Privacy Policy

Last Updated: February 16, 2026

Keen Apps, LLC ("Company," "we," "us," or "our"), a Georgia limited liability company with its principal place of business at 4279 Roswell Road, 208-156, Atlanta, GA 30342, operates the TotalGuest platform and website (collectively, the "Service"). This Privacy Policy describes how we collect, use, disclose, and protect information in connection with the Service.

This Privacy Policy applies to information collected from: (a) hospitality businesses that subscribe to TotalGuest ("Clients"); (b) guests of Client properties who interact with the TotalGuest platform ("End Users" or "Guests"); and (c) visitors to our website at totalguest.com ("Visitors").

By using the Service, you acknowledge that you have read and understood this Privacy Policy.

1. Information We Collect

1.1 Information from Clients

When a hospitality property subscribes to TotalGuest, we collect:

  • Business name, address, and contact information

  • Billing and payment information (processed by our third-party payment processor)

  • Names, email addresses, and phone numbers of authorized account users

  • Property details, including room count, location, brand assets, and local partnership information

  • Communications with our team, including support requests and feedback

1.2 Information from End Users (Guests)

When a guest interacts with the TotalGuest platform through a Client property, we may collect:

  • First name and, if provided, last name

  • Email address (if voluntarily provided)

  • Stay dates and property information

  • Itinerary preferences and selections, including dining, activity, and experience preferences

  • Interaction data, including which recommendations were viewed, selected, or saved

  • Device information, including device type, operating system, and browser type

  • Approximate location data derived from IP address (we do not collect precise GPS location unless explicitly consented to by the End User)

  • Language preference

1.3 Information from Website Visitors

When you visit our website, we collect:

  • IP address and approximate geographic location

  • Browser type, device type, and operating system

  • Pages visited, time spent on pages, and referral source

  • Information submitted through contact forms, including name, email address, property name, and message content

1.4 Information Collected Automatically

We use cookies, web beacons, and similar technologies to collect information automatically, including:

  • Session identifiers and authentication tokens

  • Usage patterns and interaction data within the Platform

  • Performance and error data for service improvement

2. How We Use Information

2.1 To Provide and Improve the Service

We use collected information to:

  • Deliver personalized itineraries and recommendations to End Users

  • Configure and maintain Client accounts and white-labeled interfaces

  • Process payments and manage subscriptions

  • Provide customer support and respond to inquiries

  • Analyze usage patterns to improve the Platform's recommendation algorithms

  • Generate aggregated, anonymized analytics for Client dashboards

  • Detect, prevent, and address technical issues and security threats

2.2 To Communicate

We use contact information to:

  • Send service-related communications, including account confirmations, billing notices, and technical updates

  • Respond to inquiries and support requests

  • Send product updates and feature announcements to Clients (you may opt out at any time)

We do not send marketing communications to End Users unless they have explicitly opted in.

2.3 To Comply with Legal Obligations

We may use information as necessary to comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

3. How We Share Information

3.1 With Clients

We share End User interaction data with the Client property whose platform the End User accessed. This includes itinerary preferences, recommendation selections, and aggregated experience analytics. Clients receive this data solely for the purpose of improving their guest experience and managing their TotalGuest integration.

3.2 With Service Providers

We share information with third-party service providers who assist us in operating the Service, including:

  • Cloud hosting and infrastructure providers

  • Payment processors

  • Analytics and performance monitoring services

  • Customer support tools

  • Email delivery services

These providers are contractually obligated to use information solely for the purpose of providing services to us and are bound by confidentiality obligations.

3.3 With Third-Party Experience Partners

When an End User books or engages with a third-party experience (such as a restaurant reservation or tour booking) through the Platform, we share the minimum information necessary to facilitate that booking. This may include the End User's name, party size, date, and time preference. We do not share End User contact information with third-party partners without the End User's explicit consent.

3.4 For Legal Reasons

We may disclose information if required to do so by law or if we believe in good faith that such disclosure is necessary to: (a) comply with a legal obligation, court order, or government request; (b) protect and defend the rights, property, or safety of Keen Apps, LLC, our Clients, or the public; or (c) detect, prevent, or address fraud, security, or technical issues.

3.5 In Connection with Business Transfers

If Keen Apps, LLC is involved in a merger, acquisition, reorganization, or sale of assets, information may be transferred as part of that transaction. We will notify affected Clients of any such transfer and any changes to this Privacy Policy.

3.6 With Your Consent

We may share information for other purposes with your explicit consent.

4. Data Retention

4.1 Client Data

We retain Client account information for the duration of the subscription and for 90 days following termination to facilitate data export. After this period, Client data is deleted from our active systems within 30 days.

4.2 End User Data

End User interaction data is retained for the duration of the Client's subscription. Personally identifiable End User data is automatically anonymized 12 months after the End User's last interaction with the Platform, unless a longer retention period is required by the Client's written instructions and applicable law.

4.3 Website Visitor Data

Website analytics data is retained for 26 months. Contact form submissions are retained for 24 months or until the inquiry is resolved, whichever is longer.

4.4 Backup and Archival

Residual copies of data may persist in backup systems for up to 90 days after deletion from active systems.

5. Data Security

We implement commercially reasonable administrative, technical, and physical safeguards to protect information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS 1.2 or higher) and at rest (AES-256)

  • Access controls and authentication requirements for all personnel

  • Regular security assessments and vulnerability testing

  • Incident response procedures and breach notification protocols

No method of transmission over the internet or method of electronic storage is completely secure. While we strive to use commercially reasonable means to protect information, we cannot guarantee absolute security.

6. Your Rights and Choices

6.1 Clients

As a Client, you may:

  • Access, update, or correct your account information at any time through the Platform

  • Request export of your data, including End User interaction data associated with your property

  • Request deletion of your account and associated data by contacting us in writing

  • Opt out of non-essential communications by following the unsubscribe instructions in any email

6.2 End Users

As an End User, you may:

  • Access the itinerary and preference data associated with your interactions by contacting the Client property or by emailing privacy@totalguest.com

  • Request correction or deletion of your personal data by emailing privacy@totalguest.com

  • Opt out of any optional communications

  • Decline to provide optional information (such as email address or detailed preferences) while still using the basic itinerary features

6.3 Cookie Preferences

You may manage cookie preferences through your browser settings. Disabling cookies may affect certain features of the Service.

7. California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

  • Right to Know. You may request information about the categories and specific pieces of personal information we have collected, the sources of collection, the business purposes for collection, and the categories of third parties with whom we share information.

  • Right to Delete. You may request deletion of personal information we have collected, subject to certain exceptions.

  • Right to Correct. You may request correction of inaccurate personal information.

  • Right to Opt Out of Sale or Sharing. We do not sell personal information. We do not share personal information for cross-context behavioral advertising purposes.

  • Right to Non-Discrimination. We will not discriminate against you for exercising your privacy rights.

To exercise these rights, contact us at privacy@totalguest.com. We will verify your identity before processing your request.

8. European Economic Area, United Kingdom, and Switzerland (GDPR)

If you are located in the European Economic Area, United Kingdom, or Switzerland, the following applies:

  • Legal Basis for Processing. We process personal data based on: (a) the performance of a contract (providing the Service); (b) legitimate interests (improving the Service, analytics, security); and (c) consent (where required by applicable law).

  • Data Subject Rights. You have the right to access, rectify, erase, restrict processing, object to processing, and port your personal data. You also have the right to withdraw consent at any time.

  • International Transfers. Your data may be transferred to and processed in the United States. We implement appropriate safeguards for international data transfers, including standard contractual clauses approved by the European Commission.

  • Supervisory Authority. You have the right to lodge a complaint with your local data protection authority.

9. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly. If you believe we have collected information from a child under 16, please contact us at privacy@totalguest.com.

10. Third-Party Links

The Service may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you access through the Platform.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by posting the updated policy on our website and, for Clients, by email notification at least 30 days before the changes take effect. The "Last Updated" date at the top of this policy indicates when the most recent revisions were made.

12. Contact Information

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

Keen Apps, LLC 4279 Roswell Road, 208-156 Atlanta, GA 30342