Biztronicx Hotel Canada logo Biztronicx Hotel Canada Business accommodation — defined standards
Policy • Privacy

Privacy Policy

This document describes how Biztronicx Hotel Canada may collect, use, store, and share personal information. Replace placeholders with your legal entity details before publication.

Business context Data minimization Retention limits

Key facts

Controller / Operator (placeholder)
  • Entity: Biztronicx Hotel Canada (legal name placeholder)
  • Address: 100 Business Avenue, Toronto, ON, Canada (placeholder)
  • Privacy contact: [email protected]
Update entity name and address to match your registration.
Policy scope
  • Website interactions and inquiries.
  • Guest communications and service requests.
  • Billing and compliance records.
  • Security and incident handling.

Rooms (reference)

Guest services data
  • Room allocation requests (quiet-floor, accessibility notes).
  • Incident reports related to stay quality (noise, maintenance).
  • Housekeeping preferences (DND patterns may be logged for safety).
Data minimization
  • We aim to collect only what is needed for operation, billing, and security.
  • Optional fields are marked as optional; do not include sensitive data in free text.

Information we collect

Categories
  • Identity: name, identification details at check-in (where required).
  • Contact: email, phone, mailing address (if needed for billing).
  • Transaction: invoice data, payment confirmations (avoid full card details via email).
  • Service: requests, accessibility notes, incident logs.
  • Technical: IP address, device/browser signals (limited; see Cookies Policy).
Sources
  • Directly from you (forms, email, phone).
  • From booking channels you use (where applicable).
  • From on-site interactions (incident logs, security records).
  • From website technical interactions (basic logs).

Purposes and legal basis (general)

Primary purposes
  • Provide accommodation and requested services.
  • Process billing, invoicing, and accounting records.
  • Respond to inquiries and coordinate arrivals.
  • Maintain safety, security, and incident response.
  • Improve operations (aggregated analysis where possible).
Legal basis (high-level)
  • Contract: to provide requested services.
  • Legitimate interests: security, fraud prevention, service quality control.
  • Legal obligation: tax, accounting, regulatory compliance where applicable.
  • Consent: for certain optional communications and cookies (see Cookies Policy).
Legal basis depends on jurisdiction; consult counsel before publishing.

Sharing and disclosures

When we may share data
  • Service providers: IT, email, hosting, payment processors (as applicable).
  • Booking channels: confirmation and service coordination (if used).
  • Legal requests: where required by law or lawful authority.
  • Corporate billing: with your employer when you request invoicing under corporate account.

We do not sell personal information as a business model.

Retention

Retention rules (examples)
  • Invoices/accounting: retained per tax/accounting requirements.
  • Inquiry emails: retained until resolved + reasonable period for follow-up.
  • Security incidents: retained for investigation and compliance needs.
  • Website logs: short retention unless needed for security.
Deletion and minimization
  • We aim to delete or anonymize when data is no longer required.
  • Backups may retain copies temporarily until rotation completes.
  • Some records cannot be deleted early due to legal obligations.

Security

Controls (summary)
  • Access control: role-based access where feasible.
  • Operational logging for incident handling.
  • Encryption in transit for web traffic (HTTPS when deployed).
  • Vendor due diligence for core service providers.
  • Staff guidance on handling personal data.

No system is risk-free; we focus on proportionate controls.

Your rights (general)

Requests you may submit
  • Access to personal information.
  • Correction of inaccuracies.
  • Deletion (where legally permissible).
  • Objection to certain processing (jurisdiction dependent).
  • Withdrawal of consent (where applicable).
How to submit
  • Email: [email protected]
  • Provide: full name, contact method, request type, relevant dates.
  • Identity verification may be required before release.
  • We may refuse requests that are abusive or legally restricted.

Cookies and tracking

See Cookie Policy for cookie categories, consent, and controls.

Pros / Cons (policy constraints)

Pros
  • Minimization approach: collect only what is operationally required.
  • Retention described by category to support planning.
  • Clear contact route for privacy requests.
Cons / limitations
  • Some data retention is mandated by law.
  • Identity verification may add friction to access requests.
  • Third-party providers may have independent obligations.