Trust & Security

How we handle your data.

Hotilla operates inside the hospitality industry. Our customers entrust us with operational data that touches both their staff and their guests. This page documents, transparently, how that data is stored, protected, and governed, and where we are on our compliance roadmap.

Last updated May 2026
Region Australia · APAC
Contact security@hotilla.com
01 / Data Handling

Where it lives, how it moves.

Hotilla holds the minimum data necessary to deliver recovery cost intelligence: duty log entries, departmental records, and the derived analytical outputs. Nothing more. Here's how that data is handled at every layer.

Hosting infrastructure
Hotilla is hosted on Netlify, a SOC 2 Type II certified platform with global edge infrastructure. The application layer benefits from Netlify's compliance posture, including encrypted edge delivery and DDoS protection.
Encryption in transit
All communication between client browsers and Hotilla servers uses TLS 1.3 (HTTPS). Certificates are issued and renewed automatically through Let's Encrypt, with HTTP Strict Transport Security (HSTS) enforced.
Encryption at rest
All operational data ingested by Hotilla is encrypted at rest using AES-256 encryption on the underlying storage layer. Backup snapshots are encrypted with the same standard.
Data residency
For APAC clients, application data is processed and stored within Australian region nodes. Data residency commitments can be formalised in the Data Processing Agreement (DPA) signed at onboarding.
Tenant isolation
Each hotel property operates within a logically isolated tenant. No data is shared, aggregated, or cross-referenced across customer organisations under any circumstance.
Backup & continuity
Daily encrypted backups are maintained with a 30-day retention window. Disaster recovery procedures are documented internally and tested on a quarterly basis.
02 / Privacy & PII

Guest data is not the product.

Hotilla is designed around an operational principle: the value lies in patterns of incidents, not in the identification of individuals. Personally identifiable information is minimised by default, anonymised where possible, and never used beyond what is strictly necessary.

Guest name anonymisation
Guest names appearing in duty log entries are anonymised at ingestion. The dashboard surfaces incident patterns, room types, and dates, not personal identifiers.
No PMS or CRM integration
Hotilla does not connect to PMS or CRM systems at this stage. We deliberately operate on a narrower, less sensitive data surface: the duty log and its derivatives.
GDPR-aligned principles
Our data handling is built around GDPR principles: data minimisation, purpose limitation, storage limitation, and integrity. Australian Privacy Principles (APP) under the Privacy Act 1988 are equally applied.
Right to deletion
Customers can request full deletion of their data at any time. Deletion is executed within 30 days and confirmed in writing, including from all backup snapshots after the standard retention period.
No third-party data sharing
Customer data is never shared, sold, or licensed to third parties. No advertising trackers, no behavioural analytics on operational data, no resale of aggregated insights.
03 / Access Control

Who sees what, when.

Access to customer data is governed by the principle of least privilege. Internal access is restricted, logged, and reviewed. External access is granted only to authorised personnel of the customer property.

Customer authentication
Each property has its own credentialed access to its tenant. Credentials are never shared between properties, even within the same brand or ownership group.
Internal access policy
Internal access to customer data is limited to the founder at this stage and used only for technical support, debugging, and onboarding. All internal access is logged.
Audit logging
All data access, modification, and export events are recorded with timestamp and origin. Logs are retained for 12 months and available to customers on request.
Session security
User sessions are protected by secure session tokens with automatic expiration. Brute-force protection and rate limiting are enforced at the authentication layer.
04 / Compliance Roadmap

Where we are. Where we're going.

Hotilla is in active development of its compliance posture. We believe transparency on this roadmap matters more than claims of readiness. Here is the current state, honestly stated.

SOC 2 Type I
In progress
Engagement with audit firm under preparation. Documentation of internal controls and security practices in progress.
ISO 27001 alignment
In progress
Self-attestation document under preparation. Statement of Applicability (SoA) being mapped against current operational practices.
DPA template
Available on request
A standard Data Processing Agreement template is available for customer review and signature at onboarding. GDPR and APP-aligned.
Cyber liability insurance
In progress
Coverage of $2M AUD targeted. Quotes under review with specialist underwriters. Will be active before first paid contract signature.
Penetration testing
In progress
Independent third-party penetration test planned ahead of formal SOC 2 audit. Scope to cover application and infrastructure layers.
Vendor questionnaire response
Available on request
Pre-completed SIG-Lite security questionnaire available to customers conducting vendor due diligence.
05 / Incident Response

If something goes wrong.

Security incidents are rare but real. Our incident response process is designed to be transparent with affected customers and timely in remediation. We commit to honest communication over reputation management.

Step 01

Detection

Continuous monitoring of application, infrastructure, and authentication events. Anomaly detection on access patterns and data flows. Internal escalation path documented.

Step 02

Notification

Affected customers are notified within 24 hours of confirmation of a security incident. Notification includes scope, suspected cause, and immediate mitigation actions taken.

Step 03

Remediation

Root cause investigation initiated immediately. Remediation steps documented and executed. Customers receive a post-incident report within 7 days.

Step 04

Prevention

Lessons learned integrated into security controls and the compliance roadmap. Repeat patterns trigger structural review of relevant subsystems.

Security inquiries

Have a specific question?

For security disclosures, vendor due diligence, DPA requests, or any other formal inquiry on Hotilla's trust posture, write to us directly. We respond within two business days.

security@hotilla.com