Privacy Policy

1. Data we collect

BOTA Purple Beehive operates under a Sovereign Identity model. We collect the minimum identifying data needed to authenticate a Bee, surface tier-appropriate inventory, and bridge a direct-settlement booking with a hotel.

• Email address (authentication via magic link).
• Self-declared preferences (Guest DNA: dietary, pillow type, special interests).
• Booking metadata (room ID, stay dates, total price) for the duration of the soft-lock and post-stay history.
• Anonymous demand signals (search keywords, results count) — never linked to a Bee identity unless the Bee is signed in.

2. How we use it

• Authenticate access to the Sovereign Bridge.
• Surface tier-appropriate inventory (B / B+ / Ultra Bee).
• Generate the direct-settlement URL handed off to the hotel's IBE at checkout.
• Operate aggregate Demand Intelligence (no per-user profiling for ad targeting).

3. Your rights (GDPR / UAE PDPL)

You may request access to, correction of, or deletion of your personal data at any time by emailing privacy@bota-protocol.example. We respond within 30 days. You may also withdraw consent for non-essential cookies at any time via the cookie banner.

4. Cookies

We classify cookies into three categories: Essential (auth, lock window), Functional (accessibility preferences, language), and Analytics(aggregate usage). Only essential cookies run by default; the rest require explicit consent.

5. Third-party processors

Authentication and database hosting are provided by Supabase (data resident in EU / Frankfurt). Payment is performed directly between Bee and hotel via the hotel's own IBE — BOTA never processes a card transaction.