Stone Chalet Icon

Privacy Policy

Effective date: 2025-09-22

1. Who We Are

Stone Chalet Bed & Breakfast Inn and Event Center (“Stone Chalet”, “we”, “our”, or “us”) operates hospitality and event-management software and services known as Stone Chalet Manage (the “Services”). We value your privacy and are committed to safeguarding personal information.

2. Scope

This Privacy Policy applies to guests, members, clients, staff, and staff leads who use our websites, booking portals, management dashboards, and related tools. By using the Services, you agree to the practices described in this Privacy Policy.

3. Information We Collect

  • Guest / Client Data: Name, email, phone, address, reservation details, dietary and service preferences, transaction metadata. Card data is processed by third-party payment processors; we don’t store full card numbers.
  • Members: Profile, preferences, booking and order history, communication history.
  • Staff & Staff Leads: Contact info, roles, schedules, assignments, duty/task information, internal notes.
  • Operational Content: Breakfast orders, room requests, event plans, questionnaires and responses, checklists, and related attachments you upload.
  • Technical Data: IP address, device details, browser type, referring URLs, pages viewed, timestamps, and cookies.
  • Third-Party Integrations: Data from connected services you authorize (e.g., Google, OTAs, email/SMS providers) to enable specific functionality.

4. How We Use Information

  • Provide and manage bookings, room assignments, breakfast orders, events, and related services.
  • Coordinate staff scheduling, duties, and internal operations.
  • Send confirmations, reminders, invoices, and service-related messages.
  • Improve site performance, support, analytics, and user experience.
  • Protect our users and Services; comply with legal, tax, and regulatory obligations.

5. Google OAuth & Gmail Data (Verification-Ready)

If you choose to connect a Google account, we use OAuth to request only the minimum scopes needed to power user-facing features, such as parsing reservation emails into our system or sending operational notifications you initiate.

5.1 What We Access

  • Identity & Basic Profile: To identify the connected Google account.
  • Gmail (Read-Only, if enabled by you): Limited to reservation/booking related messages to extract booking details (guest name, dates, room, totals) and store those parsed fields in our database.
  • Gmail Send (if enabled by you): To send operational emails you explicitly trigger (e.g., confirmations or internal notifications).

5.2 How We Use Gmail Data

  • We use Gmail data solely to provide or improve user-facing features you select (e.g., auto-ingest reservations).
  • We do not use Gmail data for advertising or for building advertising profiles.
  • We do not allow humans to read your Gmail data except:
    • with your explicit consent,
    • for security or fraud investigations,
    • to comply with applicable law, or
    • as necessary for our service to function (e.g., debugging a user-reported issue with your consent).

5.3 Google API Services User Data Policy — Limited Use

Our use and transfer of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements. We only use your Google data for the specific features you enable, we don’t sell it, and we don’t transfer it to third parties except as necessary to provide or improve the features, comply with the law, or with your explicit consent.

5.4 Access, Revocation & Deletion

  • You can revoke our access at any time via your Google Account’s security settings.
  • Upon revocation or account disconnection, we stop accessing your Google data. Parsed booking fields previously saved for legitimate business records (e.g., invoices or stay history) may remain as part of our operational records, subject to applicable law and our retention policy.
  • You may request deletion of residual personal data we control (subject to legal obligations) by contacting us at stay@stonechalet.com.

6. Information Sharing

We do not sell your personal information.

  • Service Providers: Payment processors, email/SMS providers, IT/hosting, and booking/OTA partners who help us deliver the Services under contractual confidentiality and security obligations.
  • Legal Compliance: When required by law, regulation, legal process, or to protect rights, safety, and property.

7. Data Retention

We retain personal data only as long as necessary for the purposes described in this Policy (e.g., booking records, accounting, and tax) and to comply with legal obligations, resolve disputes, and enforce agreements.

8. Security

We implement administrative, technical, and physical safeguards designed to protect personal information. No method of transmission or storage is completely secure; we continuously improve our security posture.

9. Your Rights

Depending on your location, you may have rights to access, correct, delete, or restrict certain processing of your personal information. To exercise these rights, contact us at stay@stonechalet.com. We may need to verify your identity before processing a request.

10. Cookies & Tracking

We use cookies and similar technologies to operate the site, analyze usage, and improve user experience. You can control cookies through your browser settings, but some features may not function properly if disabled.

11. Children’s Privacy

Our Services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us information, please contact us to request deletion.

12. Changes to this Policy

We may update this Policy from time to time. We will post updates on this page and revise the “Effective date” above. Material changes will be noted in-product or via email where appropriate.

13. Contact Us

Stone Chalet Bed & Breakfast Inn and Event Center 1917 Washtenaw Ave, Ann Arbor, MI 48104 stay@stonechalet.com • (734) 417-7223