GuestRevu Privacy Policy

Last updated: 01 Jan 2026

Overview

This Privacy Policy explains how GuestRevu collects, uses and protects personal data in connection with:

  • the GuestRevu website
  • the GuestRevu reputation management platform
  • integrations with third-party review and social media platforms
  • communications with customers and users.

In summary:

  • GuestRevu collects limited personal data necessary to provide its services.
  • Hospitality businesses using GuestRevu remain the data controllers for guest feedback and review data processed through the platform.
  • GuestRevu acts as a data processor for such data and processes it only on customer instructions.
  • GuestRevu does not sell personal data.
  • Personal data is protected using appropriate technical and organisational security measures.

Full details are provided in the sections below.

1. Introduction

GuestRevu (“GuestRevu”, “we”, “our”, or “us”) is committed to protecting and respecting personal data.

This Privacy Policy explains how GuestRevu collects, uses, stores, and protects personal data when:

  • you use our website
  • you use the GuestRevu platform and services
  • your organisation interacts with our services
  • you interact with us through third-party platforms such as review sites or social media integrations.

GuestRevu provides reputation management and guest feedback software for the hospitality industry.

2. Use of the GuestRevu Website

When you visit the GuestRevu website (www.guestrevu.com) we may collect limited information including contact details submitted through enquiry or demo request forms, analytics data, cookie information, and marketing interaction data. This information is used to respond to enquiries, provide requested information, improve our website and services, and understand how visitors interact with our content.

The GuestRevu public website is hosted by HubSpot Inc., which may process visitor data such as analytics information, form submissions, and marketing interaction data on our behalf in accordance with applicable data protection laws.

This policy applies to:

  • website visitors
  • customers and prospective customers
  • authorised users of the GuestRevu platform
  • individuals whose feedback or review data may be processed through our services.

3. Data Controllers and Contact Information

For the purposes of applicable data protection laws including:

  • UK General Data Protection Regulation (UK GDPR)
  • EU General Data Protection Regulation (EU GDPR)
  • Data Protection Act 2018
  • Protection of Personal Information Act (POPIA)

The GuestRevu services are provided by the following entities depending on the region in which services are delivered:

GuestRevu Limited (United Kingdom)
Office 7, 35–37 Ludgate Hill, London EC4M 7JN, United Kingdom, ICO Registration: ZA050887

GuestRevu (Pty) Ltd (South Africa)
5 HarbourView, Harbour Road, Port Alfred, 6170, South Africa

Where services are provided by GuestRevu (Pty) Ltd, that entity acts as the data controller for the purposes of POPIA. Where services are provided by GuestRevu Limited, that entity acts as the data controller for the purposes of UK GDPR and EU GDPR. Both entities may jointly determine certain processing activities related to the operation of the GuestRevu platform.

For privacy enquiries please contact: privacy@guestrevu.com

GuestRevu has appointed responsible persons for data protection oversight under the UK GDPR and EU GDPR, and has designated an Information Officer for the purposes of the Protection of Personal Information Act (POPIA) in South Africa.

Individuals in the United Kingdom may lodge complaints with the Information Commissioner's Office (ICO).
Individuals in South Africa may lodge complaints with the Information Regulator (South Africa).

4. Our Role: Data Controller and Data Processor

GuestRevu operates in two different data protection roles depending on the context.

4.1 GuestRevu as Data Controller

GuestRevu acts as a data controller when processing personal data relating to:

  • website visitors
  • prospective customers
  • account administrators
  • marketing contacts
  • support interactions

In these situations GuestRevu determines how and why personal data is processed.

4.2 GuestRevu as Data Processor

GuestRevu acts as a data processor when providing its reputation management and guest feedback services to hospitality businesses.

Our customers (for example hotels or accommodation providers) are the data controllers for guest information collected through surveys, reviews or feedback requests.

In these cases, GuestRevu processes personal data only on the instructions of the customer and in accordance with our Data Processing Agreement.

5. Personal Data We Collect

We may collect and process the following categories of personal data.

5.1 Information you provide directly

This may include:

  • name
  • email address
  • telephone number
  • company name
  • job title
  • account login information
  • communications with GuestRevu
  • information submitted through forms or support requests

5.2 Account and subscription information

This includes:

  • account registration details
  • billing information
  • subscription history
  • transaction records

Payment details are processed by our payment providers and are not stored on GuestRevu servers.

5.3 Guest feedback and review data

Where our customers use GuestRevu to manage reviews or feedback, the platform may process information relating to hospitality guests including:

  • guest name
  • feedback responses
  • ratings
  • review text
  • publicly available review content from external platforms

This information is processed on behalf of our customers as part of our services.

5.4 Technical and usage information

When you use our website or platform we may collect:

  • IP address
  • device information
  • browser type
  • operating system
  • usage logs
  • analytics data
  • page interactions

Where possible this information is aggregated or anonymised.

5.5 Information from third-party platforms

Where customers connect external services to the GuestRevu platform, we may collect publicly available data from third-party platforms such as:

  • Facebook
  • Instagram
  • Google
  • TripAdvisor
  • other review or reputation platforms

This may include publicly available reviews, engagement data or account identifiers necessary to provide our services.

6. Lawful Bases for Processing

Where GuestRevu processes publicly available review content from third-party platforms, such processing is carried out under legitimate interests to enable reputation management services for our customers. We process personal data under the following lawful bases:

6.1 Contract:

To provide GuestRevu services to customers and fulfil our contractual obligations.

6.2 Legitimate interests:

To improve our services, maintain security, perform analytics and communicate with customers about relevant services.

6.3 Consent:

For marketing communications and non-essential cookies.

6.4 Legal obligation:

Where we must retain or disclose information to comply with applicable laws.

GuestRevu processes only the personal data that is necessary for the purposes described in this Privacy Policy and takes reasonable steps to ensure that such data is relevant, accurate and limited to what is required for those purposes.

7. How We Use Personal Data

We use personal data to:

  • provide and operate the GuestRevu platform
  • deliver guest feedback and reputation management services
  • enable integrations with review platforms and social media
  • communicate with customers and support users
  • improve platform functionality and performance
  • process payments and manage subscriptions
  • send relevant service updates or product information
  • maintain security and prevent fraud

GuestRevu does not sell personal data to third parties.

8. Artificial Intelligence and Automated Tools

GuestRevu may use automated technologies including artificial intelligence to support certain features of the platform.

These may include:

  • sentiment analysis of review content
  • automated categorisation of feedback
  • AI-assisted reply suggestions

These tools are used to assist users and do not make decisions that produce legal or similarly significant effects on individuals. Where AI tools are used, personal data is processed solely to provide the requested service and is not used to train external models unless explicitly permitted.

AI tools used within GuestRevu process review content solely for the purpose of providing insights and assistance to platform users. Guest data is not used to train external AI models.

9. Cookies and Tracking Technologies

Our website and applications use cookies and similar technologies to improve user experience and analyse usage.

Cookies may be used for:

  • essential platform functionality
  • analytics
  • remembering user preferences
  • security and fraud prevention

Non-essential cookies are used only with user consent and are managed through our cookie consent tool.

You may withdraw or change cookie preferences at any time.

10. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected.

Typical retention periods include:

Financial records — up to 6 years
Customer support records — up to 2 years after account closure
Analytics data — anonymised after 12 months

System logs and security logs may be retained for limited periods where necessary for platform security, fraud prevention, and operational monitoring. Retention periods may vary depending on legal, contractual or operational requirements.

11. Data Storage and International Transfers

11.1 Contracting Entity

Depending on your location and the services being provided, your contract may be with either GuestRevu Limited (UK) or GuestRevu (Pty) Ltd (South Africa). The relevant entity providing the service will be identified in your customer agreement or order form. Both entities may share certain operational systems and infrastructure in order to deliver the GuestRevu platform and services.

GuestRevu primarily hosts its platform infrastructure on Amazon Web Services (AWS), with core infrastructure located within the European Union.

Because GuestRevu operates internationally through GuestRevu Limited (UK) and GuestRevu (Pty) Ltd (South Africa), personal data may be accessed or processed by authorised personnel located in the United Kingdom, the European Economic Area, or South Africa.

Where data is transferred between GuestRevu entities or to other countries, we implement appropriate safeguards including:

  • Standard Contractual Clauses (SCCs)
  • adequacy decisions where applicable
  • contractual data protection commitments with processors
  • organisational and technical security safeguards

For South African data subjects, international transfers occur only where permitted under POPIA, including where adequate protection exists, where the data subject consents, or where the transfer is necessary for the performance of a contract.

12. Sub-processors and Third-Party Service Providers

GuestRevu works with trusted service providers who support our operations.

These may include:

  • Amazon Web Services
  • OpenAI
  • Google
  • Linode
  • Mailgun
  • HubSpot
  • ChargeBee
  • QuickBooks
  • Stripe
  • PayPal

These providers process personal data only where necessary to provide services to GuestRevu and are contractually required to maintain appropriate data protection standards.

GuestRevu requires all sub-processors to implement appropriate technical and organisational measures to protect personal data.

GuestRevu may update or replace its sub-processors from time to time as our services evolve or operational requirements change. Any such providers will be required to meet appropriate data protection and security standards consistent with applicable data protection laws. An updated list of sub-processors is available on request.

13. Data Security

GuestRevu implements technical and organisational measures to protect personal data, including:

  • encryption in transit and at rest
  • strict access controls
  • secure infrastructure and monitoring
  • internal security policies and procedures

GuestRevu maintains internal procedures for monitoring, detecting and responding to potential security incidents affecting personal data.

GuestRevu regularly reviews and updates its security controls to protect personal data against unauthorised access, alteration, disclosure or destruction. 

While we take strong precautions, no method of transmission over the internet is completely secure.

14. Data Subject Rights

Depending on your location, you may have rights including:

  • access to personal data
  • correction of inaccurate information
  • deletion of personal data
  • restriction of processing
  • objection to processing
  • data portability
  • withdrawal of consent

Requests can be submitted to: privacy@guestrevu.com

We will respond within the timeframes required by applicable law.

15. Facebook and Instagram (Meta) Data Use

Where customers connect Facebook, Instagram or other Meta services to the GuestRevu platform, GuestRevu may process publicly available Page content such as reviews, ratings, comments, engagement metrics, and limited account or Page identifiers necessary to connect and maintain the integration.

This data is processed in accordance with this Privacy Policy and the applicable Meta Platform Terms.

16. Facebook Data Deletion Instructions

If you have connected your Facebook account to GuestRevu and wish to request deletion of associated data, you may:

  • Disconnect the integration within your GuestRevu account settings, or
  • Contact GuestRevu support at privacy@guestrevu.com

Data collected through Facebook integrations is processed in accordance with the Meta Platform Terms and applicable data protection laws. Upon receiving a verified request, GuestRevu will delete Facebook-derived data associated with the requesting user where permitted by law.

17. Children's Data

GuestRevu services are not directed to children.

We do not knowingly collect personal data from individuals under the age of:

  • 16 in the EU and UK

If such data is discovered, it will be deleted promptly.

18. Links to Third-Party Websites

Our website may contain links to third-party websites.

GuestRevu is not responsible for the privacy practices of external sites and we encourage users to review their privacy policies.

19. Changes to This Policy

We may update this Privacy Policy periodically.

When changes occur we will:

  • update the “Last updated” date
  • notify users where appropriate.

20. Contact

For questions about this policy or your personal data please contact:

privacy@guestrevu.com

If you are not satisfied with our response you may lodge a complaint with the Information Commissioner's Office (UK) or the Information Regulator (South Africa).