StayWise
Legal Document

Privacy Policy

StayWise Software — Property Management System

Last updated: April 2026Version: 1.0GDPR Compliant

1. Who We Are

Soft Care Concept EOOD operates StayWise Software at staywisesoftwarepms.com. We are a company registered in Bulgaria providing a cloud-based Property Management System (PMS) to hotels and hospitality businesses.

For data protection queries, contact our Data Controller representative at: staywisesoftware@gmail.com

Soft Care Concept EOOD

Sofia, Bulgaria

staywisesoftware@gmail.com

+359879570011

2. What Data We Collect

We collect and process two categories of data:

CategoryExamplesLegal Basis
Hotel account dataCompany name, contact name, email, phone, addressContract performance
Billing dataSubscription plan, payment records (card processing by Stripe — raw card numbers not stored)Contract + Legal obligation
Usage dataLogin timestamps, features used, error logsLegitimate interest
Guest data (on behalf of hotel)Name, email, phone, nationality, ID details, booking info, payment referencesData Processor (hotel is Controller)

StayWise acts as a Data Processor for guest data. The hotel is the Data Controller responsible for obtaining guest consent under GDPR.

4. How We Use Your Data

  • Providing and improving StayWise services
  • Sending service emails (invoices, downtime notices, security alerts)
  • Customer support
  • Legal compliance (tax records, regulatory requirements)

We do NOT sell your data.

We do NOT use hotel guest data for our own marketing purposes.

5. Data Sharing

We share data only with the following sub-processors. All processors are bound by GDPR-compliant Data Processing Agreements.

ProcessorPurposeLocationPrivacy Policy
SupabaseDatabase infrastructureEU (Frankfurt)supabase.com/privacy
StripePayment processingEU/US (SCCs)stripe.com/privacy
NetlifyHosting infrastructureEU/US (SCCs)netlify.com/privacy
Email providerTransactional emails onlyEU

We do not share personal data with any other third parties unless required by law or court order.

6. Data Retention

  • Active account data: retained while subscription is active
  • After cancellation: 30 days available for data export, then permanently deleted
  • Invoice and billing records: 5 years (Bulgarian accounting and tax law requirement)
  • Backup retention: 30 days rolling

7. Your Rights under GDPR

You have the following rights regarding your personal data:

Access (Art. 15)

Obtain a copy of your personal data we hold.

Rectification (Art. 16)

Correct inaccurate or incomplete data.

Erasure (Art. 17)

"Right to be forgotten" — request deletion.

Restriction (Art. 18)

Limit how we process your data.

Portability (Art. 20)

Receive your data in a machine-readable format.

Object (Art. 21)

Object to processing based on legitimate interests.

You also have the right to lodge a complaint with your local supervisory authority.

To exercise your rights: staywisesoftware@gmail.com
Response time: within 30 days

Bulgarian Supervisory Authority

Комисия за защита на личните данни (КЗЛД)

www.cpdp.bg · kzld@cpdp.bg · +359 2 915 3 518

8. Cookies

We use the following types of cookies:

  • Necessary cookies: session authentication, CSRF protection, language and UI preferences. These cannot be disabled as they are essential for the service to function.
  • Analytics cookies: used only with your explicit consent to understand how the product is used.

You can manage your cookie preferences at any time using the "Manage cookie preferences" option in our cookie consent banner.

9. Security

  • In transit: all data encrypted using TLS 1.2 or higher
  • At rest: database encrypted using AES-256
  • Row-level security: each hotel account can only access its own data — enforced at the database level
  • Infrastructure: Supabase hosted in EU region (Frankfurt)
  • Reviews: regular internal security audits

10. Children

StayWise is a B2B service intended for hotel operators and hospitality businesses. It is not directed at, and we do not knowingly collect personal data from, children under the age of 16.

11. Changes to This Policy

We will notify registered account holders by email at least 30 days before making material changes to this Privacy Policy. Minor clarifications may be made without notice. The "last updated" date at the top of this page reflects the most recent revision.

12. Contact

For any privacy-related questions or requests, please contact us:

Soft Care Concept EOOD

Sofia, Bulgaria

staywisesoftware@gmail.com

+359879570011

For a full list of your rights as a data subject, see gdpr.eu .

© 2026 Soft Care Concept EOOD. All rights reserved.

Terms of ServicePrivacy Policy