GDPR and data protection
Last updated: 2026-06-07
This page sets out, in plain language, how Monsieur handles personal data under the EU General Data Protection Regulation (GDPR). Monsieur is operated by Paulo Rosario, a sole trader in Tomar, Portugal, trading under the brand interpt. We want this to be transparent, so it is more detailed than a privacy policy usually is. Read it alongside our privacy policy and terms of service.
1. Two roles: who controls what
The most important thing to understand is that there are two different kinds of personal data in Monsieur, with two different controllers.
- Your hotel's account data. This is the data about your hotel itself: your staff users, your billing contact, and your billing details. For this data we, interpt, are the data controller. How we handle it is set out in our privacy policy.
- Your guests' data. This is the personal data of your guests that flows through your tenant: guest names, room numbers, order content, special instructions, and booking details. For this data the hotel is the controller and we act only as the processor. We process guest data solely on your documented instructions, to provide the service to you. We do not decide why or how guest data is used, and we do not use it for our own purposes.
In short: for your account, we are the controller; for your guests, you are the controller and we are your processor. This split is the heart of how data protection works in Monsieur.
2. Legal bases
For the account data we control, our legal bases are: performance of our contract with you (to provide the service and take payment); our legitimate interest (to keep the service secure, prevent abuse, and contact existing customers about the service); and your consent where we ask for it, such as for optional marketing email, which you can withdraw at any time. As the controller of guest data, your hotel is responsible for choosing and documenting the legal basis for collecting and using that guest data.
3. Your rights as a data subject
Under the GDPR, individuals have the following rights over their personal data:
- Access: to know whether their data is being processed and to get a copy of it.
- Rectification: to have inaccurate data corrected and incomplete data completed.
- Erasure: to have data deleted where there is no overriding reason to keep it.
- Restriction: to limit how data is used in certain situations.
- Portability: to receive data in a structured, commonly used, machine-readable format and to have it moved where technically feasible.
- Objection: to object to processing based on legitimate interest, and to object to direct marketing at any time.
- Complaint: to lodge a complaint with a data-protection supervisory authority (see section 5).
4. How to exercise these rights
Hotel-account users (your staff and billing contacts) can exercise their rights with us directly, since we are the controller of that data. Email hello@monsieurapp.io and we will respond within one calendar month, free of charge.
Guestsshould direct their requests to the hotel they stayed at, because the hotel, not us, is the controller of their data. If a guest contacts us directly, we will point them to the relevant hotel and, where we can identify the tenant, let that hotel know. As the hotel's processor, we will help the hotel respond to and fulfil a guest's request.
5. Complaining to a supervisory authority
If you believe your data has been mishandled, you can complain to a data-protection supervisory authority. In Portugal that authority is the Comissao Nacional de Protecao de Dados (CNPD). You can also complain to the supervisory authority in the EU country where you live or work. We would, of course, prefer the chance to put things right first, so please consider contacting us at hello@monsieurapp.io.
6. Subprocessors
To run the service we rely on a small set of providers that process personal data on our behalf, under contract. They are:
- Amazon Web Services - hosting, database, and email delivery. Region: EU (eu-west-1, Ireland).
- Stripe - payment processing for subscriptions.
- DeepL - machine translation of hotel content.
- Oxylabs- a web-unblocking proxy used to fetch a hotel's public website during theme extraction. It only fetches public web pages of the URL the hotel provides; no guest or account personal data is sent to it.
- Google Calendar - service-provider calendar sync, only if a hotel connects it.
- Calendly - service-provider scheduling, only if a hotel connects it.
We keep this list current. You can ask us for the up-to-date list of subprocessors at any time, and we will give reasonable notice before adding a new one that processes guest data so that you can object if you need to.
7. International transfers
Your data is hosted in the European Union, in the AWS eu-west-1 (Ireland) region, and we keep it in the EU. Some subprocessors are global organisations; where a transfer outside the EU could occur, we rely on an approved safeguard such as the European Commission's standard contractual clauses.
8. Security
At a high level: all traffic is encrypted in transit with TLS, and data at rest, including backups, is encrypted. Tenants are isolated from one another at the database layer so one hotel's data cannot be read by another. Access to production systems is restricted to the people who need it and is reviewed. We do not store full payment-card details; Stripe handles those. No system is perfectly secure, but we take reasonable and appropriate measures proportionate to the data we hold.
9. Personal-data breaches
If a personal-data breach happens that affects your data, we will investigate it, take steps to contain and fix it, and notify you without undue delay so that you, as a controller, can meet your own notification duties. Where we are the controller, we will notify the relevant supervisory authority within the time the GDPR requires, and affected individuals where the law requires.
10. Retention
We keep account and billing data while your subscription is active, then for up to 90 days after cancellation or suspension so you can re-subscribe or export it, after which it is deleted. Billing records are kept for as long as tax and accounting law requires. Guest data is kept while you keep it in your tenant; you control it and can delete it, and it is removed when your account is deleted. Server and preview logs are kept 30 days, and backups run on a maximum 60-day rolling window.
11. Data Processing Agreement
For the guest data we process on your behalf, the commitments on this page are the substance of a Data Processing Agreement (DPA): we process guest data only on your documented instructions, keep it confidential, use the subprocessors listed above under contract, help you respond to data-subject requests, help you with security and breach obligations, and delete or return guest data at the end of the service. A signable DPA is available to hotels on request. To get a copy to sign, email hello@monsieurapp.io.
12. Contact
For anything on this page, or any data-protection question, write to hello@monsieurapp.io. Our service runs at monsieurapp.io. The seller and controller is Paulo Rosario, Tomar, Portugal; fiscal number PT253648920; registered address Av. Dom Nuno Álvares Pereira, 52, 2300-532, Tomar, Portugal.