Legal

Privacy Policy

Last updated: March 2026

Contents

Introduction

Concierge Drawer, Inc. ("Concierge Drawer," "we," "our," or "us") operates the Concierge Drawer platform - a hospitality voucher orchestration service accessible at conciergedrawer.com, suite.conciergedrawer.com, and desk.conciergedrawer.com.

This Privacy Policy explains what information we collect when you use our platform, how we use it, and the choices you have. It applies to all users of Concierge Drawer: hotel and restaurant operators who manage voucher programs through the Suite, concierges and front-desk staff who send vouchers through the Desk, and guests who receive and redeem vouchers.

By using Concierge Drawer, you agree to the practices described in this policy. If you have questions, the simplest path is to email us directly at [email protected].

Information We Collect

We collect information in three ways: information you give us directly, information we generate as you use the platform, and information that flows in from integrated systems like your property management software.

Account and profile information

  • For Suite users (hotel and restaurant operators): your name, work email address, password, organization name, and billing details.
  • For Desk users (concierges and front-desk staff): your name and email address. Desk users sign in via magic link - we never store a password on your behalf.
  • Business details: property name, address, team structure, and any integration credentials you configure.

Guest contact information

When a concierge sends a voucher, the platform captures the guest's name, email address, and/or phone number for delivery purposes. Room number may also be recorded if provided. This information is supplied by the concierge or imported from a PMS event - it is not collected directly from the guest.

Voucher and redemption data

  • Which voucher templates were sent, to whom, and by which staff member.
  • Whether a voucher was opened, redeemed, or expired.
  • The business location where a voucher was redeemed and the staff member who confirmed it.
  • Timestamps for all voucher lifecycle events.

Integration and event data

If you connect a property management system (PMS) such as Lightspeed Hotel or Oracle OHIP, we receive reservation and check-in events from that system. We store the raw event payload alongside a normalized internal record. We only retain event data necessary to operate the voucher automation rules you configure.

Usage data

  • Log data: IP addresses, browser type, operating system, pages visited, and actions taken within the application.
  • Device information: screen resolution and whether you're on mobile or desktop.
  • Session data: authentication tokens, session duration, and navigation patterns.

How We Use Information

We use the information we collect to run and improve Concierge Drawer - full stop. We are a business-to-business SaaS product, not an ad platform. We do not sell personal data or use it for behavioral advertising.

Specifically, we use your information to:

  • Authenticate your account and maintain your session securely.
  • Deliver vouchers to guests via SMS or email on behalf of the sending business.
  • Trigger automated voucher delivery in response to PMS events you have configured.
  • Generate redemption analytics and reporting for the organizations and businesses you belong to.
  • Process billing and manage your subscription through our payment processor, Stripe.
  • Send transactional communications: magic link emails, voucher delivery receipts, billing confirmations, and critical service notifications.
  • Diagnose technical issues, maintain platform reliability, and prevent abuse.
  • Comply with legal obligations and enforce our Terms of Service.

We may use aggregated, de-identified data - data from which no individual can be identified - to understand platform-wide trends, improve our product, and communicate about the health of the network (for example, aggregate redemption rates).

Information Sharing

We do not sell personal data. We share information only in the following circumstances:

Within the platform

When a concierge sends a voucher, the sponsoring business (the hotel or restaurant that owns the offer) can see that the voucher was sent and redeemed, including the guest's name and contact details. This is a fundamental part of how the product works. Concierges who are independent platform members (not employed by the sponsoring business) accept this when using the Desk. Guests are informed of this on the voucher delivery page.

Service providers

We share data with trusted third-party vendors who help us operate the platform:

  • Stripe - payment processing and subscription billing. Stripe's privacy policy governs card and billing data.
  • SMS and email delivery providers - to deliver vouchers to guests. Guest phone numbers and email addresses are passed to these providers solely for delivery purposes.
  • Cloud infrastructure - hosting, database, and background job processing. We use infrastructure providers with appropriate security certifications.
  • Error tracking and monitoring - to identify and fix bugs. We take care to minimize personal data in error payloads.

Legal requirements

We may disclose information if required to do so by law, court order, or governmental authority, or if we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Concierge Drawer, our users, or the public.

Business transfers

If Concierge Drawer is acquired, merges with another company, or undergoes a significant asset transfer, user data may be transferred as part of that transaction. We will notify affected users via email or a prominent notice on the platform before data is transferred and becomes subject to a different privacy policy.

We never share guest personal data with third parties for marketing purposes, and we never provide advertiser access to individual user data.

Data Retention

We retain data for as long as it is necessary to provide the service and fulfill the purposes described in this policy, subject to the following:

  • Account data is retained for the life of your account and deleted within 90 days of account closure, except where we are required to retain it for legal or billing purposes.
  • Voucher and redemption records are retained for the life of the associated business account. When a business account is closed, voucher records are retained for 12 months for dispute resolution purposes, then permanently deleted.
  • Guest contact information is retained for as long as the associated voucher record exists. Businesses may delete guest data from within the Suite at any time.
  • PMS event data is retained for 90 days after the event is processed, after which raw payloads are deleted. Normalized internal event records linked to issued vouchers follow the voucher retention schedule above.
  • Billing records are retained for 7 years as required for tax and financial compliance.
  • Log data is retained for up to 90 days and then automatically purged.

You can request early deletion of personal data at any time - see the Your Rights section below.

Security

We take the security of your data seriously. Our security practices include:

  • All data transmitted between your browser and our servers is encrypted using TLS.
  • Passwords for Suite users are hashed using bcrypt - we never store plaintext passwords.
  • Desk users never set passwords; authentication is exclusively via time-limited email tokens.
  • PMS integration credentials are encrypted at rest using envelope encryption.
  • Access to production systems and databases is restricted to authorized personnel via role-based access controls.
  • We conduct periodic security reviews and address vulnerabilities on a risk-prioritized basis.

No method of transmission over the Internet or electronic storage is 100% secure. While we work hard to protect your data, we cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately at [email protected].

Your Rights

Depending on where you are located, you may have certain rights regarding your personal data. We honor these rights regardless of your location, because it is the right thing to do.

  • Access: You can request a copy of the personal data we hold about you.
  • Correction: You can ask us to correct inaccurate or incomplete data.
  • Deletion: You can ask us to delete your personal data. We will honor this request subject to any legal obligations we have to retain certain records.
  • Portability: You can request your data in a machine-readable format.
  • Opt-out of non-essential communications: You can unsubscribe from marketing emails at any time. Transactional emails (like magic link sign-ins and voucher receipts) are necessary to operate the service and cannot be disabled while your account is active.
  • Object to processing: Where we process data based on legitimate interests, you have the right to object.

To exercise any of these rights, email [email protected] with "Privacy Request" in the subject line. We will respond within 30 days.

If you are a guest who received a voucher and would like your contact information removed from our system, please contact the business that sent you the voucher or email us directly and we will assist.

Cookies

We use cookies and similar technologies to operate the platform and understand how it is used.

Essential cookies

These cookies are required for the platform to function. They include your authentication session cookie (scoped to .conciergedrawer.com so it works across Suite and Desk subdomains), CSRF protection tokens, and your preference settings. You cannot opt out of essential cookies while using the service.

Analytics cookies

We use lightweight, privacy-respecting analytics to understand which features are used, how users navigate the platform, and where we should focus improvement efforts. This data is aggregated and not tied to individual identities for reporting purposes.

No third-party advertising cookies

We do not use advertising networks or third-party retargeting pixels on any part of the Concierge Drawer platform.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "last updated" date at the top of this page. For material changes - changes that meaningfully affect how we use your data - we will notify you by email (to the address on your account) and post a notice in the application at least 14 days before the change takes effect.

Your continued use of the platform after a change takes effect constitutes your acceptance of the updated policy. If you do not agree with a change, you can close your account before the effective date.

Contact

If you have questions about this Privacy Policy, want to exercise your data rights, or have a privacy concern of any kind, please reach out:

We take privacy inquiries seriously and aim to respond within 2 business days for urgent matters and within 30 days for formal data rights requests.