Legal
Privacy Policy.
Last updated · 15 April 2026
01
Introduction
SutraStack ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our property management system and related services (collectively, the "Service").
By using the Service, you agree to the collection and use of information in accordance with this policy.
02
Information we collect
— Information you provide
- Account registration details (name, email, phone number)
- Hotel/property information (name, address, room inventory)
- Guest data entered into the system (names, contact details, booking information)
- Financial information (payment records, invoices, expense data)
- Communications with our support team
— Automatically collected
- Device information (browser type, operating system)
- Usage data (pages visited, features used, time spent)
- IP address and approximate location
- Cookies and similar tracking technologies
03
How we use your information
- To provide and maintain the Service
- To process transactions and manage your hotel operations
- To send administrative notifications (system updates, security alerts)
- To provide customer support
- To improve and optimise the Service
- To comply with legal obligations (GST reporting, police verification where applicable)
- To detect and prevent fraud or security incidents
04
Data sharing & disclosure
We do not sell your personal information. We may share data only in the following circumstances:
- With OTA partners — when you enable channel management, booking data is shared with connected online travel agencies
- Service providers — cloud hosting, email delivery, and analytics services that help us operate the Service
- Legal requirements — when required by law, regulation, or legal process
- Business transfers — in connection with a merger, acquisition, or sale of assets
05
Data security
We implement industry-standard security measures to protect your data, including encryption in transit (TLS/SSL), encryption at rest, regular security audits, role-based access controls, and automated backups. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.
06
Data retention
We retain your data for as long as your account is active or as needed to provide the Service. Hotel and guest records are retained in accordance with Indian hospitality regulations and tax requirements. You may request deletion of your account and associated data at any time.
07
Cookies
We use essential cookies to maintain your session and preferences. We may use analytics cookies to understand how the Service is used. You can configure your browser to refuse cookies, though some features may not function properly.
08
Your rights
You have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion of your data
- Export your data in a machine-readable format
- Withdraw consent for optional data processing
09
Children’s privacy
The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.
10
Changes to this policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the revised policy.