal Data be transmitted directly by the Company to another data controller, where technically feasible.
- Modality of Exercise: The request for portability must be addressed in writing (mail or email) to the Company's DPO. Following identity verification, the Company commits to providing the data in the required format within the legal timeframe.
19.3. Exceptions and Limitations:
The Company may refuse to grant the request or limit it if:
- The right of access or portability is likely to infringe on the rights and freedoms of others (e.g., disclosure of third-party data).
- The request is manifestly unfounded or excessive (in which case reasonable fees based on administrative costs may be charged).
Point 20: Data Retention and Erasure (Retention and Right to be Forgotten)
The Company applies the principle of storage limitation, which means that Personal Data is retained only for the period strictly necessary to fulfill the purposes for which it was collected, or to meet mandatory legal requirements.
20.1. Retention Principles:
- Duration Necessary for Contract Execution: Data related to your account and your Reservations (Name, contact details, order history) is retained for the entire duration of the active contractual relationship (as long as you have an active account or Reservation).
- Legal Statute of Limitations: After the end of the contractual relationship or account closure, certain data is securely archived and retained for the legal statute of limitations applicable to commercial disputes or tax and accounting obligations (often between 5 and 10 years, depending on the jurisdiction of the Company's headquarters). This data is subject to very strict access restrictions.
- Marketing Data: Data used for commercial prospecting or marketing purposes is retained until the User withdraws their consent or exercises their right to object.
- Technical Data: Connection and usage data (logs, IP) may be retained for shorter periods, generally for the duration necessary for fraud detection and security maintenance (often 12 to 13 months).
20.2. Right to Erasure ("Right to be Forgotten"):
- Purpose of the Right: The User has the right to request the erasure of their Personal Data without undue delay (right to be forgotten) when:
- The data is no longer necessary in relation to the purposes for which it was collected.
- The User withdraws their consent (and there is no other legal basis for the processing).
- The User objects to the processing, and there are no overriding legitimate grounds for maintaining it.
- The processing was unlawful.
- Exceptions to the Right to Erasure: The Company cannot proceed with the erasure of data when its retention is necessary for:
- Compliance with a legal obligation requiring processing (e.g., tax obligations).
- The establishment, exercise, or defense of legal claims.
20.3. Secure Erasure and Anonymization Procedure:
- When the retention period ends or an erasure request is accepted, the Company commits to making the personal data irreversibly anonymous (to use it for aggregated statistical purposes) or to destroy it securely (for example, by cryptographic erasure), ensuring that it can no longer be restored or linked to the User.
- The erasure request must be formally submitted to the Company's DPO, following the procedure described in Point 9.
Point 21: Withdrawal of Consent and Restriction of Processing
The Company recognizes and guarantees the User's right to control the use of their Personal Data through two crucial mechanisms: the withdrawal of consent and the temporary restriction of processing.
21.1. Right to Withdraw Consent:
- Principle: When the processing of Personal Data by the Company is based on the User's explicit consent (for example, for sending marketing newsletters or for certain uses of non-essential cookies), the User has the right to withdraw this consent at any time.
- Modalities of Withdrawal:
- Direct Marketing: For electronic marketing communications, the User can generally unsubscribe by clicking on the unsubscribe link included in each communication.
- Other Processing: For the withdrawal of consent concerning other specific processing, the User must address a formal request to the Company's Data Protection Officer (DPO).
- Consequences: The withdrawal of consent does not affect the lawfulness of processing based on consent carried out before such withdrawal. After withdrawal, the Company will cease the processing concerned, unless another legal basis (such as a legal obligation or a contract) justifies the continuation of processing for part of the data.
21.2. Right to Restriction of Processing:
- Principle: The User has the right to obtain from the Company the restriction of processing of their Personal Data in certain situations, acting as a "pause" on processing during a verification.
- Applicable Circumstances: This right can be exercised when:
- Accuracy Contested: The User contests the accuracy of their Personal Data (restriction applies for the duration enabling the Company to verify accuracy).
- Unlawful Processing: The processing is unlawful and the User opposes erasure and requests limitation of use instead.
- Defense of Rights: The Company no longer needs the data for the initial purposes, but they are still required by the User for the establishment, exercise, or defense of legal claims.
- Objection: The User has objected to processing based on legitimate interest (restriction applies during verification of the Company's overriding legitimate grounds).
- Consequences of Restriction: When processing is restricted, Personal Data can, with the exception of storage, only be processed with the User's consent, or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person.
21.3. Procedure: To exercise the right to withdraw consent (other than direct unsubscription) or the right to restriction, the User must follow the formal request procedure specified in Point 9 (Your Privacy Rights).
Point 22: Right to Object to Processing
The User has the right to object, at any time and on grounds relating to their particular situation, to the processing of their Personal Data by the Company.
22.1. Objection to Processing Based on Legitimate Interest or Public Interest Task:
- Principle: The User has the right to object to the processing of their data when it is based on a legitimate interest of the Company (such as performance analysis, Site improvement, or intra-group sharing for administrative reasons).
- Consequence: Upon receipt of the objection, the Company must immediately cease processing the Personal Data, unless it demonstrates:
- Compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the User; or
- The necessity of the processing for the establishment, exercise, or defense of legal claims.
- Procedure: The objection must be formalized in writing to the Company's Data Protection Officer (DPO), and the User is invited to specify the grounds related to their particular situation that justify their objection.
22.2. Objection to Direct Marketing (Absolute Right):
- Principle: The User has the absolute and unconditional right to object at any time to the processing of their Personal Data for commercial prospecting or direct marketing purposes, including profiling to the extent that it is related to such prospecting.
- Consequence: When the User exercises this right, the Company immediately ceases all processing of their data for these purposes.
- Modality: The objection can be exercised via the unsubscribe link present in electronic communications or via a formal request to the DPO (as specified in Point 9).
22.3. Right to Object and Fees:
The exercise of the right to object is free of charge. If the objection concerns the use of Personal Data for a non-essential feature of the Service, this will not affect access to the main Reservation Service.
Point 23: Third-Party Websites, Partners, and Associated Cookie Policies
The Roomwaiy.com Site may contain links to other websites that are not operated or controlled by the Company (hereinafter the "Third-Party Sites"). This clause defines the Company's responsibility regarding these sites and the use of data by external partners.
23.1. Lack of Control over Third-Party Sites:
- The Company declines all responsibility for the content, privacy policies, security practices, or actions of Third-Party Sites. The presence of a link to a Third-Party Site does not imply any endorsement or affiliation of the Company with that site.
- The User acknowledges that access to these Third-Party Sites is at their own risk and must consult the specific terms and conditions and privacy policy of these sites before any use or provision of personal information.
23.2. Partners and Cookies (e.g., StapeHotels and PRIVISA LLC):
- Interactions with Partners: As part of its activities (marketing, analysis, or payment services), Roomwaiy.com may interact with partner entities, such as StapeHotels or PRIVISA LLC, which may participate in the use or collection of data on the Site.
- Shared or Independent Responsibility: These partners may operate as processors (acting on behalf of Roomwaiy.com) or as independent data controllers, particularly concerning the use of third-party cookies on the Site.
- Cookie Policy: When a partner such as StapeHotels or PRIVISA LLC uses cookies or tracking technologies on the Platform, this use is detailed in the Company's complete Cookie Policy. This Policy specifies the role of each party and the means available to the User to manage or refuse these technologies.
- Data Transfer: The User is informed that, within the framework of the use of technologies by these partners, certain Personal Data (notably technical and usage data) may be shared with them for the purposes of analysis, targeted advertising, or service management, in accordance with the User's consent.
23.3. Exclusion of Liability:
The Company cannot be held responsible for the data collection policies and practices of Third-Party Sites or Partners (including, but not limited to, StapeHotels and PRIVISA LLC) acting as independent data controllers. For any question or complaint relating to their privacy practices, the User must contact the entity concerned directly.
Point 24: Reasons for Using Tracking Technologies (Cookies, Pixels, and Tags)
The Company uses cookies, web beacons, tags, and other similar technologies (hereinafter collectively the "Tracking Technologies") on the Roomwaiy.com Platform and in electronic communications for clear and essential reasons. This use is always carried out in compliance with your consent and your rights.
24.1. Functional Necessity (Strictly Necessary):
These technologies are used to ensure the proper functioning of the Site and the provision of basic services. They are essential for:
- Authentication: Allowing you to log in to your account and remain logged in during your session.
- Cart and Reservation: Enabling the smooth running of the Reservation process, by temporarily recording your selection items (dates, room type) before confirmation.
- Security: Detecting and preventing fraudulent activities or Site abuse.
- User Preferences: Memorizing choices you have made (such as language, local currency, or text size) to personalize your experience.
24.2. Performance Improvement and Analytics (Analytical):
The use of these tools allows the Company to understand how the Platform is used and to constantly improve it. They serve to:
- Audience Measurement: Compiling statistics on Site traffic, the number of unique visitors, the most visited pages, and the average duration of visits.
- Process Optimization: Identifying bottlenecks or performance problems on the Site (for example, pages that load slowly) to correct them.
- Campaign Effectiveness: Measuring the success of marketing campaigns by identifying where users who make a Reservation come from.
24.3. Marketing and Targeted Advertising (Advertising):
These technologies allow us to offer you more relevant offers and to finance the Platform's services. They are used to:
- Personalized Advertising: Displaying advertisements for destinations or accommodation services likely to interest you, based on your browsing history and search preferences.
- Exposure Limitation: Preventing the repetitive display of the same advertisement.
- Conversion Tracking: Measuring whether an advertisement has led to a Reservation on the Site, in order to fairly compensate advertising partners.
24.4. User Control: Roomwaiy.com's Cookie Policy provides complete information on the types of Tracking Technologies used and offers the User clear mechanisms to consent, refuse, or withdraw their consent for non-essential cookies (analytical and advertising). The User always has the possibility to manage these settings via the Site's preference management tools or their browser settings.
Point 25: Third-Party Involvement in Tracking and Data Use
The operation of the Site and the provision of tailored services require collaboration with various external parties who utilize the Tracking Technologies (cookies, pixels, etc.) described in Point 24. These Third Parties fall into specific categories based on their function:
25.1. Types of Third-Party Entities Involved:
- Accommodation Providers (Partners): While their primary role is service delivery (Point 12.1), they may utilize tracking mechanisms when the User is redirected to their own booking pages or during co-branded marketing campaigns.
- Analytics Service Providers: Entities such as Google Analytics, which collect and process technical and usage data on our behalf to help us understand Site performance and user behavior (Point 24.2).
- Advertising and Marketing Partners: Third-party networks, ad servers, and marketing platforms that use tracking technologies to display relevant advertisements both on the Site and on external websites (retargeting), based on the User's inferred interests (Point 24.3).
- Payment Service Providers: Parties that securely process payment details and often use their own tracking technologies for security and fraud prevention purposes (Point 12.2).
25.2. Specific Role of Mentioned Partners (StapeHotels and PRIVISA LLC):
- The Company specifically draws the User's attention to the potential involvement of partners such as StapeHotels and PRIVISA LLC (and other similar entities) in the processing of data via tracking technologies.
- These entities may act as joint controllers or independent controllers for certain tracking activities, particularly those related to the analysis of User behavior, the optimization of advertising delivery, or the management of specific services provided to Roomwaiy.com.
- When acting as independent controllers, their data processing practices are governed by their own respective privacy and cookie policies, which the User is encouraged to review.
25.3. User Control Over Third-Party Tracking:
- The scope and nature of the tracking conducted by these Third Parties are fully detailed in the Company's separate Cookie Policy.
- The User maintains the right to manage and withdraw consent for non-essential third-party tracking, either through the Site's dedicated Consent Management Platform (CMP) or by adjusting their browser settings.
25.4. Company Liability Limitation:
While the Company requires all third-party processors to adhere to strict data protection standards (Point 10.2), Roomwaiy.com is not responsible for the data processing practices, security failures, or specific actions of independent Third-Party Controllers (including the mentioned partners) who may use tracking technologies on or through the Site.
Point 26: Changes to These Terms and Policies
The Company reserves the right to modify, update, or replace these General Terms and Conditions (GTC), the Privacy Policy, and the Cookie Policy (collectively, the "Policies") at any time, in response to changes in law, regulatory requirements, or changes to the Services offered by Roomwaiy.com.
26.1. Notification of Changes:
- Material Changes: For any material change (a change that significantly affects the User's rights, obligations, or the processing of Personal Data), the Company will notify the User in advance, using reasonable measures. These notification methods may include:
- Sending an email notification to the primary email address associated with the User's account.
- Posting a prominent notice or banner on the Site's homepage.
- Notification upon login.
- Minor Changes: Minor changes (e.g., editorial corrections, updates to non-essential information) may be effective immediately upon posting the updated Policies on the Site, without separate notice.
26.2. Effective Date and Acceptance:
- The updated Policies will indicate the date of the last revision and will take effect on the "Effective Date" specified in the document.
- By continuing to access or use the Site or Services after the Effective Date of any modified Policies, the User acknowledges and agrees to be bound by the updated terms.
26.3. User's Right to Reject:
- If the User does not agree to the modified Policies, they must immediately cease using the Site and the Services.
- If the changes concern the processing of Personal Data and affect the legal basis of consent, the Company will seek new, explicit consent from the User.
26.4. Review Responsibility:
The User is responsible for regularly reviewing the most current version of the GTC, the Privacy Policy, and the Cookie Policy, which are always accessible via the appropriate links on the Site.
Full Legal References
This User Responsibility Policy outlines the obligations and expected conduct of all
individuals using RoomWaiy.com, a platform operated by Privisa LLC.
This document works together with our
MemberDeals™ Terms & Conditions,
Cancellations Policy,
Refund Policy,
Reporting Base Guidelines,
Privacy Policy, and
Cookies Policy
- EU Regulation 2016/679 (GDPR)
- California Consumer Privacy Act (CCPA)
- Montreal Convention on International Air Transport
- Applicable consumer and tourism codes
- Other national/international e-commerce and consumer protection laws
- Registration Number:xxxxxxxxxxx
- FSOT Number:xxxxxxxxxxxx
- TIDS Nomber:xxxxxxxxxxxx
- U.S. Tradmark Number:xxxxxxxxxxxxx
VIII. Contact and Support
For any questions regarding your reservations, our policies, or to exercise your rights, please use the appropriate channel below. Our services are operated by Privisa LLC, trading as Roomwaiy.com.
1. Customer Support (Reservations & Technical Issues)
For assistance with active bookings, cancellations, modifications, check-in issues, or technical problems on the platform:
- Online Support: Use the dedicated support chat available on your User Dashboard.
- Email: support@roomwaiy.com
- Phone: Available 24/7 (Local numbers may vary depending on the country of reservation, please check your confirmation email for the most relevant local number).
For urgent issues (denied check-in), we recommend using the phone line immediately.
2. Data Protection Officer (DPO) - Privacy Rights
To exercise your rights under the GDPR, CCPA, or for any formal request concerning the processing, accuracy, erasure, or security of your Personal Data :
- Responsible Entity: Privisa LLC / Roomwaiy DPO Office
- Formal Request Email: dpo@roomwaiy.com
- Mailing Address (For written formal requests): [Insert Physical Address of Privisa LLC/Roomwaiy Headquarters]
Please specify the exact nature of your request (Right of Access, Right to Erasure, Objection to Marketing).
3. Disputes and Reporting Base Guidelines
For filing formal disputes, reporting suspected fraud, unauthorized activity, or non-compliance with our Terms & Conditions, please refer to our Reporting Base procedure:
Important: Initiate all formal complaints (including chargeback defense or policy violations) through the steps outlined in the Reporting Base to ensure proper legal and administrative tracking.