سياسة الخصوصية

Introduction

Welcome to VerifiedGuest. We are deeply committed to protecting the privacy and security of everyone who uses our platform — businesses, guests, and visitors alike. This Privacy Policy explains in detail how we collect, use, share, and protect your personal information.

By accessing or using VerifiedGuest (available at verified-guest.com and related services), you acknowledge that you have read and understood this policy. We encourage you to read it carefully and contact us if you have any questions.

Information We Collect

We collect information in three ways: directly from you when you register or use our services, automatically as you interact with our platform, and from third-party sources where necessary to deliver our verification services.

Account & Business Information

• Identity data: Your full name, business name, and contact details provided during registration.
• Authentication data: Email address and securely hashed passwords. We never store passwords in plaintext.
• Business profile: Business category, location, description, and other details you voluntarily add to your profile.
• Payment information: Billing name and address processed through our PCI-DSS compliant payment partner. We do not store full card numbers.

Guest & Reservation Data

• Booking records: Reservation IDs, check-in/check-out dates, and guest contact details submitted by businesses to enable review verification.
• Review submissions: Star ratings and written feedback submitted by verified guests via unique, cryptographically signed tokens.

Usage & Technical Data

• Log data: IP address, browser type and version, operating system, referring URLs, and pages visited.
• Device data: Device identifiers, screen resolution, and general hardware information for compatibility purposes.
• Interaction data: Features used, actions taken, and clickstream data to improve user experience.

How We Use Your Information

Your data is used exclusively to operate and improve VerifiedGuest services. We process data under one or more of the following lawful bases: contractual necessity, legitimate interest, legal obligation, or your explicit consent.

Sharing & Third Parties

We do not sell, rent, or trade your personal data. We share information only in the limited circumstances described below, and always under strict contractual data-processing agreements.

• Service providers: Trusted partners who help us operate the platform — cloud hosting (server infrastructure), email delivery services, and payment processors. Each is bound by a Data Processing Agreement (DPA) prohibiting them from using your data for any other purpose.
• Legal obligations: If required by law, court order, or governmental authority, we may disclose information. We will notify you before doing so, where legally permitted.
• Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify affected users and ensure the receiving party upholds the same privacy standards.
• Safety and security: To protect the rights, property, or safety of VerifiedGuest, our users, or the public from serious harm.

We never share your information with advertisers or data brokers.

Cookies & Tracking Technologies

We use cookies and similar technologies to keep you logged in, remember your preferences, and understand how the platform is used. We do not use advertising or cross-site tracking cookies.

You can control cookies through your browser settings. Disabling essential cookies will affect platform functionality.

Data Retention

We retain your personal data only for as long as necessary to provide our services and comply with our legal obligations. Our retention periods are as follows:

• Active account data: Retained for the lifetime of your account plus 30 days after closure, to allow for account recovery.
• Review records: Retained for 5 years to support dispute resolution and platform integrity audits.
• Payment records: Retained for 7 years as required by tax and financial regulations.
• Log data: Automatically purged after 90 days.
• Marketing preferences: Retained until you withdraw consent.

When data is no longer required, it is securely deleted or anonymised so it can no longer be linked to you.

Your Privacy Rights

Depending on your location, you have specific legal rights regarding your personal data. We honour all rights requests within 30 days.

To exercise any of these rights, email us at contact@verified-guest.com. We may need to verify your identity before processing your request. You also have the right to lodge a complaint with your local data protection authority.

Data Protection & Security

We take the security of your data seriously and implement layered, enterprise-grade safeguards:

• Encryption in transit: All communication between your browser and our servers is encrypted via TLS 1.3.
• Encryption at rest: Sensitive data fields are encrypted using AES-256 before being stored in our database.
• Access controls: Staff access to personal data is role-based, strictly limited, and audited.
• Security audits: We conduct periodic security reviews and penetration tests.
• Breach response: In the unlikely event of a data breach, we will notify affected users and relevant authorities within 72 hours, as required by GDPR.

While we strive to protect your data, no security system is impenetrable. We encourage you to use a strong, unique password and enable two-factor authentication where available.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or want to report a concern, please reach out to our dedicated privacy team.