hotelhuddle hotelhuddle.com

Privacy Policy

Last updated: May 31, 2026

groupRooms.org ("we," "us," or "our") operates the groupRooms.org website and related services (collectively, the "Platform"). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform. Please read this policy carefully.

1. Information We Collect

1.1 Personal Information You Provide

When you use our Platform, we may collect the following categories of personal information:

  • Identity Data: Your first name, last name, and organization or company name.
  • Contact Data: Your email address, phone number, and mailing address.
  • Travel Data: Check-in and check-out dates, destination city or region, number of rooms needed, group size, and room type preferences (e.g., single, double, suite).
  • Booking Data: Request-for-proposal (RFP) submissions, hotel responses, negotiated rates, and booking confirmations.
  • Payment Data: Payment method details processed through our third-party payment provider, Stripe. We do not store full credit card numbers on our servers.
  • Account Data: Username, encrypted password, account preferences, and subscription plan information.
  • Communications Data: Messages, feedback, and correspondence you send to us.

1.2 Information Collected Automatically

When you access the Platform, we may automatically collect:

  • Device Data: Browser type, operating system, device identifiers, and screen resolution.
  • Usage Data: Pages visited, time spent on pages, click paths, referring URLs, and interaction patterns.
  • Log Data: IP address, access timestamps, and server request logs.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, operate, and maintain the Platform, including processing RFP submissions and connecting you with hotels.
  • To create and manage your user account and subscription.
  • To process payments and send invoices.
  • To communicate with you about your bookings, account activity, and Platform updates.
  • To send you marketing communications about our services, promotions, or new features, where you have opted in or where permitted by law.
  • To improve the Platform, develop new features, and enhance user experience.
  • To detect, prevent, and address fraud, security issues, and technical problems.
  • To comply with legal obligations and enforce our terms.

3. Cookies and Tracking Technologies

3.1 Cookies

We use cookies and similar tracking technologies to collect usage data and improve your experience. The types of cookies we use include:

  • Essential Cookies: Required for the Platform to function properly, including session authentication and security (e.g., CSRF protection).
  • Functional Cookies: Remember your preferences and settings to enhance your experience.
  • Analytics Cookies: Help us understand how visitors interact with the Platform so we can improve it. These are set by our analytics providers.
  • Marketing Cookies: Used to deliver relevant advertisements and track the effectiveness of our marketing campaigns.

3.2 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies or delete existing cookies. Please note that disabling certain cookies may affect the functionality of the Platform.

4. Third-Party Services

We use third-party services that may collect, process, or store your information:

  • Stripe, Inc.: Processes payment transactions on our behalf. Stripe collects and processes your payment information in accordance with Stripe's Privacy Policy. We do not store your full credit card number or CVV on our servers.
  • Analytics Providers: We use analytics services to collect and analyze usage data. These services may use cookies and similar technologies to gather information about your interactions with the Platform.
  • Email Service Providers: We use third-party services to send transactional and marketing emails on our behalf.
  • Cloud Infrastructure: Our Platform is hosted on secure cloud servers that may process data in the course of providing hosting and computing services.

These third-party service providers are obligated to protect your information and are governed by their own privacy policies. We encourage you to review their policies when interacting with these services.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • With Hotels: When you submit an RFP, your relevant travel and contact information is shared with the hotels you select so they can respond to your request.
  • With Service Providers: We share information with third-party service providers who perform services on our behalf, as described in Section 4.
  • For Legal Reasons: We may disclose information if required by law, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you our services. We may also retain and use your information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

Specific retention periods include:

  • Account Data: Retained for the duration of your account plus 30 days after deletion request, unless a longer period is required by law.
  • Booking Data: Retained for a minimum of 3 years from the date of the completed booking for tax and legal compliance purposes.
  • Payment Records: Retained for 7 years as required by financial regulations.
  • Marketing Consent Records: Retained until you withdraw consent, plus 30 days.
  • Usage and Log Data: Retained for up to 2 years, then anonymized or deleted.

7. Data Security

We implement reasonable administrative, technical, and physical security measures to protect your information. These measures include encryption of data in transit (TLS/SSL), access controls, and secure infrastructure. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

8.1 Access and Portability

You have the right to request a copy of the personal information we hold about you. You may also request that your data be provided in a portable, machine-readable format.

8.2 Correction

You have the right to request correction of any inaccurate or incomplete personal information we hold about you. You can update most of your account information directly through your account settings.

8.3 Deletion

You have the right to request the deletion of your personal information, subject to certain exceptions (such as where we are required to retain data by law). You may delete your account through your account settings, or you may submit a deletion request by contacting us at privacy@rchotelgroup.com.

8.4 Restriction and Objection

You have the right to request that we restrict the processing of your personal information, or to object to the processing of your personal information, in certain circumstances.

8.5 Exercising Your Rights

To exercise any of these rights, please contact us at privacy@rchotelgroup.com. We will respond to your request within 30 days. We may ask for verification of your identity before processing your request.

9. California Consumer Privacy Act (CCPA/CPRA) Compliance

This Section 9 applies to California residents and supplements the rest of this Privacy Policy in accordance with the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

9.1 Categories of Personal Information Collected

In the preceding 12 months, we have collected the following categories of personal information:

  • Identifiers: Name, email address, phone number, account username.
  • Commercial Information: Booking history, RFP submissions, transaction information.
  • Internet or Network Activity: Browsing history, search history, interaction data on our Platform.
  • Geolocation Data: General location derived from IP address.
  • Payment Information: Payment method details (processed by Stripe).
  • Inferences: Preferences and characteristics drawn from the above categories.

9.2 Purposes of Collection

We collect and use personal information for the business and commercial purposes described in Section 2 of this policy.

9.3 Sale and Sharing of Personal Information

We do not sell, share, or rent your personal information to third parties for monetary or other valuable consideration. We do not use or disclose sensitive personal information for purposes other than those disclosed in this policy.

9.4 Your California Privacy Rights

Under the CCPA/CPRA, California residents have the right to:

  • Know what personal information is collected, used, shared, or sold.
  • Request deletion of personal information.
  • Request correction of inaccurate personal information.
  • Opt out of the sale or sharing of personal information (though we do not sell your data).
  • Limit the use of sensitive personal information.
  • Not be discriminated against for exercising your privacy rights.

To exercise these rights, submit a request to privacy@rchotelgroup.com or write to us at the address in Section 13. We will verify your identity before processing your request.

10. Email Marketing and Opt-Out

With your consent, we may send you promotional emails about our services, special offers, and other information we think may be useful to you. You may opt out of receiving marketing emails at any time by:

  • Clicking the "Unsubscribe" link included at the bottom of every marketing email we send.
  • Updating your email preferences in your account settings.
  • Contacting us at privacy@rchotelgroup.com.

Please note that even if you opt out of marketing emails, we will continue to send transactional messages related to your account, bookings, and legal notices.

11. Children's Privacy

Our Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a person under 18, we will take steps to delete that information. If you believe we have collected information from a minor, please contact us at privacy@rchotelgroup.com.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last updated" date at the top of this page and, for significant changes, by sending you a notice via email or through the Platform. Your continued use of the Platform after any changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will acknowledge receipt of your inquiry within 5 business days and respond within 30 days.