Privacy Policy

Version: 4.4, Effective date: March 28, 2025

Mews Privacy Policy

This privacy policy describes how Mews collects, processes, and protects your personal data.
In this privacy policy, "Mews," "we," "our," and "us" each mean Mews Systems B.V., a Dutch company, and the applicable Mews affiliates involved in the processing activity.

The controller of your personal data is Mews Systems B.V., a Dutch company, Wibautstraat 137D, Scalehub 2nd floor, 1097DN Amsterdam, the Netherlands, registered under the Dutch Trade Register number 66426995 ("Mews Systems B.V.") or its affiliates as described below.

This privacy policy is applicable solely when Mews acts as a data controller. It is not applicable when Mews acts as a data processor, processing data on behalf of its customers.

For certain products or services, Mews may create a specific privacy policy. Should there be any conflict with this general privacy policy, the particular separate privacy policy will be given priority.

I. What Data Do We Process, Why and Based on Which Legal Basis?

Services Mews

PURPOSE	DESCRIPTION	PROCESSED DATA	LEGAL BASIS
Account registration and its usage and management	When you, as an employee or another authorized user of Mews services, create an account on the Mews Platform, and use and manage this account.	Identification details (name,surname), Log-in data (your e-mail address), Information about the company you work for and your work position, Technical details about your use of Mews Platform (logs from your actions, ID numbers assigned by the systems, etc.).	Contract performance between Mews and its customer or business partner.
Management of Mews's contractual relationships	When you or your organization engage with us as a customer, partner, advisor, or in a similar capacity, we may process your personal data for the purpose of effectively managing and maintaining our contractual relationship.	Identification details (name, surname), Contact details, such as address, phone number, e-mail address, Information about the company you work for and your work position.	Contract performance between Mews and its customers, business partners, advisors or similar, or Based on pre- contractual relationship.
Provision of customer service and support	When you use our services or contact our support team for assistance, we process your personal data necessary to provide you with service or handle your request. We use a chatbot as a first line of support on our website, managing phone calls and messages. More complex tasks are managed by our customer support team.	Identification details, Contact data, Username, password, IP address, Any other information disclosed by you when making a support query, Transcripts of conversations.	Contract performance between Mews and its customer.
Registration on and use of Mews Guest Portal	When you create an account in the Mews Guest Portal, to check in, check out, and use and manage your account.	Identification details (name, surname), Contact details, such as address, phone number, e-mail address, Nationality, Information about your preferences (salutation, language, preferences regarding your stay), Information about the company you work for and your work position, Information about your reservations/orders (including past reservations/orders), ID/passport (if you've reserved/ordered accommodation services), Content of your communication and queries, Technical details about your use of Mews Guest Portal (logs from your actions, ID numbers assigned by the systems, etc.).	Contract performance.
RoomKey Application	When you, as a guest, use our Mews mobile application called RoomKey, which is designed to open the door of your accommodation.	Identification details (name andsurname), Contact details (phone number, e- mail address), Information about your stay (hotel, dates, room), Technical details of your device, Information about use of online key.	Contract performance.
Mews University	When you, as an employee or other personnel of a Mews customer or business partner, access the training materials on how to use Mews products within Mews University.	Identification details, such as name, surname, and e-mail address, Authentication credentials for use of the service, such as username, Viewing/training completion history.	Contract performance.
Demo booking	If you contact us via Mews website or by different means to book a demo with Mews, we will process your data.	Identification details (name, surname), Contact details, such as address, phone number, e-mail address, Information the company you work for and your work position, Any further information you share with us.	Pre-contractual relationship.
Improvement of our services and products	We process your data to improve our services / products and to provide you with the best possible user and customer experience.	Identification details (name, surname), Contact details, such as address, phone number, e-mail address, Content of your feedback and your ideas share with us by various means, Information about usage of our services / products, Additional communication between you and us about provided feedback or ideas.	Our legitimate interest to improve our products and services and to provide you with the best customer and user experience.
Product testing	We may ask for your opinion about our product and services, or how you use them, or we may provide you with an option to try and test our new products and features, which will require processing of your data.	Identification details (name, surname, information about the name of our customer, which you represent), Contact details (mainly e-mail address and phone number), Technical information related to use of our products and services (information about your device, logs from operations you performed, etc.), Your feedback regarding use of our products and services.	Our legitimate interest to test and develop Mews products and services.
Customer KYC verification	When you, as a representative or ultimate beneficial owner of a Mews customer, undergo the KYC (Know Your Customer) process mandated by legislation, and provide the required data to Mews or payment processing providers.	Identification data (name, surname, date of birth), Contact data, such as personal address, phone number, e-mail address, job title/position, citizenship, Identification documents such as passports, ID cards, driver's license, proof of address documents, Company ownership information (UBO identification), Screening of individuals related to the company against sanctions list, adverse media and whether the individual is a politically exposed person.	• Contract performance between Mews and its customer, or • Our legitimate interest to verify our customer's identity.
	When you, as a client or a prospect, have an audio or video call with us, we record the call for the purposes of our services enhancement, internal training, business intelligence, and note-taking. You will be informed about the recording at the beginning of the call. If you do not wish the call to be recorded, you may contact us through alternative methods. When you make a legal claim against us, or when we need to protect our rights through legal or other means, we process your data.	Identification details (name, surname), Contact details, such as address, phone number, e-mail address, Information about the company you work for and your work position, Video/voice recordings of you (recorded expressions of a personal nature), Any further information you share with us.	Your consent, or Our legitimate interest to improve our services, provide customer support and keep the respective evidence.
Defending our rights and claims	When you make a legal claim against us, or when we need to protect our rights through legal or other means, we process your data.	Identification details (name, surname), Contact details, such as address, phone number, e-mail address, Content of our communication and contractual arrangements, Any other information provided to us throughout our relationship and necessary to defend our rights or against the claims.	Our legitimate interest in defending itself against claims, as well as when Mews has a legal obligation to do so as the law prescribes, or as part of contract fulfilment.
Fulfilment of legal obligations	In some instances, legal regulations impose obligations on us under which we are obliged to process personal data. Such cases are for instance tax and accounting laws, whistleblowing laws, antidiscrimination laws and the provision of some data to public authorities based on applicable legislation.	We process your data within the scope as required by applicable legislation.	Fulfilment of legal obligations imposed upon Mews arising from applicable legislation.
Provision of hotel services	When you, as a hotel guest, purchase accommodation and other services from Mews, which acts as a reseller for hotels.	Contact details, such as address, phone number, e-mail address, Information about your reservations/orders (including past reservations/orders), Payment information (including credit/debit card information), ID/passport (if you've reserved/ordered accommodation services), Guests' preferences, Hotel's services details, Location data (city), Identification details (name, surname).	Contract performance, or Pre- contractual relationship.

Mews Website & Marketing

Controllers of your data for the purposes mentioned in the table below are:

Mews Systems B.V. and
Mews Systems Limited, Harling House Third Floor, 47-51 Great Suffolk Street, London, England, SE1 0BS, registered under company number 10355686.

PURPOSE	DESCRIPTION	PROCESSED DATA	LEGAL BASIS
Direct marketing and promotion	Mews will use your data for its own marketing purposes, i.e., if you sign up for our newsletter or other marketing communication, which may, according to your past preferences, be of interest to you. In certain cases we may use third parties or publicly accessible information to enhance our data for marketing purposes.	•Identification details (name, surname), •Contact details, such as address, phone number, e-mail address, •Information about newsletters you signed up for and your preferences regarding marketing communication (if any), •Information about the company you work for and your work position.	Consent, or Our legitimate interest in providing you with direct marketing and in promoting. Mews products and services.
Event and webinar attendance	If you sign up for our events or webinars, we will process your data.	•Identification details (name, surname), •Contact details, such as address, phone number, e-mail address, •Events/webinars you signed up for, •Information about the company you work for and your work position, Any further information you share with us.	We process your data to enable you to attend the respective event / webinar based on contract with you or your company.
Third-party marketing	We may provide you with advertising and marketing materials of other parties via e-mail address or by different means.	•Identification details (name, surname), •Contact details, such as address, phone number, e-mail address, •Information about newsletters you signed up for and Your consent. your preferences regarding marketing communication (if any), •Information about the company you work for and your work position.	Votre consentement.
Website browsing	When you browse Mews websites, we collect and process your data to provide you with relevant content, to improve the content of our website, to remember your preferences and enable automatic filling of your details.	We process several details about you through cookies. More information about scope of data and means of processing for this purpose can be found in our Cookie Policy.	Our legitimate interest to operate Mews website, or Your consent.

Mews Careers

Controllers of your personal data for the purposes mentioned in the table below are

Mews Systems B.V.,

hiring Mews entity, i.e., Mews entity which is looking for a new employee for concrete position or where you apply for a concrete position.

PURPOSE	DESCRIPTION	PROCESSED DATA	LEGAL BASIS
Recruitment process	If you apply for any open job positions at Mews, we will process personal data you provide to us for the purposes of evaluating your suitability for any of our open positions.	Identification details (name, surname), Contact details, such as address, phone number, e-mail address, Information from your CV, Cover Letter about your past positions, qualifications, etc., Any further information you share with us during the recruitment process.	Our legitimate interest to find the right candidate for the position, or Based on pre- contractual relationship with you.
Interview recording	If you are invited to a recruitment interview, the interview may be recorded with your consent. Recording the interview allows the interviewer to focus entirely on you and allows the conversation, eliminating the need for note- taking. You will be asked to provide your consent for the recording when joining the interview. You have the option to decline the consent.	Identification details (name, surname), Information about your past positions and qualifications, The company you work for and your work positYionu,r consent. Video/voice recordings of you (recorded expressions of a personal nature), Any further information you share with us during the interview.	Your consent.
Pre-employment screening	We may conduct pre- employment screening of job applicants to mainly verify the truthfulness of the information contained in your CV and other documents you provide us with. Furthermore, we conduct ID verification, check against global sanction lists and for right to work in a particular country. For certain positions, you may be asked to provide us with your criminal record as well and we may conduct financial checks, and adverse media checks.	Identification details (name,surname), Contact details, such as address, phone number, e-mail address, Information from your CV, CoverLetter about your past positions, qualifications, etc., Criminal record, Financial status, Any further information you sharewith us during the recruitment process.	Legitimate interest to find theright candidate for the position, or Based on pre- contractualrelationship with you, or In certain cases when lawrequires us to do so.
Database of job	We may keep your CV in our internal database in order to consider you for future job positions at Mews.	Identification details (name, surname), Contact details, such as address, phone number, e - m aY i ol au dr cd or en s s s e, n t . Information from your CV, Cover Letter about your past positions, qualifications, etc.	Your consent.

II. Data Retention

Mews will keep your personal data for as long as it is required to fulfil the relevant purposes described in this privacy policy. Mews will delete your personal data when the legal basis on which your data is processed ceases to exist.

Legal basis for each purpose of processing can be found in Section I. of this privacy policy.

Personal data that Mews collects as part of the customer verification process is processed for the duration of the contractual relationship between Mews and its customers and 5 years after the termination of the contractual relationship.

III. Data Sharing, Processors and Transfers to Third Countries

Your personal data will not be shared with any third party except for the following situations:

data is necessary for provision of Mews Services,
based on your consent,
entrusting of personal data to processors who process personal data on behalf of Mews,
Mews is obliged to provide the personal data on the basis of law or upon order by a public authority, or
. Mews is obliged to provide the personal data to payment processing providers in order to facilitate the customer verification process.

In order to allow you to manage various reservations/orders made with Mews's customers (mainly hotels), Mews may share your personal data with them for the sole purpose of making and managing your reservation/order as well as other services.

Categories of Processors

We may share your data with the following categories of processors:

data centre, hosting,
marketing providers,
analytics and recording providers,
providers of polls or surveys,
business management providers (including providers of business service platforms),
task management and communication providers,
legal services, tax, accounting, and audit services,
recruitment and applicant verification providers,
information security providers.

Transfers to Third Countries

Mews will transfer your data to countries outside the EU/European Economic Area only if such a transfer is compliant with applicable legal legislation. That means, for instance, that our provider is seated in a country for which the European Commission issued a decision that it provides an adequate level of personal data protection, standard contractual clauses and/or other transfer mechanisms are in place that ensure adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals and, if necessary, additional measures are applied to ensure that the data subject is granted a level of protection essentially equivalent to that guaranteed by the GDPR. You may request a copy of the relevant safeguards at privacy@mews.com.

IV. Data Security

The security and integrity of your data is very important to us. Read more about how we protect your data in our Platform Documentation.

Even with our measures, it is your duty to keep your data safe. This means changing your password regularly, not using easy-to-guess login details, and not sharing your password or account access with anyone. Mews will never ask for your password in e-mails or messages you did not expect.

If you suspect any unauthorized use of your account or a breach of security, please inform us immediately.

V. Your rights

You are entitled to exercise your rights depending on the jurisdiction which applies to you. The table below provides you with information on your rights under the relevant jurisdiction.

Should you wish to exercise any of your rights below, please contact us via this Webform.

Your ability to exercise your rights may be restricted if Mews is required to retain your personal data for legal obligations, legal claims, or other reasons as outlined in the relevant data protection law.

I. Your rights under General Data Protection Regulation GDPR ("GDPR") and UK Data Protection Act
Right of access	You are entitled to be informed about what personal data Mews processes about you, for what purposes, and who are the recipients of your personal data.
Right to rectification	You have a right for any of your incomplete, inaccurate, or out-of- date personal data to be rectified.
Right to erasure ("right to be forgotten")	You are entitled to the erasure of certain personal data that we have collected and processed about you.
Right to restrict processing	In given cases such as when we process inaccurate personal data about you, or you deem the processing as no longer necessary, you may ask for a restriction of the processing.
Right to data portability	You have a right to receive personal data you provide us with in a structured, commonly used, and machine-readable format and to have it transmitted to another controller where technically feasible.
Right to object	You are entitled to object, on grounds relating to your particular situation, at any time to the processing of personal data that concerns you and is carried out in the public interest or for the purposes of legitimate interests pursued by Mews, including profiling.
Right to withdraw consent	If your data is processed based on your consent, you are entitled to withdraw such consent at any time. Kindly note that the withdrawal of your consent will not affect the lawfulness of processing based on your consent before its withdrawal.
Right to opt-out	You are entitled to opt out from data processing, whenever Mews processes your data based on legitimate interest. You can exercise this right in accordance with the opt-out rules described in each marketing e-mail or other form of communication via the unsubscribe option in the footer of every e-mail, via changing the settings of your user account or by directly contacting Mews.
Right to not be subject to automated decision making	You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision: (a) is necessary for entering into, or performance of, a contract between you and Mews (b) is authorized by law and the law lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or (c) is based on your explicit consent. Mews does not make decisions based solely on automated processing that would have significant effects for Mews user. For completeness, Mews uses cookies and similar technologies the use of which may amount to profiling. For information on how to withdraw your consent for the use of cookies or disable cookies, please read our Cookie Policy.
Right to file a complaint	If you wish to file a complaint in regard to the processing of your personal data by Mews, please contact our DPO via this Webform who will undertake to resolve the issue. You also have the right to lodge a complaint with our supervisory authority seated in Netherlands Autoriteit Persoonsgegevens (https://autoriteitpersoonsgegevens.nl/nl), or with the supervisory authority of the particular affiliate (for contact details please see: https://edpb.europa.eu/about-edpb/board/members_en).

II. Your rights under California Consumer Privacy Act of 2018 ("CCPA")
Right to notice	You have the right to be informed about how your personal information will be used.
Right of access	You are entitled to be informed about what personal data Mews processes about you, for what purposes and who are the recipients of your personal data.
Right to correct inaccurate personal information	You may ask Mews to correct inaccurate information that Mews has about you.
Right to limit use of sensitive personal information	You can direct Mews to only use your sensitive personal information for limited purposes, such as providing you with the services you requested.
Right to opt-out of sale or sharing	You may request Mews to stop selling or sharing your personal information ("opt-out"), including via a user-enabled global privacy control. Mews does not intend to sell your personal information, however, as we may process your data via cookies and such processing could be considered as a sale, kindly note that you have the right not to grant us consent with use of cookies, opt-out from cookies or disable cookies completely as described in our Cookie Policy.
Right to request deletion	You are entitled to the erasure of certain personal data that we have collected and processed about you.
Right to receive equal services	You have a right to not be discriminated against even if you exercise any of your CCPA rights.

III.Your rights under Personal Information Protection and Electronic Documents Act ("PIPEDA")
Right to notice	You have the right to be informed about how your personal information will be used.
Right of individual access	You are entitled to be informed about the existence, use and disclosure of your personal information by Mews and to access such personal information.
Accuracy of personal information	You are entitled to challenge the accuracy and completeness of your personal information used by Mews and have it amended as appropriate in case such information is not accurate, complete, and up to date as necessary for the purposes for which it is used.
Challenging compliance	You are entitled to challenge our compliance with the principles of PIPEDA and we shall thoroughly investigate your complaint by assessing it and cooperating with you to ensure its timely resolution.

IV.Act Respecting the Protection of Personal Information in the Private Sector ("Québec Act")
Information notice	Your personal information may be subject to communication outside of Québec. Mews established and implemented governance policies and practices which help us with our commitment to protect your personal information and you can find more information in our Platform Documentation.
Automated decision- making notice	Mews must inform you of any decision it makes about you exclusively on an automated processing of your personal information no later than at the time you will be informed of the decision itself. Mews must inform you, upon your request, of: the personal information used to render the decision; the reasons and the principal factors and parameters that led to the decision; and your right to have the personal information used to render the decision corrected. In addition, you can submit your observations in respect to the decision at privacy@mews.com.
Right to request information about data processing	You are entitled to request information about what personal information Mews collected from you and how it is used.
Right of access	You are entitled to submit a written request to obtain confirmation that Mews holds any file containing your personal data and to have such personal information communicated.
Right to rectification	You are entitled to submit a written request to rectify your personal information if it is inaccurate, incomplete, or equivocal, or if collecting, disclosing, or keeping it is not authorized by law.
Right to data portability	You are entitled to have your computerized personal information which were not created or derived from your personal information communicated to another organization in a structured, commonly used technical format.
Right to erasure ("right to be forgotten")	You are entitled to ask Mews to stop disseminating your personal information or to de-index any hyperlink attached to their name that provides access to your personal information which is unlawful or causes serious harm to your reputation or privacy.
Right to withdraw consent	You are entitled to withdraw your consent to the use of your personal information.

VI. Changes of Privacy Policy and language versions

Mews may, from time to time, change and update this privacy policy. You will be notified of any changes to this privacy policy through the release of an updated version on Mews website. You may also obtain a copy of the amended privacy policy either through your user account or via the e-mail address you have provided to Mews.

The English-language version of this privacy policy shall be controlling in all respects and shall prevail in case of any inconsistencies with translated versions Mews may provide, if any.

VII. Contact Details

Should you wish to know more about Mews, its protection of your privacy, or this privacy policy, you can contact Mews via this Webform.
Please help Mews ensure that your data is up to date. If you believe that some of the data

processed by Mews is incorrect, please contact us at the same e-mail address.

VIII. Other

Our website is intended solely for business-to-business (B2B) purposes and for use by individuals who are 18 years of age or older. We therefore do not intentionally collect information from individuals under the age of 18.