When a hotel entrusts Hotilla with operational data, that relationship is governed by a Data Processing Agreement, a contractual layer that defines responsibilities, commitments, and rights for both sides. This page outlines the framework; the full document is available on request.
The DPA sits between Hotilla as the data processor and the hotel as the data controller. It governs how operational data is processed, who is accountable for what, and the terms under which the relationship can be reviewed or terminated.
These commitments form the backbone of the DPA. They are written to be specific, verifiable, and consistent with GDPR and Australian Privacy Principles standards.
Hotilla processes customer data exclusively according to the controller's instructions and within the scope agreed at onboarding. No exploratory analysis on customer data without consent.
Anyone with access to customer data (currently the founder) is bound by confidentiality obligations that survive the end of the contract. Internal access is logged and reviewed.
All sub-processors used by Hotilla are disclosed in the DPA. Customers are notified before any change to the sub-processor list and have the right to object within 30 days.
For APAC customers, application data is processed and stored within Australian region nodes. Specific residency requirements can be formalised at contract signature.
In the event of a personal data breach affecting the customer, Hotilla notifies the controller within 24 hours of confirmation, with scope, suspected cause, and immediate mitigation actions taken.
Customers retain the right to audit Hotilla's compliance with the DPA terms (directly or through an authorised third party) at reasonable intervals, with sufficient notice.
At the end of the contract, all customer data is either returned in a structured format or deleted from production and backup systems within 30 days, confirmed in writing.
Hotilla provides reasonable assistance to controllers when responding to data subject requests (access, rectification, deletion, portability) within statutory timelines.
Hotilla operates with a deliberately narrow set of sub-processors. Each one is selected for its security posture and bound by contractual obligations consistent with the DPA. The list below is current as of the last update date.
Hotilla's DPA is structured to align with the two regulatory frameworks most relevant to its APAC and EU customer base. Specific clauses can be adapted at signature to match additional jurisdictional requirements.
Article 28 obligations on processors fully reflected: documented instructions, confidentiality, security measures, sub-processor management, assistance with data subject rights, breach notification, deletion and return, audit rights.
Alignment with the 13 Australian Privacy Principles, including collection limitation, use and disclosure, data quality, security, openness, access and correction, and cross-border disclosure standards.
The full DPA document is available on request, ahead of any contract signature. It includes the complete clauses, sub-processor schedule, technical security measures, and jurisdictional appendix. Reach out and we'll send it through.
Request the full DPA