Privacy Policy

Last updated: August 29, 2025

This Privacy Policy explains how Lndesk (“we”, “us”, “our”) collects, uses, shares, and protects personal data when you use our hotel website hosting and booking tools, public pages, and related services (collectively, the “Platform”).

1) Scope & roles

• Lndesk as Controller: We act as a data controller for information about platform accounts, prospective hotel partners, billing/entitlements for our services, site analytics, security logs, and support communications.
• Lndesk as Processor/Service Provider: For guest/booking data that a hotel collects via sites hosted on our Platform, the hotel is the controller. We process such data under the hotel’s instructions to provide the Platform.

2) Data we collect

• Account & business data: name, email, phone, business/hotel name, address, preferences, plan and entitlement info.
• Operational content: website content you upload (text, images, room details), settings, and configuration choices.
• Booking/guest data (for hotels): guest contact details, stay dates, room selections, notes, and status fields submitted via hotel pages.
• Payment & transaction data: order IDs, timestamps, amounts, status, method metadata. We do not store full card details.
• Technical data: IP address, device/browser info, referral URLs, timestamps, error and security logs, and similar diagnostic data.
• Cookies & similar tech: essential cookies for login/session and security; optional analytics; Cloudflare Turnstile (“are you human”) which may process IP/device signals to prevent abuse.

3) Sources of data

• Directly from you (forms, registration, support, uploads).
• From hotel guests using hotel sites hosted on our Platform (as instructed by the hotel).
• From service providers (e.g., payment, security, analytics) and from your use of the Platform (technical logs).

4) How we use data

• Provide, operate, and improve the Platform and its features.
• Authenticate users, maintain security, prevent fraud and abuse (including with Cloudflare Turnstile).
• Process payments and manage subscriptions/add-ons (e.g., via Razorpay or other payment partners).
• Deliver customer support, service announcements, and account communications.
• Perform analytics, capacity planning, and quality assurance.
• Comply with legal obligations and enforce our Terms & policies.

5) Legal bases

Depending on your region, we rely on one or more of: performance of a contract, legitimate interests (e.g., security, service improvement), consent (where required), and legal compliance.

6) Sharing of data

We do not sell personal data. We share limited data with:

• Payment partners (e.g., Razorpay) to process payments.
• Infrastructure & security providers (e.g., hosting, DDoS protection, Turnstile anti-abuse, email delivery).
• Analytics/telemetry providers (only aggregated/technical data or as configured by us).
• Hotels (when we act as a processor, we handle guest data under the hotel’s instructions and may provide the hotel with access/logs necessary to operate bookings).
• Authorities and auditors where required by law or to protect rights, safety, and the Platform.

7) International transfers

Your data may be stored or processed in countries outside your own. We take steps designed to protect data during transfers and storage consistent with applicable law.

8) Retention

We keep personal data for as long as needed to provide the Platform, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary by data type and business/legal requirements.

9) Security

We use administrative, technical, and organizational measures designed to protect personal data, including encryption in transit, access controls, and monitoring. No system is completely secure; please use strong, unique passwords and enable recommended safeguards.

10) Your choices & rights

• Access, correction, deletion: You may request access to, correction of, or deletion of your personal data we control.
• Consent & marketing: Where consent applies, you may withdraw it at any time; unsubscribe links are provided in marketing emails.
• Cookies: You can control cookies via your browser or OS settings; disabling certain cookies may impact functionality.
• Hotel guest data: If you are a hotel guest, please contact the hotel directly for rights requests. We will assist the hotel as its processor.

11) Children

The Platform is not intended for children under the age of 18. We do not knowingly collect data from children.

12) Third-party services

The Platform integrates third-party services (e.g., payment gateways, anti-abuse/security, analytics, maps). Your use of those services may be subject to their own terms and privacy policies. Where required, we will present notices or obtain consent.

13) Changes to this Policy

We may update this Privacy Policy from time to time. When we make material changes, we will post the updated version here and update the “Last updated” date above. Your continued use of the Platform after changes take effect constitutes acceptance.

14) Contact & grievance

Email: support@lndesk.com
Address: Deorali MW, Pani House, Gangtok, Sikkim, India

If you have a privacy complaint or cannot resolve a request with us, you may have rights to contact a data protection authority or grievance officer as required by your jurisdiction.