Cookie consent by cookie-banner.ca

Privacy Policy

This Privacy Policy explains how TravelOS Technologies Pvt. Ltd., operating under the brand name CrossBo (“CrossBo”, “we”, “us”, or “our”), collects, uses, stores, shares, and protects personal data when you visit or interact with our website, www.crossbo.com.

This Privacy Policy applies to website-related interactions only, including website visits, contact forms, demo enquiries, business communications, website analytics, and website security.

It does not directly govern personal data processed through CrossBo products such as Genie, Luna, SKY, Direct, or other hospitality technology products. Where CrossBo processes hotel guest data through these products, CrossBo usually acts as a data processor, and the relevant hotel, resort, or hospitality business acts as the data controller. Such processing is governed by the relevant customer agreement and the customer’s privacy notice.

For privacy-related questions, you can contact us at: Email: contact@crossbo.com

TravelOS Technologies Pvt. Ltd.
C501, Omaxe Palm Greens, Greater Noida, Uttar Pradesh, India
Email: contact@crossbo.com

We have not appointed a formal Data Protection Officer. Privacy-related queries may be sent to the contact email above.

1. Who We Are

CrossBo is a hospitality technology brand operated by TravelOS Technologies Pvt. Ltd.

For personal data collected through our website, such as contact enquiries and website usage information, TravelOS Technologies Pvt. Ltd. acts as the data controller.

2. Personal Data We Collect

We collect limited personal data through our website.

2.1 Information You Provide to Us

When you contact us through our website or communicate with us, we may collect:

  • name;
  • email address;
  • phone number;
  • company name;
  • job title or role;
  • country or region;
  • message or enquiry details;
  • demo request information;
  • any other information you choose to provide.

2.2 Technical and Usage Data

When you visit our website, we may collect technical and usage information, such as:

  • IP address;
  • browser type and version;
  • device type;
  • operating system;
  • pages visited;
  • date and time of visit;
  • referring website or source;
  • approximate location derived from IP address;
  • website interaction and usage information;
  • error logs and diagnostic data.

2.3 Analytics Data

We use Google Analytics to understand how visitors use our website. Google Analytics may collect information such as pages visited, time spent on pages, device/browser information, approximate location, and interaction patterns.

We use this information to understand website performance, improve content, and make the website more useful for visitors.

3. How We Use Personal Data

We use personal data collected through the website for the following purposes.

3.1 To Respond to Enquiries

We use contact details and message content to respond to your questions, demo requests, partnership enquiries, or business communications.

Lawful basis, where GDPR applies: legitimate interests and/or steps prior to entering into a contract.

3.2 To Manage Business Communications

We may use your contact details to continue relevant business discussions, schedule calls, share requested information, and maintain records of communication.

Lawful basis, where GDPR applies: legitimate interests and/or steps prior to entering into a contract.

3.3 To Operate and Secure the Website

We use technical data, logs, and diagnostic information to operate the website, detect errors, maintain availability, prevent misuse, and protect the security of our systems.

Lawful basis, where GDPR applies: legitimate interests.

3.4 To Improve the Website

We use website usage and analytics data to understand visitor behaviour, improve website structure, monitor performance, and make our content more relevant.

Lawful basis, where GDPR applies: legitimate interests and/or consent where required by applicable cookie or analytics laws.

3.5 To Comply With Legal Obligations

We may process or retain personal data where necessary to comply with legal, tax, accounting, contractual, regulatory, or dispute-related obligations.

Lawful basis, where GDPR applies: legal obligation and/or legitimate interests.

4. Cookies and Similar Technologies

Our website may use cookies and similar technologies.

We use:

  • necessary cookies, which are required for the website to function properly;
  • analytics technologies, including Google Analytics, to understand website usage and improve the website.

We do not use website cookies for newsletter marketing, behavioural advertising, or promotional email campaigns.

You can control cookies through your browser settings. Depending on your location and applicable law, you may also be shown cookie choices or a consent banner for non-essential analytics technologies.

If you disable certain cookies or tracking technologies, some parts of the website may not work as intended, and analytics data may be limited.

5. Google Analytics

We use Google Analytics to collect website usage information. Google Analytics helps us understand how visitors find and interact with our website.

Google may process analytics data according to its own privacy terms and settings. Depending on your browser, device, and privacy preferences, you may be able to limit or block analytics tracking through browser settings, privacy controls, or Google’s available opt-out tools.

We use analytics data for website improvement and performance monitoring, not for direct marketing campaigns or newsletter distribution.

6. How We Share Personal Data

We do not sell personal data.

We may share limited personal data with the following categories of recipients:

6.1 Service Providers

We may use trusted service providers to help us operate, host, secure, analyse, and maintain our website and business systems. These may include:

  • cloud infrastructure providers;
  • website hosting and database providers;
  • analytics providers;
  • email and communication tools;
  • security, monitoring, and diagnostic tools;
  • professional advisors, where necessary.

These providers are authorised to process personal data only as needed to provide services to us and are expected to protect personal data appropriately.

6.2 Legal and Compliance Purposes

We may disclose personal data where necessary to:

  • comply with applicable law;
  • respond to lawful requests from authorities;
  • enforce our agreements;
  • protect our rights, users, customers, systems, or others;
  • investigate security incidents, fraud, misuse, or legal claims.

6.3 Business Transfers

If TravelOS Technologies Pvt. Ltd. or CrossBo is involved in a merger, acquisition, restructuring, financing, sale of assets, or similar transaction, personal data may be transferred as part of that transaction, subject to appropriate safeguards.

7. International Data Transfers

CrossBo may process and store personal data using service providers and personnel located outside your country of residence, including outside the European Economic Area and the United Kingdom.

Where personal data from the European Economic Area, United Kingdom, or Switzerland is transferred to or accessed from a country that may not provide the same level of data protection, we use appropriate safeguards where required. These may include contractual protections, data processing agreements, access controls, and technical and organisational security measures.

Where CrossBo processes data on behalf of customers through its products, international transfers are handled according to the relevant customer agreement, data processing agreement, and applicable data protection laws.

8. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer period is required or permitted by law, contract, or legitimate business needs.

For website enquiries and business communications, we retain data for as long as needed to respond to the enquiry, manage the business relationship, maintain records, resolve disputes, and comply with legal obligations.

For website analytics and technical logs, retention depends on the configuration of the relevant analytics, hosting, security, and monitoring systems.

For data processed through CrossBo products on behalf of customers, including hotel guest data, retention is handled as per the relevant customer contract, product configuration, or customer instruction.

When personal data is no longer required, we delete, anonymise, or securely archive it in accordance with applicable requirements.

9. Security

We use reasonable and appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, disclosure, or destruction.

These measures may include:

  • access controls;
  • authentication controls;
  • secure cloud infrastructure;
  • encryption where appropriate;
  • monitoring and logging;
  • backup and recovery processes;
  • vulnerability and incident management;
  • employee access restrictions;
  • vendor controls;
  • internal security and data handling procedures.

No method of transmission or storage is completely secure. However, we work to maintain safeguards appropriate to the nature of the data we process.

10. Your Rights

Depending on your location and applicable law, you may have rights in relation to your personal data.

Where GDPR or similar privacy laws apply, these rights may include:

  • the right to access your personal data;
  • the right to correct inaccurate or incomplete data;
  • the right to request deletion of your data;
  • the right to restrict processing;
  • the right to object to processing;
  • the right to data portability;
  • the right to withdraw consent where processing is based on consent;
  • the right to object to direct marketing;
  • the right to lodge a complaint with a data protection authority.

To exercise your rights, contact us at contact@crossbo.com.

We may need to verify your identity before fulfilling a request. Some requests may be subject to legal, contractual, security, or operational limitations.

If your request relates to hotel guest data processed through a CrossBo product on behalf of a hotel or hospitality customer, we may direct your request to the relevant customer or assist the customer in responding to your request.

11. Marketing Communications

We do not currently use website data to send newsletters or promotional email campaigns.

If this changes in the future, we will update this Privacy Policy and provide appropriate choices or opt-out mechanisms as required by applicable law.

We may still send non-marketing communications, such as responses to enquiries, service-related messages, security notices, contractual communications, or support responses.

12. Children’s Data

Our website is intended for business users and is not directed to children.

We do not knowingly collect personal data from children through our website. If you believe a child has provided personal data to us through the website, please contact us at contact@crossbo.com.

13. Third-Party Links

Our website may contain links to third-party websites, platforms, or services. We are not responsible for the privacy practices, content, or security of third-party websites or services.

You should review the privacy policies of any third-party websites or services you visit.

14. Complaints

If you have concerns about how we handle your personal data, please contact us first at contact@crossbo.com so we can try to resolve the issue.

If GDPR, UK GDPR, or another applicable privacy law applies to you, you may also have the right to lodge a complaint with your local data protection authority or supervisory authority.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business, website, legal obligations, analytics tools, security practices, or data handling processes.

When we update this Privacy Policy, we will revise the “Last Updated” date above. Where required by law, we may provide additional notice or seek consent for material changes.

16. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us at:

TravelOS Technologies Pvt. Ltd.
C501, Omaxe Palm Greens, Greater Noida, Uttar Pradesh, India
Email: contact@crossbo.com
Website: https://www.crossbo.com

Personalized Guest Journeys. Optimized Hotel Operations.
Take a quick demo and discover Genie & Luna in action.
contact@crossbo.com
Book a demo
India
Greater Noida
TravelOS Technologies Pvt Ltd
Omaxe Palm
UAE
Saba 2
Cluster Q, JLT towers
Dubai
USA
229th Pl
Sammamish,
Washington
Switzerland
Urdorferstrasse 7,8142
Uitikon Waldegg- Zurich,
Switzerland.
© 2025 Copyright. All rights reserved.