Adaptive ML

1. Introduction

AdaptiveML Limited ("we," "us," "our," or "Company") operates a Hotel Maintenance Triage System (the "System"). This Privacy Policy explains how we collect, use, disclose, and otherwise handle your information when you use our System, including through our mobile applications and web platforms.

This Privacy Policy applies to all users of the System, including hotel staff and administrators. Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use the System.

2. Information We Collect

2.1 Information You Provide Directly

User Account Information:

• Full name
• Email address
• Password (encrypted)
• Hotel association
• User role (Staff or Admin)
• Contact information (phone number, if provided)

Maintenance Issue Data:

• Issue description and details
• Issue location within the property
• Photos or attachments related to the issue (if uploaded)
• Urgency level and classification
• Status and resolution notes
• Date and time of submission

System Usage Information:

• Login timestamps
• Actions performed within the System
• Issue searches and filters applied
• System pages and features accessed

2.2 Information Collected Automatically

Device and Access Information:

• Device type and operating system
• App version and build number
• IP address
• Browser or app type
• Approximate location (country/region)
• Crash logs and error reports

Usage Analytics:

• Feature usage patterns
• Time spent in various sections of the app
• Navigation paths through the application

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Primary Uses

• System Operation: To provide, maintain, and improve the Maintenance Triage System
• User Authentication: To verify your identity and manage access controls
• Issue Management: To process, track, and manage maintenance issues submitted through the platform
• AI-Assisted Analysis: To analyze submissions using Google Gemini API and provide urgency scores and recommendations
• Communication: To send service-related updates, security alerts, and system notifications
• Support: To respond to your questions and resolve issues or complaints

3.2 Artificial Intelligence Processing

The Hotel Maintenance Triage System uses Google's Generative AI (Gemini API) to:

• Analyze maintenance issue descriptions and metadata
• Generate urgency scores (1-10)
• Determine resolution type (in-house vs. external contractor)
• Provide recommendations based on issue content

Data Sharing with Google Gemini:

• Issue descriptions and metadata are sent to Google Gemini API for analysis
• Issue data is processed according to Google's AI Processing Terms
• Google does not retain this data for model training (Google Gemini for Workspace has data privacy guarantees)
• Issue photos are NOT sent to Google Gemini API

3.3 Secondary Uses

• Compliance: To comply with legal obligations and enforce our Terms & Conditions
• Security: To detect and prevent fraudulent activities, unauthorized access, and security breaches
• Analytics: To understand how users interact with the System and improve user experience
• Anonymized Research: To conduct aggregated, anonymized analysis for system improvement

4. How We Store Your Data

4.1 Data Storage

• Primary Database: Google Firebase Firestore (secure cloud database)
• Authentication: Firebase Authentication with encrypted password hashing
• File Storage: Firebase Cloud Storage for uploaded images and attachments
• Geographic Location: Data is stored in data centers in compliance with applicable data protection regulations (GDPR, etc.)

4.2 Data Security

We implement industry-standard security measures to protect your information:

• Encryption in transit (TLS/SSL)
• Encryption at rest (Firebase-managed encryption)
• Role-based access controls (staff can only access their hotel's data)
• Admin-only access to cross-property data
• Regular security audits

Note: While we implement reasonable security measures, no system is completely secure. We cannot guarantee absolute security of your information.

5. Data Retention Policy

5.1 Retention Timeline

Identifiable Data (Personally Identifiable Information):

• Retained while the maintenance issue is active and during resolution period
• Retained for 90 days after issue resolution or closure
• User account data retained as long as your account is active

Anonymized/Aggregated Data:

• Retained indefinitely for analytics, reporting, and system improvement purposes
• Cannot be linked back to you personally

User Account Data:

• Retained while your account is active
• Deleted within 30 days of account deletion, except where required by law

5.2 Data Anonymization Process

After the retention period, we anonymize data by:

• Removing all personally identifiable information
• Removing user and hotel identity associations
• Removing sensitive operational details
• Retaining only issue category, urgency score, and resolution approach for analytics

6. Data Sharing and Disclosure

6.1 Who We Share Data With

Within Your Organization:

• Hotel staff can access issues reported for their property (based on role permissions)
• Hotel administrators can access all issues for their property

Across Hotels (Admins Only):

• System administrators may view anonymized cross-property data for platform management
• Personalized issue data remains hotel-specific

Third-Party Processors:

• Google Firebase: Cloud hosting and database services (see Firebase Privacy Policy)
• Google Gemini API: AI analysis of issue descriptions (see Google Cloud Privacy Policy)
• Google Analytics: System usage analytics (optional, based on configuration)

6.2 Legal Disclosure

We may disclose your information if required by law, court order, or governmental request. We will provide you with notice of such disclosure unless prohibited by law.

6.3 No Sale of Data

We do NOT sell, rent, or trade your personal information to third parties for marketing purposes.

7. Your Privacy Rights and Choices

7.1 Access Your Data

You have the right to request a copy of the personal information we hold about you. Contact us at hello@adaptiveml.co.uk to submit a data access request.

7.2 Correct Inaccuracies

If any of your personal information is inaccurate, incomplete, or outdated, you can request correction through your user profile or by contacting us.

7.3 Data Deletion

You have the right to request deletion of your personal data, subject to legal requirements. Upon deletion request:

• Your account will be deactivated
• Personally identifiable information will be permanently deleted within 30 days
• Anonymized data will continue to be retained for analytics purposes

Note: Some data may be retained longer where required by law or contract.

7.4 Restrict Processing

You can request restrictions on how your data is processed. Restrictions will be applied for legitimate reasons (e.g., if you contest accuracy of data).

7.5 Data Portability

You have the right to request your data in a portable format. We will provide your personal data in a commonly used electronic format.

7.6 Withdraw Consent

If processing is based on your consent, you can withdraw this consent at any time by contacting us.

8. GDPR Compliance (EU Users)

If you are located in the European Union, the following additional terms apply:

• Legal Basis: We process your data based on the legitimate interest of providing and improving the System, and contractual necessity
• Data Protection Officer: All privacy inquiries are handled by our Data Protection team
• Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection authority
• Data Transfer: To the extent data is transferred outside the EU, we implement Standard Contractual Clauses

9. Children's Privacy

The Hotel Maintenance Triage System is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will delete such information promptly.

10. California Privacy Rights (CCPA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know whether your personal information is sold or disclosed
• Right to opt-out of the sale of your personal information
• Right to delete personal information
• Right to non-discrimination for exercising your CCPA rights

To exercise these rights, contact us at hello@adaptiveml.co.uk.

11. Third-Party Links and Services

The System may contain links to third-party websites and services (e.g., Google Firebase, Gemini API). This Privacy Policy applies only to the System. We are not responsible for the privacy practices of third-party services. We encourage you to review their privacy policies before providing information.

12. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

• Posting the updated Privacy Policy in the System
• Updating the "Last Updated" date at the top of this Policy

Your continued use of the System after updates indicates your acceptance of the revised Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

14. International Data Transfers

The System may process and store data internationally, including in the United States and other countries. By using the System, you consent to the transfer of your information to countries outside your country of residence, which may have data protection rules that differ from your home country. We implement safeguards to ensure adequate protection of your data during such transfers.

15. Retention Rights

We reserve the right to retain certain information as required by law, regulation, or for legitimate business purposes (e.g., to prevent fraud, enforce agreements).