Terms and Conditions

Effective Date: May 2, 2025
Last Updated: May 2, 2025

1. Introduction

Viste.ai (“we,” “us,” “our”) provides an AI-powered check-in assistant service in partnership with Freshlanding for short-term rentals in Málaga. By using our WhatsApp-based check-in service, you agree to these Terms & Conditions, including the Data Protection provisions below.

2. Service Overview

• Purpose: Streamline your arrival via a secure Guest App link for uploading IDs, e-signature, and receiving door codes.
• Eligibility: You must be at least 18 years old and have a valid booking with Freshlanding.

3. User Obligations

• Provide accurate personal data when prompted.
• Use the service lawfully and respectfully.
• Do not share your Guest App link or access codes with unauthorized third parties.

4. Intellectual Property

All content, trademarks, and software used in the Viste check-in assistant are owned or licensed by Viste.ai. You may not reproduce or distribute any part of the service without our express permission.

5. Limitation of Liability

Viste.ai provides the check-in assistant “as is” and disclaims all warranties. We are not liable for indirect, incidental, or consequential damages arising from your use of the service.

6. Data Protection & GDPR Compliance

6.1 Data Controller

Viste.ai (acting on behalf of Freshlanding)
Calle Trinidad Grund 10, 29003 Málaga, Spain
Email: [email protected]

6.2 Personal Data We Collect

• Identity & Booking: Name, reservation dates, arrival time.
• Check-in Data: ID/passport scan, e-signature, guest names.
• Communication Logs: WhatsApp chat history.

6.3 Purposes & Legal Bases

1. Perform the Contract (Art. 6(1)(b) GDPR): Complete your online check-in and provide access codes.
2. Legal Compliance (Art. 6(1)(c)): Fulfil Spanish traveler registration requirements.
3. Legitimate Interests (Art. 6(1)(f)): Provide and improve our customer support.

6.4 Data Sharing & Recipients

We do not sell or share your personal data with third-party marketers. Data may be shared with:

• Icnea API — to manage your booking and Guest App link.
• WhatsApp Business API / Twilio — to deliver check-in messages.
• Authorities — only when legally required (e.g., traveler registration).

We also use OpenAI models (GPT-3.5 Turbo for check-in FAQs and GPT-4 for concierge upsells), but we never send any personal data to OpenAI. Instead, our backend injects anonymized status flags and template placeholders (e.g. “Payment Pending,” “ID Verified”) so no PII leaves our secure systems.

6.5 International Transfers

No transfers outside the European Economic Area are made without appropriate safeguards.

6.6 Data Retention

• Check-in Data & ID scans: Deleted 24 hours after your check-out.
• Chat logs: Deleted 90 days after your departure.
• Legal Holds: Data required by law is retained only as necessary.

6.7 Your Rights

Under GDPR, you have the right to:

• Access your data (Art. 15)
• Rectify inaccuracies (Art. 16)
• Erase (“right to be forgotten”) (Art. 17)
• Restrict processing (Art. 18)
• Object to processing (Art. 21)
• Data portability (Art. 20)
• Withdraw consent (Art. 7)
• Lodge a complaint with the Spanish DPA: www.aepd.es

To exercise any right, email [email protected].

6.8 Security Measures

We employ industry-standard safeguards (encryption at rest & in transit, strict access controls) to protect your data.

6.9 Updates to This Policy

We may update these provisions at any time. Continued use of our service after posting the revised policy constitutes acceptance of the changes.