Privacy Policy

Last updated: June 11, 2026

Manero ("we", "us", or "our") is a product of MerakiOps, a sole proprietorship (Ατομική Επιχείρηση) registered in Greece, operated by Konstantinos Christopoulos. We operate the manero.ai website and the Manero AI receptionist platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our Service. We are committed to protecting the privacy of both our hotel partners and their guests.

Manero is operated from Greece and complies with the European Union General Data Protection Regulation (GDPR) and applicable Greek data protection law.

1. Information We Collect

Hotel Partner Information: When you register for the Service, we collect your hotel name, address, contact person name, email address, phone number, billing information, and property configuration data (room types, amenities, policies, and local recommendations you provide during onboarding).

Guest Call Data: When guests interact with our AI receptionist via phone, we process audio data in real-time through Google's Gemini API to generate responses. We collect call metadata (timestamp, duration, language detected), conversation transcripts, and any personal information the guest voluntarily provides during the call (such as their name, phone number, email, or booking preferences). When the AI transfers a call to a human staff member at the hotel, call audio passes through our telephony provider's infrastructure during the transfer.

SMS Communications: As part of our Service, we may send SMS messages to guests (e.g., to confirm booking details or provide follow-up information requested during a call) and to hotel staff (e.g., to notify staff of a missed call requiring callback). SMS message content and metadata (sender, recipient, timestamp, delivery status) are collected in connection with these communications.

Usage Data: We automatically collect information about how the Service is accessed and used, including IP addresses, browser type, pages visited, time spent on pages, and interaction patterns with the dashboard.

Cookies: We use essential cookies to maintain your session and preferences. We do not use advertising or tracking cookies.

2. How We Use Your Information

We use the information we collect for the following purposes:

To provide, operate, and maintain the AI receptionist service, including processing guest calls, checking room availability, making reservations, and handling service requests.
To send SMS communications in connection with guest interactions, including booking confirmations and follow-up information to guests, and missed-call notifications to hotel staff.
To manage your account, process billing, and communicate with you about service-related matters.
To improve our Service, including training and improving our AI models, analyzing call resolution rates, and identifying common guest needs.
To comply with legal obligations, resolve disputes, and enforce our agreements.
To detect, prevent, and address technical issues or security threats.

3. Data Processing and Third-Party Services

AI Processing: Guest voice data is processed in real-time through Google's Gemini 3.1 Flash Live API. Audio data is streamed to Google's servers for speech recognition and response generation. We recommend reviewing Google's AI data processing terms at cloud.google.com/terms. We do not use guest call data to train third-party AI models.

Telephony and SMS: We use Twilio as our telephony and SMS infrastructure provider. Twilio handles the routing of inbound phone calls to our AI system, the routing of warm-transfer calls from our AI to hotel staff, and the delivery of SMS communications to guests and hotel staff. Phone numbers we provision on behalf of Hotel Partners are provisioned through Twilio. Call audio and SMS content pass through Twilio's infrastructure. Twilio is a GDPR-compliant data processor; their privacy practices are documented at https://www.twilio.com/legal/privacy.

Payment Processing: We use Stripe to process payments. Your payment information is handled directly by Stripe and is never stored on our servers.

Hosting: Our Service is hosted on cloud infrastructure within the European Economic Area (EEA). Where data transfers outside the EEA are necessary (e.g., for AI processing), we rely on Standard Contractual Clauses or other approved transfer mechanisms.

4. Legal Basis for Processing (GDPR)

We process personal data under the following legal bases:

Contract Performance: Processing necessary to provide the Service to our hotel partners and to fulfil reservation and service requests made by guests.
Legitimate Interest: Analytics to improve our Service, fraud prevention, and network security.
Consent: Where required, such as for optional marketing communications.
Legal Obligation: Where processing is required to comply with applicable law.

5. Guest Call Disclosure

All calls handled by the Manero AI receptionist begin with a disclosure informing the caller that: (a) they are speaking with an AI assistant, (b) the call may be recorded, and (c) a summary of the interaction will be logged. If the caller objects, the AI will offer to transfer them to a human staff member.

6. Data Retention

We retain hotel partner account data for as long as the account is active and for a reasonable period thereafter for legal and business purposes. Call recordings and transcripts are retained for a maximum of 90 days, after which they are automatically deleted. Call metadata (duration, timestamp, resolution status) is retained for 12 months for analytics and billing purposes. SMS message content is retained for 90 days, and SMS metadata is retained for 12 months, in alignment with call data retention. Billing records are retained for 7 years in accordance with Greek tax law.

7. Your Rights

Under the GDPR, you have the right to:

Access: Request a copy of the personal data we hold about you.
Rectification: Request correction of inaccurate data.
Erasure: Request deletion of your personal data ("right to be forgotten").
Restriction: Request that we limit the processing of your data.
Portability: Request your data in a structured, commonly used, machine-readable format.
Objection: Object to processing based on legitimate interests.

To exercise any of these rights, please contact us at team@manero.ai. We will respond within 30 days.

8. Guest Rights

Hotel guests who have interacted with the Manero AI receptionist may contact us at team@manero.ai to request access to, correction of, or deletion of any personal data collected during their call. We will coordinate with the relevant hotel partner to fulfil such requests.

9. Data Security

We implement appropriate technical and organizational measures to protect personal data, including encryption in transit (TLS 1.3) and at rest (AES-256), access controls with role-based permissions, regular security assessments, and incident response procedures. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

10. Children's Privacy

Our Service is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at team@manero.ai and we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify hotel partners of material changes via email and by posting the updated policy on our website. The "Last updated" date at the top of this policy indicates when it was last revised. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us at:

Manero — manero.ai

Email: team@manero.ai

Athens, Greece

You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) at dpa.gr.