Pilot data processing note

Pilot principle

Moment should start with the minimum hotel data required to make operational recommendations. The product does not need payment data, passport or ID data, health data, protected characteristics, or sensitive guest notes to prove pilot value.

Expected pilot data

• Hotel profile, location, and service configuration.
• Service capacity, availability, and price guardrails.
• Occupancy, arrivals, departures, and broad stay-purpose signals.
• Offer templates, staff-reviewed message drafts, and manual outcome records.
• Staff account details and hotel role membership.

Access and tenant boundaries

• Each hotel should be treated as a separate tenant.
• Staff should only see the hotel workspace they are authorised to access.
• Admin and service-role access should stay restricted and server-side.
• Logs should avoid sensitive guest information.

Before broader rollout

• Agree controller/processor roles with each hotel.
• Put a data processing agreement in place.
• Confirm subprocessors and hosting locations.
• Document retention, deletion, export, and incident response steps.
• Review any future live PMS, POS, messaging, or analytics integration before enabling it.