← Back to Glintz

Privacy Policy

Last updated: January 29, 2026

At Glintz, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our website and services.

1. Who We Are

Glintz ("we," "us," or "our") is the data controller responsible for your personal information. You can contact us at:

2. Information We Collect

2.1 Information You Provide Directly

  • Email Address: When you join our waitlist or share your hotel website with us
  • Website URL: If you're a hotelier sharing your property information
  • Optional Messages: Any additional information you choose to provide in contact forms

2.2 Information Collected Automatically

  • Usage Data: Pages visited, time spent, interactions (via Vercel Analytics)
  • Device Information: Browser type, device type, operating system
  • IP Address: For analytics and security purposes
  • Cookie Data: Your consent preferences and technical cookies

3. Legal Basis for Processing (GDPR)

We process your personal information based on the following legal grounds:

  • Consent: When you provide your email address for waitlist updates or submit forms (GDPR Art. 6(1)(a))
  • Legitimate Interests: For analytics to improve our service and user experience (GDPR Art. 6(1)(f))
  • Contract Performance: To provide services you've requested (GDPR Art. 6(1)(b))

4. How We Use Your Information

We use the information we collect for the following purposes:

  • Communication: To send you waitlist updates, launch notifications, and service announcements
  • Service Improvement: To analyze usage patterns and improve our website and app
  • Lead Management: To process and respond to hotel partnership inquiries
  • Security: To protect against fraud and unauthorized access
  • Legal Compliance: To comply with applicable laws and regulations

5. Third-Party Services & Data Sharing

We do not sell your personal information. We share your data only with the following trusted service providers:

5.1 Service Providers

  • Vercel Inc. (USA): Website hosting and analytics
    Purpose: Infrastructure, performance monitoring
    Privacy Policy
  • one.com (Denmark): Email delivery service
    Purpose: Sending notification emails
    Privacy Policy
  • Adobe Fonts (USA): Typography service
    Purpose: Website fonts
    Privacy Policy

5.2 We Do Not

  • Sell your personal information to third parties
  • Share your data for advertising purposes
  • Use your data for automated decision-making or profiling

6. International Data Transfers

Your information may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States (Vercel, Adobe). We ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Service providers' compliance with applicable data protection frameworks
  • Technical and organizational security measures

7. Data Retention

We retain your personal information for the following periods:

  • Email Addresses (Waitlist): Until you unsubscribe or request deletion, or 2 years of inactivity
  • Hotel Contact Information: Until you request deletion or 1 year after last contact
  • Analytics Data: 30 days (aggregated data may be retained longer)
  • Server Logs: 90 days for security purposes
  • Cookie Consent Records: 12 months from last update

8. Your Privacy Rights

8.1 Rights Under GDPR (EU/UK/EEA Residents)

You have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time (doesn't affect prior processing)
  • Right to Lodge a Complaint: File a complaint with your data protection authority

8.2 Rights Under CCPA/CPRA (California Residents)

California residents have additional rights:

  • Right to Know: What personal information we collect, use, disclose, and sell
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Of the sale of personal information (we do not sell your data)
  • Right to Non-Discrimination: Equal service regardless of privacy choices
  • Right to Correct: Correct inaccurate personal information
  • Right to Limit Use: Of sensitive personal information (if applicable)

8.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at contact@glintz.co with "Privacy Request" in the subject line.

We will respond to your request within 30 days (GDPR) or 45 days (CCPA). We may need to verify your identity before processing your request.

9. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience. You can manage your cookie preferences at any time by clicking "Update cookies preferences" in the footer.

9.1 Types of Cookies We Use

  • Strictly Necessary Cookies: Essential for website functionality
    Duration: Session or up to 12 months
  • Functionality Cookies: Remember your preferences (cookie consent)
    Duration: 12 months
  • Analytics Cookies: Understand how visitors use our site (Vercel Analytics)
    Duration: 30 days | Requires consent
  • Marketing Cookies: Not currently used (reserved for future use)
    Requires consent

9.2 Third-Party Cookies

  • Vercel Analytics: Performance and usage analytics (only with consent)
  • Adobe Fonts: Font loading (necessary for website display)

10. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption: HTTPS/TLS for data transmission
  • Secure Hosting: Enterprise-grade infrastructure (Vercel)
  • Access Controls: Limited access to personal data
  • Regular Security Reviews: Ongoing monitoring and updates
  • Secure Email: Encrypted email transmission (SMTP over SSL/TLS)

While we strive to protect your information, no method of transmission over the internet is 100% secure. Please use caution when sharing sensitive information online.

11. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at contact@glintz.co and we will delete such information.

12. Do Not Track Signals

Our website respects your privacy choices. You can manage tracking through our cookie consent banner. We honor Global Privacy Control (GPC) signals where applicable.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

  • Updating the "Last updated" date at the top of this page
  • Sending an email notification to registered users (for significant changes)
  • Displaying a prominent notice on our website

Your continued use of our services after changes constitutes acceptance of the updated policy.

14. Additional Information for California Residents

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have specific rights regarding their personal information.

14.1 Categories of Personal Information We Collect

  • Identifiers: Email addresses, IP addresses
  • Internet Activity: Browsing history, interactions with our website
  • Commercial Information: Records of inquiries and interest in our services

14.2 Business Purposes for Collection

  • Providing and improving our services
  • Communication and customer support
  • Analytics and research
  • Security and fraud prevention

14.3 Categories of Third Parties

  • Cloud service providers (Vercel)
  • Email service providers (one.com)
  • Font and web service providers (Adobe)

14.4 Sale of Personal Information

We do not sell your personal information. We have not sold personal information in the preceding 12 months and do not have actual knowledge of selling personal information of minors under 16.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Email: contact@glintz.co
  • Subject Line: "Privacy Inquiry" or "Privacy Request"
  • Response Time: We aim to respond within 2-3 business days

For data protection complaints in the EU, you may also contact your local data protection authority.

This Privacy Policy is effective as of the date stated above. By using our website and services, you acknowledge that you have read and understood this Privacy Policy.