Data Retention and Deletion Policy
Managing a property is complicated enough without having to worry about what happens to your data behind the scenes. At Hostel Mate, we take a straightforward, human-centric approach to data privacy. We know that the information you entrust to us, ranging from your daily bed inventory to your operational logs, is the lifeblood of your business.
This policy is designed to tell you exactly how we protect your information, how long we keep it, and precisely what happens when it is time to part ways. No confusing jargon, just clear commitments.
1. Subscription Cancellation and the Deletion Timeline
We understand that business needs change. If you decide to close your Hostel Mate account, we want the offboarding process to be as clean and secure as possible. We utilise a phased deletion timeline. This protects you from accidental data loss if you change your mind, while guaranteeing that your data does not sit on our servers indefinitely once you leave.
Phase 1: The 10-Day Freeze
Exactly ten days after your subscription officially ends, your workspace goes into a secure "freeze mode." Your property configurations, reservation histories, and staff accounts are completely locked down. During this time, the data is entirely inaccessible to you, your staff, and any third-party API integrations you have connected.
Phase 2: The 30-Day Permanent Deletion
Thirty days after cancellation, we initiate a complete and irreversible purge of your account. Your workspace and all associated operational data are permanently wiped from our active database servers.
Important: If you need to export your records for your own archives or wish to reactivate your account, you must reach out to our team before this 30-day window closes. Once the data is wiped from our active servers, we cannot recover it for you.
2. The Lite Plan Data Lifecycle
We designed the Hostel Mate Lite plan to be a lightweight, efficient tool for smaller operations. To keep the system running smoothly and to maintain strict security standards for this tier, we enforce a rigorous, automated data lifecycle.
Monthly Automated Clearance: For all properties utilising the Lite plan, operational and historical data is automatically wiped from our active servers exactly one time per month. This is a hard, system-wide reset. If your business relies on this data for accounting, auditing, or historical reporting, it is entirely your responsibility to download and export your logs before the automated monthly clearance occurs. Once the system clears the data, it cannot be paused or reversed.
3. How We Secure Your Data
Before data is ever queued for deletion, it needs to be fiercely protected. We treat your property's information with the highest level of security, utilising the same standards expected by enterprise-level organisations.
Encryption in Transit and at Rest
Whenever data moves between your browser and Hostel Mate, it is secured using industry-standard TLS encryption. When your data sits idle on our servers, it remains heavily encrypted at rest.
Strict Access Limitations
Trust requires strict boundaries. Our engineering and customer support teams cannot view your raw property data. The only exception to this rule is if you explicitly grant us temporary, written access to troubleshoot a specific technical issue you have reported.
Enterprise-Grade Infrastructure
Hostel Mate operates on top-tier cloud infrastructure. Your data is protected by continuous security monitoring, automated threat detection protocols, and advanced firewalls built to block unauthorised access attempts around the clock.
4. The Final Stage: Backups and Eradication
It is standard practice in software development to maintain off-site backups in case of a catastrophic system failure. Hostel Mate is no different. However, we ensure that deleted data does not live in these backups forever.
When your data is permanently removed from our active servers, whether that is due to a full account cancellation hitting the 30-day mark or a monthly Lite plan wipe, it enters our backup overwrite cycle.
It takes up to 30 additional days for this deleted data to be fully overwritten and systematically purged from our encrypted, off-site disaster recovery backups. You can think of this as the final stage of the deletion process. Once this backup cycle is complete, every trace of your operational data is entirely unrecoverable by anyone, including our own database engineers.
5. The Exception: Legal and Tax Compliance
While we are completely committed to deleting your operational property data, there is one unavoidable exception. As a registered business, we are legally obligated to maintain a minimal administrative footprint of our customers.
We securely archive basic billing details, invoices, and transactional logs directly related to your Hostel Mate subscription payments. This is strictly to comply with standard accounting, tax, and legal requirements. We isolate this administrative information completely, and we guarantee it will never be used for marketing, sales profiling, or product analytics.
Questions or Concerns?
Data security is an ongoing conversation. If you need clarity on any part of this policy, or if you need assistance managing your property's data footprint, please do not hesitate to reach out. Our team is always available to assist you at contact@hostelmate.co.