new RDStationForms('pt-form-askflow-7fe18e00fe4d947ffe20', 'UA-109268913-1').createForm();
To facilitate understanding, we divided the Policy as follows:
PRIVACY POLICY
1. What is Asksuite’s role as a data processing agent?
2. What data do we collect?
2.1 Site visitor
2.2. Asksuite Client Collaborators
2.3. Asksuite Client Consumer
3. Do We Use Cookies?
4. With Whom Does Asksuite Share Your Data?
5. What Are the Data Subject Rights?
6. How Long Will the Data Be Stored?
7. How Does Information Security Work at Asksuite?
8. International Transfers
9. Who is our Data Protection Officer (DPO) and how to contact them?
10. Updates and Revisions
1. What is Asksuite’s role as a data processing agent?
Asksuite acts as a Data Processor with respect to its Clients (Hotels or Resorts) upon acquisition of the Platform, since most purposes for the use of personal data collected by the chatbot are under their responsibility. In such cases, Asksuite processes personal data on behalf of the data controller and in accordance with its instructions.
In other words, we generally process data on behalf of our Clients and for the purposes they define.
In specific situations, such as for the development of new products and usage statistics, Asksuite acts as a Data Controller, being responsible for decisions related to the processing of personal data.
2. What data do we collect?
The amount and type of information collected by Asksuite vary depending on how the Client or Consumer uses our Platform. Most purposes for the use of personal data collected by the chatbot are under the responsibility of our Clients, who qualify as the “data controllers.” In other words, we generally process data on behalf of our Clients and for the purposes they define.
2.1 Site visitor
If you are a visitor to our website, we will use your personal data as follows:
| Purpose | Personal Data | Legal Basis |
| Access the website | IP address, date and time of access, and cookies | Consent |
| Communicate with our specialists | Name, email, phone number, company, and company type | Consent |
2.2. Asksuite Client Collaborators
If you are an employee of an Asksuite Client using our Platform — for example, a staff member of a hotel or resort — we will use your personal data as shown below:
| Purpose | Personal Data | Legal Basis |
| Access the Platform | IP address, date and time of access | Legal basis defined by the Controller |
| Register on the Platform | Name and employer | Legal basis defined by the Controller |
| Chat interaction | Name, messages sent to the consumer (service provided by an individual) | Legal basis defined by the Controller |
| Platform usage statistics | Number of interactions, response time, and use of platform features (event tracking) *These data may be used for employee evaluation and performance analysis. |
Legal basis defined by the Controller |
*These data may be used for employee evaluation and performance analysis.
2.3. Asksuite Client Consumer
If you are a Consumer of an Asksuite Client (for example, a hotel guest), your personal data may be accessed directly on the Platform by the Client and its employees.
However, it is important to clarify that Asksuite does not control the manner or purposes for which most of the information collected by Clients through our Platform is used. These data belong to Asksuite’s Clients, who use, disclose, and protect them in accordance with their own privacy policies.
In some cases, we may use the collected data for Asksuite’s own purposes, such as the development of new products and services, as outlined in the table below. In such cases, Asksuite assumes the role of Data Controller.
We recommend that Consumers carefully read the privacy policy of the Client with whom they are interacting. Furthermore, if you have any questions about how your personal data will be processed, we advise you to contact directly the Client providing the services.
In general, our Platform is used for the following purposes:
| Personal Data Collected | Purpose | Legal Basis for Processing Your Personal Data |
| Name, email, phone number* *These details may vary depending on what the Client chooses to collect via chat. |
Identification in the Chat | Legal basis defined by the Controller |
| Messages sent by the Consumer (chat history) | Chat Interaction | Legal basis defined by the Controller |
| Name, profession, nationality, phone number, age, gender, identification document, residence (city, state, and country), origin, destination, reason for travel, companions, signature, check-in and check-out dates (according to the Guest Registration Form requirements) | Pre Check-in | Legal basis defined by the Controller |
| IP address, browser/communication channel used, URL, tags, location via IP, language | Preparation of Platform Usage Statistics | Legitimate interest |
| Platform usage statistics, service history | Development of New Asksuite Products and Services | Legitimate interest |
3. Do We Use Cookies?
Yes, we use cookies! Cookies are text files sent by the website and stored on your device (for example, a computer or mobile phone). These files contain information related to your browsing activity.
Cookies generally have an expiration date. Some cookies are automatically deleted when you close your browser (known as session cookies), while others may remain stored on your device for a longer period until manually deleted (known as persistent cookies).
Asksuite uses the following types of cookies on its platform and website:
| Type of Cookie | Description |
| Persistent or Permanent Cookies | These cookies remain on your device for a set period of time or until you manually delete them. |
| Essential or Necessary Cookies | These are essential cookies that enable navigation within our applications and access to all resources and functionalities. Without them, our services may perform poorly or may not function at all. |
| Functionality Cookies | These cookies remember your preferences and choices (such as username and preferred language) to improve the website’s functionality. |
| Analytical or Performance Cookies | These cookies optimize the way our applications operate by enhancing the user experience and collecting anonymous information about visited pages. |
| Advertising and Marketing Cookies | These cookies deliver ads tailored to your interests and limit the number of times a particular ad is displayed. |
The use of cookies is based on Asksuite’s legitimate interest. Therefore, if you wish to refuse the installation of these cookies on your device and/or choose to remove the cookies, you can manage the use of cookies in the following ways:
Cookie Banner: You can choose whether to accept or reject the use of cookies (manage your preferences in our cookie banner), except for those strictly necessary for the operation of the website.
Browser Settings: You can adjust your browser settings to disable or delete cookies. To do so, simply click on the links below, depending on the browser you use:
| Firefox | Chrome | Safari | Internet Explorer ou Edge |
By disabling all cookies in your browser, some essential functions necessary for the website’s operation may become unavailable.
It is important to clarify that Asksuite is not responsible for the use of cookies by third parties. Please be aware that cookies installed by third parties may continue to monitor your online activities even after you have exited our Platform. We recommend that you regularly clear your browsing data.
Asksuite may work alongside other companies in a wide range of activities, including hosting, data storage, data analysis, among others. Therefore, we reserve the right to share your information, including personal data, as indicated below. Whenever possible, we will implement mechanisms for data anonymization and pseudonymization, and we will maintain strict clauses in our contracts to preserve your privacy as much as possible.
We may share your personal data in the following cases:
Our Suppliers: We contract suppliers to operate our Platform and provide our services, some of whom handle personal data collected on behalf of the Client. For example, we use hosting and data storage services and hire analysis services to analyze the use of our Platform. We strive to protect the privacy of your personal data, but unfortunately, we cannot guarantee the proper handling of personal data by third parties, who use, disclose, and protect it according to their own privacy policies.
Our Clients: To properly develop the Platform and fulfill the execution of the contract with the Client, we will share the information collected by our chatbot with the Client linked to you.
Integration with Other Platforms: Asksuite provides integration services between software via APIs (Application Programming Interfaces), as contracted by our Client. Thus, we may integrate the information collected by our chatbot with third-party platforms, such as CRM (Customer Relationship Management) services or online sales platforms (e.g., room reservations).
To Safeguard and Protect Asksuite’s Rights: Asksuite reserves the right to access, read, preserve, and provide any data and information about you, including your interactions, if necessary, to comply with a legal obligation or court order; to enforce or apply our Contracts and other agreements; or to protect the rights, property, or safety of Asksuite, as well as our employees and/or other users. For example, we may share certain information with the Public Prosecutor’s Office and/or the Civil Police when requested by these authorities, only to the extent explicitly requested.
You can always choose not to disclose your personal data to us; however, this data may be necessary for the use of certain features provided on our Platform. Regardless, you will always have rights regarding the privacy and protection of your personal data. In this case, we recommend that you, as a Consumer, contact the hotel, resort, or inn offering you the service. If you are an employee of a hotel, resort, or inn, it is also recommended that you contact your employer directly if you wish to exercise your rights as a data subject.
Below are brief descriptions and examples of these rights:
Access to your personal data: This right allows you to request and receive a copy of your personal data held by the Clients.
Correction of your personal data: This right allows you to request the correction and/or rectification of your personal data from the Clients at any time, if you identify that they are incorrect. However, for this correction to take effect, it may be necessary to verify the validity of the data you provide.
Deletion or cancellation of your personal data: This right allows you to request the deletion of your personal data from the Clients, unless there is another reason for retaining it, such as a legal obligation to retain data or the need to keep it to protect rights.
Object to the processing of personal data: This right allows you to contest where and in what context the Client processes your personal data for different purposes. In certain situations, the Client may demonstrate that they have legitimate grounds for processing your data, which outweigh your rights, if, for example, the processing is strictly essential for the functionality of the Platform.
Portability: This right allows you to request that the Client provide your personal data to you or a third party of your choice, in a structured and interoperable format.
Withdraw consent at any time: This right allows you to withdraw your consent, but this will not affect the lawfulness of any processing carried out before the withdrawal of your consent. If you withdraw your consent, certain services may be interrupted. If that is the case, we will notify you.
Review automated decisions: This right allows you to request the Client to review decisions made solely based on the automated processing of your personal data that affect your interests.
If you are a website visitor, we may need to request specific information from you to help confirm your identity and ensure your right to access your personal data (or exercise your other rights). This is a security measure to ensure that personal data is not disclosed to anyone who is not authorized to receive it.
If you are a consumer (such as a guest) or an employee of one of our Clients (hotels and resorts) and have any questions about these issues or wish to know how to exercise these rights, we recommend that you contact the Client with whom you are linked.
For any questions, please contact us via email at: dpo@asksuite.com
Still have questions about your rights? Access here.
We will retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including compliance with any legal, contractual, accountability obligations, or requests from competent authorities.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purpose of processing your data, and the possibility of achieving those purposes by other means, as well as applicable legal requirements. In general, data is processed during the term of the contract with our Clients.
Once all the purposes justifying the processing of your data on our Platform have been fulfilled, the data will be deleted, using available technical means and considering the Retention Table. Additionally, we may continue to process personal data if we have an appropriate legal basis, especially to legally protect Asksuite.
Asksuite adopts technical and administrative measures to protect your personal data against loss, unauthorized use, or other abuses. Data is stored in a secure operational environment that is not accessible to the public.
To ensure the security of your personal data in our services, we follow the best available information security practices, including:
HTTPS protocol to transmit personal data over the internet;
Standard and industry practices for securing your collected data, such as database access management and password encryption;
Protection against unauthorized access to your systems;
Implementation of preventive measures against information security incidents;
Continuous security analyses and tests on our systems conducted by both internal and external teams;
Training on personal data protection and oversight of the adoption of required practices;
Implementation of controls based on the NBR/ISO 27001/2022, 27002/2013, and 27701/2019 standards.
We strive to protect the privacy of your account and other personal data we maintain in our records, but unfortunately, we cannot guarantee complete security. Unauthorized access or use of the account, hardware or software failures, and other factors may compromise the security of your personal data at any time.
Therefore, help us maintain a safe environment for everyone. In addition to adopting good security practices regarding your account and data, if you identify or become aware of anything that compromises the security of your data, please contact us.
It is possible that some of our systems are hosted on servers located in other countries, which would constitute an international transfer of personal data.
In such cases, or in any situations where an international transfer may occur, we reaffirm our full commitment to ensuring that we only carry out international transfers in accordance with Article 33, IX, of the LGPD and Regulation No. 19 of the ANPD.
Furthermore, we are committed to evaluating our international partners and contracting companies that adhere to other data protection regulations, such as the European GDPR, and the American CCPA and CDPA.
If you have any further questions about how we use your data, comments, or suggestions related to this Policy, or if you believe that your personal data has been used in a manner inconsistent with this Privacy Policy or with your choices as a data subject, you can contact our Data Protection Officer (DPO):
DPO: Data Guide (CNPJ No. 39.317.591/0001-60)
Legal Representative: Taynara Rodrigues Bernardo
Contact Email: dpo@asksuite.com
Asksuite may periodically update/revise this Policy to reflect improvements in services or legal changes. The updated version will always be published on our website, and for your convenience, we indicate the date of the last update at the end of the document.
Last Update: October 21, 2025
new RDStationForms('pt-form-askflow-7fe18e00fe4d947ffe20', 'UA-109268913-1').createForm();