Privacy Policy
Last Updated: December 26, 2025
We are committed to protecting your personal information and your right to privacy.
Table of Contents
1. Overview
This Privacy Policy describes how BookHotels.co.ke ("we", "us", or "our") collects, uses, and shares your personal information when you use our website, mobile applications, and services (collectively, the "Platform").
By using the Platform, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this policy, please do not use our Platform.
2. Information We Collect
2.1 Information You Provide
- Account Information: Name, email address, phone number, password when you create an account.
- Profile Information: Profile photo, address, preferences, and other information you choose to provide.
- Booking Information: Guest details, check-in/check-out dates, payment information, special requests.
- Vendor Information: Business name, registration details, tax information, property details, photos.
- Communication: Messages, reviews, feedback, and other communications.
2.2 Information Collected Automatically
- Usage Data: Pages visited, time spent, clicks, search queries, and other browsing information.
- Device Information: IP address, browser type, operating system, device identifiers.
- Location Data: Approximate location based on IP address or GPS (with your consent).
- Cookies and Similar Technologies: See Section 8 for more information.
2.3 Information from Third Parties
We may receive information about you from:
- Payment processors (to confirm payment status)
- Social media platforms (if you connect your account)
- Business partners and vendors
- Publicly available sources
3. How We Use Information
We use your personal information for the following purposes:
- To Provide Services: Process bookings, facilitate payments, communicate with you about your account and bookings.
- To Improve Platform: Analyze usage patterns, develop new features, and improve user experience.
- To Communicate: Send booking confirmations, updates, promotional offers, and newsletters (with your consent).
- To Ensure Security: Detect and prevent fraud, unauthorized access, and other illegal activities.
- To Comply with Laws: Meet legal obligations, respond to legal requests, and protect our rights.
- For Business Operations: Conduct research, analyze trends, and manage our business.
5. Data Security
We implement appropriate technical and organizational measures to protect your personal information, including:
- Encryption of sensitive data in transit and at rest
- Regular security assessments and penetration testing
- Access controls and authentication mechanisms
- Secure development practices
- Employee training on data protection
However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.
6. Data Retention
We retain your personal information only for as long as necessary to:
- Fulfill the purposes for which it was collected
- Comply with legal obligations
- Resolve disputes and enforce agreements
- Maintain business records
Typical retention periods:
- Account Information: Until account deletion request
- Booking Records: 7 years for tax and legal purposes
- Communication: 3 years from last contact
- Marketing Data: Until consent withdrawal
7. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information:
7.1 Access and Correction
You can access and update your personal information through your account settings or by contacting us.
7.2 Deletion
You may request deletion of your account and personal information, subject to legal retention requirements.
7.3 Data Portability
You can request a copy of your data in a structured, machine-readable format.
7.4 Consent Withdrawal
You may withdraw consent for marketing communications at any time by clicking "unsubscribe" in emails or adjusting account settings.
7.5 Objection to Processing
You may object to certain processing activities, such as direct marketing.
7.6 Complaints
You have the right to lodge a complaint with the relevant data protection authority.
To exercise these rights, please contact us at privacy@bookhotels.co.ke. We will respond within 30 days.
9. Third-Party Services
Our Platform may contain links to third-party websites and services. This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies before providing any information.
Third-party services we use include:
- Payment processors (Paystack, Flutterwave)
- Analytics services (Google Analytics)
- Advertising networks
- Social media platforms
10. Children's Privacy
Our Platform is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
11. Changes to Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on the Platform and updating the "Last Updated" date. We may also notify you via email for material changes.
Your continued use of the Platform after changes constitutes acceptance of the updated policy.
12. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:
- Data Protection Officer: privacy@bookhotels.co.ke
- Phone: +254 700 000000
- Address: Nairobi, Kenya
We will respond to your inquiry within 30 days.