Privacy Policy

Last updated: 15 February 2026

Momo Studio ("we", "us", or "our") operates hospitality technology platforms including property management systems, restaurant technology, and travel platforms with integrated WhatsApp Business API messaging and conversational AI. This Privacy Policy explains how we collect, use, disclose, and manage personal data when you use our services or interact with our applications.

1. Information We Collect

We collect the following categories of personal data:

• Contact information: Name, email address, phone number, and WhatsApp number provided when you enquire about or use our services.
• Booking and transaction data: Reservation details, order history, payment references, and service requests processed through our platforms.
• Messaging data: Messages sent and received through WhatsApp Business API, including enquiries, booking confirmations, order updates, and support conversations.
• Device and usage data: Browser type, IP address, pages visited, and interaction timestamps collected automatically when you access our web-based platforms.
• Business data: Information provided by hospitality businesses that use our platforms, including property details, menu information, and staff contact details.
• Advertising data: Google Ads account data accessed via the Google Ads API on behalf of clients, including campaign performance metrics, ad spend and budget data, keyword and audience targeting information, and account configuration settings.

2. How We Use Your Data

We use the data we collect for the following purposes:

• Service delivery: Processing bookings, managing orders, and facilitating communication between guests and hospitality businesses.
• WhatsApp messaging: Sending booking confirmations, check-in instructions, order updates, and responding to enquiries via the WhatsApp Business API.
• Conversational AI: Powering AI chatbots that handle guest enquiries, booking requests, and service requests on behalf of our business clients.
• Staff coordination: Delivering internal notifications to housekeeping, kitchen, and front desk teams.
• Platform improvement: Analysing usage patterns to improve our products and services.
• Legal compliance: Meeting regulatory obligations and responding to lawful requests.

3. How We Share Your Data

We do not sell personal data. We share data only in the following circumstances:

• With hospitality businesses: Guest data is shared with the hotel, restaurant, or travel operator you are interacting with, as they are the data controller for your booking or order.
• With Meta (WhatsApp): Messages are transmitted through the WhatsApp Business API, operated by Meta Platforms, Inc. Meta processes this data in accordance with their own privacy policy.
• With service providers: We use third-party infrastructure providers for hosting, analytics, and AI processing. These providers are bound by data processing agreements and process data only on our instructions.
• For legal reasons: We may disclose data if required by law, court order, or to protect the rights and safety of our users and business partners.

4. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy:

• Booking and transaction data is retained for the duration required by applicable tax and business regulations.
• WhatsApp message history is retained for up to 12 months to support ongoing guest communication and dispute resolution.
• Usage and analytics data is retained in anonymised or aggregated form.
• You may request deletion of your personal data at any time by contacting us.

5. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (TLS/HTTPS) and at rest.
• Access controls limiting data access to authorised personnel only.
• Regular review of security practices and infrastructure.
• End-to-end encryption provided by the WhatsApp platform for message content.

6. Google Ads API Data

We access and manage Google Ads accounts on behalf of our hospitality clients through the Google Ads API. The following applies to all Google Ads data we process:

• We access Google Ads accounts solely to provide advertising management services on behalf of our hospitality clients.
• We use Google Ads API data only to create, manage, and optimise campaigns as instructed by our clients.
• We do not sell, share, or use Google Ads data for any purpose other than providing our services.
• Google Ads data is stored securely and retained only as long as needed to provide our services.
• Our use of the Google Ads API complies with the Google API Services User Data Policy, including the Limited Use requirements.
• Clients can request deletion of their Google Ads data at any time by contacting us at hello@momostudio.ai.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data, subject to legal retention requirements.
• Restriction: Request that we limit processing of your data in certain circumstances.
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to processing of your data for specific purposes.

To exercise any of these rights, please contact us at hello@momostudio.ai.

8. Cookies and Tracking

Our web-based platforms may use essential cookies required for functionality. We do not use third-party advertising cookies or cross-site tracking technologies.

9. Third-Party Services

Our platforms integrate with third-party services including:

• WhatsApp Business API (Meta): For messaging between businesses and their customers.
• AI language models: For powering conversational chatbot features.
• Cloud hosting providers: For infrastructure and data storage.

Each of these services operates under its own privacy policy. We encourage you to review their policies for details on how they process data.

10. International Data Transfers

Momo Studio operates from the United Kingdom and India. Your data may be transferred to and processed in either country. Where data is transferred internationally, we ensure appropriate safeguards are in place in accordance with applicable data protection laws.

11. Children's Privacy

Our services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us so we can delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

13. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

• Email: hello@momostudio.ai
• Phone: +91 9503172600
• Address: Wells, Somerset, England & Goa, India