How OpenKey collects, uses, and safeguards your personal information.
Rules, rights, and responsibilities for using OpenKey’s services and platform.
This notice is provided pursuant to the California Consumer Privacy Act as amended by the California Privacy Rights Act (collectively, “CPRA”). It explains what personal information OpenKey collects from California residents, why we collect it, how long we retain it, and whether we sell or share it for cross-context behavioral advertising.
| Category (Cal. Civ. Code §1798.140) | Examples | Purpose of Use | Retention Period | Sold/Shared? |
|---|---|---|---|---|
| Identifiers | Name, email, phone, reservation ID | Provision of digital keys; customer support | 90 days after checkout | No |
| Customer Records | Room number, stay dates | Provision of digital keys; customer support | 90 days after checkout | No |
| Internet or Network Activity | Device type, app version, key usage logs | Service functionality and security monitoring | 180 days | No |
| Geolocation (approximate) | Bluetooth proximity when the guest opts in to use the app access | Required by Lock vendors to support door unlocking over BLE. | Deleted when the key expires | No |
OpenKey does not sell or share personal information as defined under the CPRA.
California residents may exercise their rights to access or delete personal information by submitting a request to our support team.
At OpenKey, we take your privacy seriously. This Privacy Policy explains how we handle your information when you use our digital key services at participating hotels. By using OpenKey, you agree to this Privacy Policy. Thank you for trusting us with your stay.
When a hotel enables digital keys for your reservation, it shares your booking details with us so we can send you your digital credentials. We also collect basic information about your device and how you use our service to ensure everything works smoothly and securely. When you receive our provisioning invitation for digital keys, we collect non-identifiable technical information, such as your browser type and operating system, to ensure the best possible experience. If you have location services enabled, we may access your location only when necessary for Bluetooth key functionality.
If you contact us directly for support, we may collect additional information to help resolve your issue. This information is used solely for that specific conversation and isn't used for any other purpose. We retain these support communications only as long as necessary to assist you.
We use your information to deliver digital keys to your phone, whether that's through Apple Wallet, Google Wallet, Bluetooth Low Energy (BLE), or a simple PIN code. We'll send you a few text messages or emails with activation instructions and essential updates about your digital key. We also use this information to keep our service secure, provide customer support when needed, and improve our service based on its usage.
Your privacy matters to us. We don't sell your personal information, period.
We share the necessary information with the hotel you're staying at so they can manage room access and provide you with excellent service. We work with trusted service providers who help us send messages and keep our systems running, but they only get access to what they need to do their jobs. If law enforcement or legal requirements demand it, we may need to share information, but only to the extent required by law.
We maintain SOC 2 Type II compliance and use industry-standard security measures to protect your information. This includes encryption, secure authentication, and regular security audits. While no system is perfect, we work hard to keep your data safe.
You can request to see what information we have about you or ask us to correct or delete it by emailing support@openkey.co. Keep in mind we may need to retain certain information for legal or security reasons. Your digital keys automatically expire when you check out, and we typically delete your information within 90 days after your stay, unless we need to keep it longer for legal or security purposes.
If you're a California resident, you have additional privacy rights under state law. You can request information about our data practices or ask us to delete your information. We don't sell personal information to third parties.
We're based in the United States, so if you use our service from another country, your information will be processed in the U.S.
We reserve the right to update this policy from time to time. If we make significant changes, we'll let you know through the app or via email.
These Terms of Service constitute a legal agreement between you and OpenKey Inc., a Delaware corporation with offices in Dallas, Texas. By accessing or using our digital key services, you acknowledge that you have read, understood, and agree to be bound by these Terms. If you do not agree to these Terms, you may not access or use our services.
OpenKey provides digital credential services that enable hotel guests to access their rooms using mobile devices at participating hotels. Depending on your hotel's capabilities, you may receive a Bluetooth Low Energy (BLE) key, an Apple Wallet key, a Google Wallet key, or one-time PIN codes for door access. When a participating hotel enables digital keys for your reservation, we send activation instructions via SMS text message or email to the contact information provided by the hotel.
Our services are available only to individuals who have a valid reservation at a participating hotel that has enabled digital key technology. By using our services, you represent that you are at least 18 years of age or are using the services under the supervision of a parent or legal guardian, and that you are the authorized guest or have been authorized by the guest to receive and use the digital credentials.
When you receive digital key credentials from OpenKey, you are responsible for maintaining the confidentiality and security of these credentials. You must notify us immediately of any unauthorized use of your credentials or any other security breach. You agree to use our services only for lawful purposes. You may not use them to gain unauthorized access to any property or system, share or transfer digital credentials to unauthorized persons, or engage in any activity that interferes with or disrupts our services.
By using our services, you consent to receive electronic communications from us related to your digital key activation and use. These communications will be sent via SMS or email to the contact information associated with your reservation. You can expect to receive one to three messages per reservation. Standard message and data rates may apply, depending on your mobile carrier plan.
Your use of our services is subject to our Privacy Policy, which explains how we collect, use, and protect your information. By using our services, you consent to our data practices as described in the Privacy Policy. We maintain SOC 2 Type II compliance and implement industry-standard security measures to protect your information.
While we strive to provide reliable service, technical issues, maintenance, or circumstances beyond our control may occasionally affect availability. Your hotel can always provide alternative access methods to ensure you can access your room. Your digital key is tied to your hotel reservation and will automatically expire at the end of your scheduled checkout time. We may suspend or terminate your access if you violate these Terms, engage in fraudulent activity, or if requested by the hotel.
To the fullest extent permitted by applicable law, OpenKey Inc. shall not be liable for any indirect, incidental, special, consequential, or punitive damages resulting from your use or inability to use our services. Our total liability to you for any claims shall not exceed one hundred dollars.
Our services, including all content, features, and functionality, are owned by OpenKey Inc. or its licensors and are protected by United States and international intellectual property laws. You may not modify, copy, distribute, transmit, display, reproduce, or create derivative works from our services without our express written permission.
These Terms are governed by the laws of the State of Texas without regard to its conflict of law provisions. Any disputes shall be resolved in the courts located within Dallas County, Texas. If any provision of these Terms is held to be invalid or unenforceable, the remaining provisions will continue in full force and effect.
We may modify these Terms at any time by updating the "Last Updated" date. Your continued use of our services after changes constitutes acceptance of the updated Terms. These Terms constitute the entire agreement between you and OpenKey Inc. regarding the use of our services.
If you have any questions about these Terms, please get in touch with us at support@openkey.co.