SECURITY & PRIVACY
Built for Europe. GDPR from day one.
Valooro was built privacy-first from the ground up — not compliance bolted on afterwards, but data protection as a design principle.
CORE COMMITMENTS
What you should know.
EU hosting
All data is stored and processed exclusively on servers within the European Union. No transfer to third countries without standard contractual clauses.
GDPR compliant
Valooro is built in accordance with GDPR (EU 2016/679). We conclude a data processing agreement (DPA) with every hotel under Art. 28.
Role-based access
Every hotel sees only its own data. Row Level Security (RLS) at the database level ensures no cross-hotel data access is possible.
Data deletion
Guest data can be fully deleted at any time upon request. Hotels can export their data and close their account.
TECHNICAL DETAILS
Under the hood.
GUEST PRIVACY
What is stored — and what is not.
STORED
NOT STORED
Security questions & DPA
For security questions, vulnerability reports or to conclude a Data Processing Agreement, contact us directly.
security@valooro.comDPA requests via the contact form