• Home
  • Terms and privacy

Terms and privacy

Last updated: March 31, 2026

Part I — Terms of Service

1. Introduction

These Terms of Service (“Terms”) govern your access to and use of the iRoom platform (“Platform,” “Service,” or “Software”), a hotel guest communication and service management solution provided by AG Group LTD, incorporated in Hong Kong SAR (“Licensor,” “we,” “us,” or “our”).

By creating an account, accessing, or using the Platform, you (“Licensee,” “you,” or “your”) agree to be bound by these Terms. If you do not agree, you must not use the Service.

2. Service Description

iRoom is a SaaS platform that enables hotels and hospitality businesses to:

  • Manage real-time guest communication through digital channels
  • Streamline in-stay service requests and task management
  • Distribute hotel information, menus, and services via digital guest directories
  • Collect and analyze guest feedback to improve service quality
  • Integrate with property management and third-party systems via API

The Platform is provided as a cloud-based service accessible through web browsers, the Telegram messaging platform, and dedicated integrations.

3. Account Registration

3.1. To use the Platform, you must complete the registration process by providing accurate, current, and complete information about yourself and your organization.

3.2. You are responsible for maintaining the confidentiality of your account credentials. All activities that occur under your account are your responsibility.

3.3. You must immediately notify us at support@iroom.help of any unauthorized access to or use of your account.

3.4. You may create Authorized Users within your account. The number of Authorized Users is determined by your subscription plan. You are responsible for ensuring that all Authorized Users comply with these Terms.

3.5. You must be a legally registered business entity or an authorized representative of one to use the Platform for commercial purposes.

4. Subscription Plans and Billing

4.1. The Platform is offered under various subscription plans as published at www.iroom.help. You may select the plan that suits your needs.

4.2. A free trial period may be offered to new users. The duration and terms of the trial are determined at the time of registration.

4.3. Paid subscriptions are billed in advance on a recurring basis (monthly or annually) according to the selected plan. All fees are non-refundable except as expressly stated in these Terms or required by applicable law.

4.4. You may upgrade or downgrade your plan at any time. Changes take effect at the start of the next billing cycle. Unused time on a current plan may be prorated toward the new plan at our discretion.

4.5. If your subscription expires and is not renewed within 15 calendar days, we reserve the right to restrict access to the Platform. Your data will be retained for a grace period of 90 days, after which it may be permanently deleted.

4.6. We reserve the right to modify pricing with at least 14 days’ prior notice. Price changes do not affect the current billing cycle.

4.7. Payments are processed securely through Stripe. We do not store your full credit card details on our servers.

5. Acceptable Use Policy

You agree not to:

  • Use the Platform for any unlawful purpose or in violation of any applicable local, national, or international law
  • Send unsolicited bulk messages (“spam”) through the Platform
  • Attempt to gain unauthorized access to the Platform, other accounts, or related systems and networks
  • Interfere with or disrupt the integrity or performance of the Platform or its infrastructure
  • Reverse-engineer, decompile, disassemble, or otherwise attempt to discover the source code of the Platform
  • Copy, modify, distribute, sell, or lease any part of the Platform
  • Use the Platform to store or transmit material that infringes on third-party intellectual property rights
  • Exceed API rate limits (5 requests per second per account) or engage in activity that degrades service for other users
  • Use the Platform to collect, store, or process data in violation of applicable data protection laws

Violation of this policy may result in immediate suspension or termination of your account without prior notice.

6. Intellectual Property

6.1. The Platform, including its source code, algorithms, design, documentation, trademarks, and all related intellectual property, is and remains the exclusive property of AG Group LTD. These Terms grant you a limited, non-exclusive, non-transferable, revocable license to use the Platform in accordance with your subscription.

6.2. You retain full ownership of all data, content, and materials you upload to or create within the Platform (“Your Content”). You grant us a limited license to host, store, and process Your Content solely for the purpose of providing the Service.

6.3. You may not remove, alter, or obscure any copyright notices, trademarks, or other proprietary notices displayed on or within the Platform.

6.4. Feedback, suggestions, or ideas you submit regarding the Platform may be used by us without obligation to you.

7. Limitation of Liability

7.1. The Platform is provided on an “as is” and “as available” basis. We make no warranties, express or implied, regarding the Platform’s fitness for a particular purpose, reliability, availability, or accuracy.

7.2. To the maximum extent permitted by applicable law, AG Group LTD shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, business opportunities, or goodwill, arising out of or related to your use of the Platform.

7.3. Our total aggregate liability under these Terms shall not exceed the amount you paid us in the twelve (12) months preceding the event giving rise to the claim.

7.4. We do not control the content placed by Licensees within the Platform and are not responsible for its accuracy, legality, or appropriateness.

7.5. We will use commercially reasonable efforts to correct reported software errors in a timely manner, but we cannot guarantee specific resolution timeframes due to the complexity of third-party integrations and dependencies.

8. Termination

8.1. You may terminate your account at any time by contacting us at support@iroom.help.

8.2. We may suspend or terminate your access to the Platform immediately, without prior notice, if you breach these Terms or engage in activity that harms other users or the integrity of the Service.

8.3. Upon termination, your right to use the Platform ceases immediately. You may request an export of Your Content within 30 days of termination; after this period, your data may be permanently deleted.

8.4. Sections relating to intellectual property, limitation of liability, and governing law survive termination of these Terms.

9. Technical Support

9.1. We provide technical support to all active subscribers at no additional charge. Support requests may be submitted via the in-app chat or by emailing support@iroom.help.

9.2. We may request account information, technical specifications, and other relevant details to diagnose and resolve issues.

10. Governing Law and Disputes

10.1. These Terms are governed by and construed in accordance with the laws of the Hong Kong Special Administrative Region.

10.2. Any disputes arising from these Terms shall first be attempted to be resolved through good-faith negotiation. If negotiation fails, disputes shall be submitted to the competent courts of Hong Kong SAR.

10.3. If any provision of these Terms is found to be unenforceable, the remaining provisions shall continue in full force and effect.

11. Changes to These Terms

We reserve the right to modify these Terms at any time. Material changes will be communicated with at least 14 days’ prior notice via email or in-app notification. Your continued use of the Platform after such changes constitutes acceptance of the revised Terms.

Part II — Privacy Policy

Our Commitment to Hotel Partners

Your guest data belongs to you. We act as a data processor on your behalf.

We analyze aggregated, anonymized metrics — never individual guest profiles. Our analytics improve service quality algorithms, which directly increases guest satisfaction and loyalty scores for your property.

All chat messages between your hotel and guests are protected with end-to-end encryption.

1. Introduction

This Privacy Policy explains how AG Group LTD (“we,” “us,” or “our”) collects, uses, stores, and protects personal data when you use the iRoom platform. This policy is designed to comply with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Hong Kong Personal Data (Privacy) Ordinance (Cap. 486).

For the purposes of GDPR, when processing guest data on behalf of a hotel partner, we act as a Data Processor. The hotel partner is the Data Controller and determines the purposes and means of processing guest personal data.

2. Data We Collect

2.1. Hotel Partner Account Data
  • Organization name, registration details, and business address
  • Contact information (name, email, phone number) of authorized personnel
  • Billing and payment information (processed by Stripe)
  • Property details, room configurations, and service offerings
2.2. Guest Interaction Data
  • Guest names, room numbers, and contact details as provided by the hotel
  • Chat messages, service requests, and feedback submitted through the Platform
  • Language preferences and communication history
2.3. Usage and Analytics Data
  • Platform usage patterns (pages visited, features used, session duration)
  • Device information (browser type, operating system, screen resolution)
  • IP address and approximate geolocation (country/region level)
  • Performance metrics and error logs

3. How We Use Data

Important: We do not access individual guest data for our own purposes. All guest data is processed strictly on behalf of and under the instruction of the hotel partner (Data Controller). For platform improvement, we exclusively process aggregated, anonymized statistical data (big data analytics) that cannot be traced back to individual guests.

We use collected data for the following purposes:

Purpose Data Used Legal Basis (GDPR)
Providing the Platform and its features Account data, guest interaction data Contract performance
Processing payments Billing information Contract performance
Technical support Account data, usage logs Contract performance
Improving platform algorithms and service quality Aggregated, anonymized statistical data only Legitimate interest
Enhancing guest satisfaction and loyalty scores Anonymized behavioral patterns and trends Legitimate interest
Security and fraud prevention IP addresses, usage patterns Legitimate interest
Legal compliance As required by applicable law Legal obligation
Marketing communications Contact email of hotel partners Consent (opt-out available)

4. Data Storage and Security

We implement robust, industry-standard security measures to protect your data:

  • Encryption in transit: All data transmitted between your device and our servers is encrypted using TLS 1.2 or higher
  • Encryption at rest: All stored data is encrypted using AES-256 encryption
  • End-to-end encryption: Chat messages between hotels and guests are protected with end-to-end encryption
  • Access control: Strict role-based access controls limit data access to authorized personnel only
  • Infrastructure: Data is hosted on secure, certified cloud servers with regular security audits
  • Monitoring: Continuous intrusion detection and security monitoring systems
  • Backups: Encrypted, geographically distributed backups with regular integrity verification

Our security practices are aligned with ISO 27001 standards for information security management.

5. Data Retention

Data Category Retention Period
Active account data Duration of the subscription plus 90 days after termination
Guest interaction data As instructed by the hotel partner (Data Controller), default 24 months
Chat messages 12 months from date of message, unless configured otherwise by the hotel
Billing records 7 years (as required by tax and financial regulations)
Usage analytics (aggregated) 36 months in anonymized form
Server logs 90 days
Cookie data See Cookie Policy below

Upon expiration of the retention period, data is securely deleted using industry-standard data destruction methods.

6. Third-Party Services

We use the following third-party service providers to operate the Platform. Each provider is contractually bound to protect your data:

Provider Purpose Data Shared
Stripe Payment processing Billing name, email, payment card details (processed directly by Stripe; we do not store full card numbers)
Telegram Guest messaging channel and notifications Messages and media sent through Telegram-based guest interactions
Brevo Transactional and marketing emails Email address, name, and email content

We do not sell, rent, or trade personal data to third parties for their marketing purposes.

7. Your Rights

7.1. Rights of Hotel Partners (Licensees)

As a Data Controller using our Platform, you have the right to:

  • Access all data stored in your account at any time through the Platform
  • Export your data in a portable, machine-readable format
  • Rectify any inaccurate data through the Platform or by contacting support
  • Delete your account and all associated data (subject to legal retention obligations)
  • Restrict or object to certain processing activities
  • Withdraw consent for marketing communications at any time
7.2. Rights of Guests

Guests whose data is processed through the Platform may exercise the following rights by contacting the hotel (Data Controller) directly, or by contacting us at support@iroom.help:

  • Right of access: Request a copy of personal data held about you
  • Right to rectification: Request correction of inaccurate personal data
  • Right to erasure: Request deletion of your personal data (“right to be forgotten”)
  • Right to data portability: Receive your data in a structured, commonly used format
  • Right to restrict processing: Request limitation of how your data is processed
  • Right to object: Object to processing based on legitimate interests

We will respond to all valid requests within 30 days. In complex cases, this may be extended by an additional 60 days with prior notification.

7.3. California Residents (CCPA)

If you are a California resident, you additionally have the right to:

  • Know what personal information we collect, use, and disclose
  • Request deletion of your personal information
  • Opt out of the “sale” of personal information (we do not sell personal data)
  • Non-discrimination for exercising your CCPA rights

8. Hotel Partner Data Protection Guarantees

As your Data Processor, we guarantee:

  • We process guest data solely on your documented instructions
  • We do not use guest data for any purpose other than providing the Service to you
  • We do not share identifiable guest data with other hotel partners or third parties
  • We implement appropriate technical and organizational security measures
  • We assist you in fulfilling your obligations to respond to data subject requests
  • We notify you without undue delay of any personal data breach affecting your guests
  • We delete or return all guest data upon termination of your subscription, at your choice
  • We make available all information necessary to demonstrate compliance and allow for audits

A Data Processing Agreement (DPA) is available upon request for hotel partners requiring formal documentation of these commitments.

9. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence. When we transfer data outside the European Economic Area (EEA) or other jurisdictions with data transfer restrictions, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions where applicable
  • Binding corporate rules for intra-group transfers

You may request a copy of the applicable transfer safeguards by contacting us at support@iroom.help.

10. Children’s Privacy

The Platform is designed for use by businesses and is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child’s data has been inadvertently collected, please contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification at least 14 days before they take effect. The “Last updated” date at the top of this page reflects the most recent revision.

Part III — Cookie Policy

1. What Are Cookies

Cookies are small text files placed on your device when you visit our Platform. They help us provide a better experience by remembering your preferences, keeping you signed in, and understanding how you use the Service.

2. Types of Cookies We Use

Type Purpose Duration Required
Essential Authentication, session management, security tokens, CSRF protection. The Platform cannot function without these. Session / up to 30 days Yes
Preferences Language selection, dashboard layout, theme settings, timezone configuration. Up to 12 months No
Analytics Understanding usage patterns, feature popularity, page performance. All analytics data is aggregated and anonymized. Up to 24 months No

3. Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to:

  • View and delete existing cookies
  • Block cookies from specific or all websites
  • Set preferences for certain types of cookies

Please note that disabling essential cookies will prevent the Platform from functioning correctly. Disabling preference or analytics cookies will not affect core functionality but may reduce the quality of your experience.

4. Third-Party Cookies

We do not use third-party advertising cookies. The only third-party cookies that may be set are from our payment processor (Stripe) during the checkout process, which are classified as essential cookies necessary for secure payment processing.

Contact Us

For any questions regarding these Terms, our Privacy Policy, or our Cookie Policy, or to exercise your data protection rights, please contact us:

AG Group LTD

Hong Kong SAR

Data Protection Contact: support@iroom.help

Website: www.iroom.help

This document was last updated on March 31, 2026. Previous versions are available upon request.