Last Updated: 20/08/2025
Mediator.com.ge is committed to protecting personal data and ensuring compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”). This statement outlines our approach to data protection and the rights of our users, customers, and partners.
When we provide hotel management software to our clients (hotels, property managers, or businesses), we act as a Data Processor, processing guest data on behalf of our clients (the Data Controllers).
When we collect personal information for our own business purposes (e.g., accounts, billing, support), we act as a Data Controller.
We only process personal data when we have a legal basis, including:
Contractual necessity – to provide services to our clients.
Legitimate interest – to improve services, ensure security, and support operations.
Legal obligation – to comply with applicable laws.
Consent – for marketing or optional features requiring user permission.
All individuals whose personal data we process have the following rights:
Right to Access – obtain confirmation about whether we process your data and request a copy.
Right to Rectification – correct inaccurate or incomplete data.
Right to Erasure (“Right to be Forgotten”) – request deletion of your data where legally permissible.
Right to Restriction of Processing – request limited use of your data in certain circumstances.
Right to Data Portability – receive your personal data in a structured, machine-readable format.
Right to Object – object to processing based on legitimate interests or direct marketing.
Right to Withdraw Consent – withdraw consent at any time, without affecting prior lawful processing.
To exercise your rights, contact us at Mediator@deliverers.ge
If personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:
Standard Contractual Clauses (SCCs).
Adequacy decisions by the European Commission.
Other lawful transfer mechanisms permitted under GDPR.
We implement technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. Measures include:
Data encryption (in transit and at rest).
Access control and authentication.
Regular system monitoring and backups.
Employee confidentiality agreements.
Personal data is retained only as long as necessary for the purpose it was collected, unless a longer retention is required by law (e.g., accounting or regulatory compliance).
In the event of a personal data breach:
We will notify affected clients without undue delay.
If required under GDPR, we will also notify the competent supervisory authority within 72 hours.
For any GDPR-related inquiries or to exercise your rights, please contact:
📧 Email: Mediator@deliverers.ge
🌍 Website: www.mediator.com.ge
If you are located in the European Union, you also have the right to lodge a complaint with your local supervisory authority.