Privacy Policy

When you sign up and use the Service, we collect:

• Account info: email address, name, password hash
• Billing info: Stripe customer ID, subscription status, invoice history. We do not store credit card numbers — Stripe holds those.
• Hardware shipping address (only if you purchase hardware)
• Splash page content you upload (logos, background images, headlines)
• API keys and integration credentials for third-party tools you connect (Mailchimp, Klaviyo, HubSpot, UniFi controllers, etc). These are encrypted at rest.
• Basic usage telemetry (login times, feature usage, error logs)

When a guest signs in through a GuestPortals-powered splash page, we collect only the fields that customer has configured on their form. This typically includes:

• Email address
• Optional: name, phone number, custom fields
• Device MAC address (required to authorize the device on the network)
• Approximate IP geolocation (derived from IP, not stored beyond the session)
• User agent string of the connecting device
• Timestamp of sign-in, site identifier, consent version

Guests are shown the customer's consent language and must check a consent box before the form submits. Guests can withdraw consent or request deletion at any time by contacting the customer.

Customer data is used to:

• Provide the Service you subscribed to
• Bill you and process payments (through Stripe)
• Send transactional emails (welcome, password reset, fair-use alerts, receipts)
• Respond to support requests
• Comply with legal obligations (tax, accounting, law enforcement requests)

Guest data (on behalf of the customer) is used to:

• Authorize the guest's device on the wifi network
• Sync to marketing integrations the customer has configured
• Compute analytics the customer sees in their dashboard
• Route happy/unhappy guests through the customer's reputation funnel (if enabled)

We never sell guest data. We never use guest data to cross-market to other GuestPortals customers. We never share guest data between unrelated customers.

GuestPortals runs on infrastructure operated by the following providers. Each is contractually bound to protect data consistent with its own published privacy practices:

• Railway — application hosting
• Neon — Postgres database
• Cloudflare R2 — uploaded splash assets and hardware imagery
• Cloudflare — DNS, CDN, and DDoS protection
• Stripe — payment processing and tax calculation
• Resend — transactional email delivery
• Fly.io — RADIUS sidecar for enterprise AP support
• Vercel — marketing site and dashboard hosting
• Twilio — SMS verification (only if customer enables it)

Customer account data is retained for the lifetime of your account. If you cancel, we retain your data for 30 days to allow recovery or export, then permanently delete it, except where law requires longer retention (e.g. US tax records for 7 years).

Guest sign-in records are retained according to the customer's configured retention policy (default 24 months). Customers can trigger a GDPR data export or erasure on behalf of a specific guest from their dashboard at any time.

Depending on your jurisdiction (GDPR in the EU/UK, CCPA/CPRA in California, similar laws elsewhere) you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your account and associated data
• Export your data in a portable format
• Object to or restrict certain processing
• Withdraw consent (for processing based on consent)
• Lodge a complaint with your local data protection authority

To exercise any of these rights, log in to your dashboard and use the account settings page, or email privacy@guestportals.app. For guest data, contact the business operating the wifi you used — they are the data controller.

The GuestPortals marketing site and dashboard use a small number of cookies:

• A session cookie to keep you logged into the dashboard (required)
• A short-lived cookie on the splash page to track the captive-portal auth request (required)

We don't use third-party advertising cookies, don't set cookies for cross-site tracking, and don't sell cookie data.

All data is transmitted over HTTPS. Passwords are hashed with bcrypt. Integration credentials and vendor API keys are encrypted at rest using Fernet. Customer Postgres data lives in Neon's managed service with encryption at rest. We regularly audit dependencies for vulnerabilities.

No system is 100% secure. If we discover a breach affecting your data, we'll notify you within 72 hours of confirmation, as required by GDPR.

GuestPortals is operated from the United States. If you access the Service from outside the US, your data will be transferred to and processed in the US. By using the Service, you consent to this transfer. We rely on Standard Contractual Clauses where required to ensure EU/UK data subjects have equivalent protection.

The Service is not directed to children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided data through a GuestPortals splash page, contact the operating business and us so it can be deleted.

We may update this Privacy Policy from time to time. Material changes will be announced via email or in-dashboard notice at least 14 days in advance. The "Last updated" date at the top of this page reflects the most recent revision.

Kos Holdings LLC, DBA GuestPortals
Salem, Oregon, USA
Privacy inquiries: privacy@guestportals.app
General support: support@guestportals.app

See our Terms of Service for the full rules of using GuestPortals.