Terms of Use

Welcome to the Terms of Use page of cunnect GmbH. Here, you will find important information about the conditions under which you may use our digital services, products, and platforms. We place great value on transparency, data protection, and a trustworthy partnership. The following sections explain the specific terms that apply to our various offerings. Please read them carefully to ensure you agree with the applicable conditions.

cunnect.keyless

Governing Law and Language

This English version has been translated to the best of our knowledge and intent. In case of legal uncertainty or dispute, the original German version shall prevail.
All provisions are subject to the laws of the Federal Republic of Germany. The exclusive place of jurisdiction for all disputes arising from this agreement is the registered office of the service provider.

Terms of Use

Effective Date: April 2025

1. Scope

These Terms apply to the use of cunnect.keyless – a middleware solution between RoomRaccoon PMS and Loxone for the automated creation and management of digital access codes for hotel rooms.

2. Description of Services

cunnect.keyless automatically processes booking data to generate and manage access codes („keycodes“).

  • Booking ID
  • Room name
  • Booking period
  • Guest email address
  • Keycode

Additional data transmitted via PMS (e.g. name, phone number, billing address) is not stored and is discarded immediately.

Keycodes are accessible via the cunnect web portal by the customer, and optionally by guests through a self-service portal. Guests may view their keycode no earlier than 24 hours before check-in. Keycodes are only active on the Loxone system during the booked stay (check-in to check-out time).

All stored data – including keycodes – is automatically deleted two weeks after departure.

3. Access Rights

Customers can view, manage, or manually delete active keycodes through the cunnect web portal. Optional guest access may be enabled.

4. Fees and Contract Duration

  • Monthly usage fee: €60
  • Termination: In writing (text form), with one month’s notice
  • Immediate termination possible in case of abuse or misuse (no refund)

5. Liability

No liability is assumed for:

  • Technical disruptions beyond our control
  • Misuse of access codes by hotel guests

6. Data Protection & DPA

Personal data is processed in accordance with the GDPR. These Terms incorporate the General Data Processing Agreement (DPA), which is binding for all customers.

7. Amendments

cunnect.keyless reserves the right to amend these Terms. Customers will be notified in due time.

Data Processing Agreement (DPA)

Effective Date: April 2025

1. Parties to the Agreement

Controller: The respective hotel customer using cunnect.keyless
Processor: [Your Company Name], provider of cunnect.keyless

2. Subject of Processing

This agreement governs the processing of personal data by cunnect.keyless on behalf of the Controller. cunnect.keyless acts as a middleware between RoomRaccoon PMS and Loxone for the automated generation of digital access codes for hotel rooms.

3. Nature, Purpose and Duration of Processing

  • Purpose: Creation and management of digital keycodes for booked rooms
  • Data processed: Booking ID, room name, booking period, guest email address, keycode
  • Data not processed: Guest name, phone number, billing address (discarded immediately)
  • Retention: Data is stored until two weeks after the guest’s departure date

The keycodes are made accessible to the Controller via the cunnect web portal. Guests may optionally view their keycodes through a self-service portal (by providing booking ID and email address) no earlier than 24 hours before check-in.

Keycodes are only active on the customer’s Loxone system during the booked period (from check-in to check-out time).

4. Categories of Data Subjects

Hotel guests who have made bookings

5. Obligations of the Processor

  • Process data exclusively under documented instructions from the Controller
  • Ensure confidentiality of all personnel
  • Store data (including keycodes) securely and encrypted
  • Assist the Controller with data subject requests
  • Notify the Controller of any personal data breaches
  • Delete all data (including keycodes) after the defined retention period
  • Refrain from processing for any purposes beyond those agreed upon

6. Sub-processors

Currently used sub-processor: AWS (European data centers). Additional sub-processors will only be used with prior notice to the Controller.

7. Technical and Organizational Measures (TOMs)

  • Data encryption (AES-256)
  • Role-based access controls
  • Hosting within the EU
  • Access logging and auditing
  • Regular backups and monitoring

8. Termination

All personal data, including keycodes, will be permanently deleted no later than two weeks after guest departure.

9. Applicability

This DPA applies uniformly to all cunnect.keyless customers. The current version is publicly accessible at: [Link to PDF]. It becomes legally binding upon conclusion of the main service contract.

Privacy Policy

Effective Date: April 2025

1. Controller

The data controller under GDPR is the respective hotel using cunnect.keyless. cunnect.keyless acts solely as a data processor in accordance with Article 28 GDPR.

2. Data Processed

  • Booking ID
  • Room name
  • Booking period
  • Guest email address
  • Keycode

Other booking data (e.g. guest name, phone number, billing address) is not stored or further processed and is discarded immediately upon receipt.

3. Retention Period

All personal data – including keycodes – is automatically deleted two weeks after the departure date.

4. Purpose of Processing

The purpose of data processing is to provide and manage digital access codes for hotel room access. Keycodes are only active on the hotel’s Loxone system for the booked duration. Guests may optionally view their keycode 24 hours before arrival through the self-service portal, using their booking ID and email address.

5. Legal Basis

Data processing is carried out on behalf of the hotel pursuant to Article 6(1)(b) and (f) GDPR. The cooperation is based on the general Data Processing Agreement (DPA).

6. Data Security & Hosting

  • All data is stored in encrypted form
  • Servers are located exclusively within the EU
  • Access is restricted to authorized personnel only
  • No transfer to third parties or third countries

7. Data Subject Rights

Requests related to data subject rights (e.g. access, deletion) must be addressed to the respective hotel. cunnect.keyless will support the Controller upon request.

8. Amendments

We reserve the right to amend this Privacy Policy. The current version is available at: [your-site.com/privacy]

 

cunnect.metrics

WIP