Privacy Policy.

part of Terms and Conditions →

Privacy Policy.

1. Our Role as Data Controller and Data Processor

  • DayPass as Controller: For most personal data you provide when creating an account, browsing listings, receiving communications, and making bookings, DayPass Inc. acts as the Data Controller. We decide why and how this information is processed (e.g. account management, booking confirmations, customer support, marketing).

  • Hotels and Partners as Separate Controllers: When you make a reservation, we share limited data (such as your name, contact details, and booking information) with the hotel or partner venue. Each hotel or partner acts as an independent Data Controller for its own use of your personal data (e.g. guest registration, on-site services, compliance). Their use of your data is governed by their own privacy policy.

  • DayPass as Processor: In certain cases, such as DirectPass or white-label integrations, DayPass may act as a Data Processor on behalf of hotels or partners. We process data only on their documented instructions and enter into Data Processing Agreements (DPAs) to ensure GDPR compliance.

2. Information We Collect

  • Non-Personal Information: Data that does not personally identify you, automatically collected when you use our Services (browser type, device type, IP address, referring/exit pages, etc.).

  • Personally Identifiable Information (PII): Non-public information that can identify you, collected when you create an account, place a reservation, or interact with our Services. This may include:

    • Name, email, phone number, location, billing or business details.

    • Payment details (processed securely by Stripe; see Section 6).

    • Images or content you upload.

3. How We Collect Information

  • Account registration and reservations: When you register or place a booking.

  • Forms and uploads: When you submit forms or upload content.

  • Automatic collection: Cookies, web beacons, analytics, and mobile device data.

4. How We Use Your Data

We use your personal data to:

  • Provide and improve our Services.

  • Manage bookings and communicate with you.

  • Send service-related notifications (bookings, cancellations, reminders).

  • Send promotional communications (with opt-out options).

  • Analyze usage trends to improve performance.

  • Fulfill legal obligations and enforce our Terms.

5. Sharing Your Information

We do not sell or rent your personal data. We may share it as follows:

  • With hotels and partners you book with, to deliver their services.

  • With service providers (e.g. payment processors, hosting providers) under strict confidentiality.

  • For legal compliance (subpoena, law enforcement, regulatory requirements).

  • In case of a merger, acquisition, or business transfer.

6. Payments

Payments are processed exclusively by Stripe. DayPass does not store or have access to your credit card details. Stripe’s privacy policy is available at: https://stripe.com/us/privacy.

7. Cookies & Tracking

We use cookies and similar technologies to personalize content, remember preferences, and deliver offers. You can disable cookies in your browser settings, but some functionality may be limited. See our [Cookie Policy] for details.

8. Your Data Protection Rights

Depending on where you live (EEA, UK, California, or other regions with privacy laws), you may have rights to:

  • Access, correct, update, or delete your personal data.

  • Object to processing or request restriction of processing.

  • Request data portability.

  • Withdraw consent at any time (without affecting prior lawful processing).

  • Opt out of marketing communications at any time.

  • File a complaint with your data protection authority.

To exercise these rights, contact us at privacy@daypass-app.com.

Representative

We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact for the following regions:

  • European Union (EU)

Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website:https://app.prighter.com/portal/11555275426

9. Children’s Privacy

Our Services are not designed for children under 16. We do not knowingly collect data from children. If you believe a child has provided us information, contact us to request deletion.

10. Security

We use industry-standard encryption, authentication, and security measures (SSL, firewalls) to protect your data. No system is 100% secure; you are responsible for keeping your credentials confidential.

11. Data Retention

We retain account and booking data as long as needed for service provision, legal, and financial compliance. Reservation records may be stored for statutory retention periods even after account deletion.

12. Third-Party Links

Our Services may contain links to third-party websites. Their privacy practices are not governed by this policy. Please review their privacy policies.

13. Updates to this Policy

We may update this Privacy Policy from time to time. Updates will be posted here with a new “Last Updated” date. Material changes may also be communicated via email or notices on our Services.

14. Contact Us

If you have questions or wish to exercise your rights, please contact us:

DAYPASS INC.
66 West Flagler Street – Suite 900
Miami, FL 33130
United States
Email: privacy@daypass-app.com

15. Partner Privacy Policies

We encourage you to review the privacy policies of partner hotels and brands you book through DayPass, such as Accor, Ascott, Centara, Club Med, Hilton, Hyatt, IHG, Marriott, Melia, Palladium, and others.

Hotels & Partners Privacy Policy

We encourage you to review the DayPass venues privacy policy.