Hotel Data & Credit Card Security

Safeguard reservation data & guest credit cards

Protect hotel data and guest credit card information with PCI compliance, EMV certification, two-factor authentication and more. WebRezPro follows industry best practices to protect data from loss, misuse and unauthorized access or disclosure.

Data Management Policies

Data Management Policies

World Web Technologies Inc is committed to protecting privacy and developing technology that provides a safe online experience. This privacy and data management policy applies to the company’s web-based property management system called WebRezPro, hereinafter referred to as WRP.
WHAT IS WRP?
WRP is a subscription-based property management system that operates in the cloud. Lodging providers [the Property] use WRP to manage the logistical and financial processes involved in the sale of overnight accommodations and related activities. WRP covers the entire guest cycle, from pre check-in to post check-out. Primary features include accommodation and activity reservations, guest charges and payments, housekeeping management, email correspondences, accounting and more.
WHAT DATA IS COLLECTED?
To operate, WRP collects, stores and transfers data. Types of data may include, but are not limited to, guest names, contact information, credit card information and personal preferences. WRP does not knowingly collect personal information from people under the age of 18.
HOW IS DATA COLLECTED?

Data is entered into WRP in the following ways:

  1. Guests submit information into WRP via online forms.
  2. The Property enters data into WRP, either manually or via a swiping device.
  3. Third-party integrations share data via an API.
  4. WRP imports reservation information as instructed by the Property.
HOW IS DATA USED?

Data used by WRP is for the purpose of managing and completing overnight travel accommodation and related activities. Specifically, data is used for:

  1. Executing WRP processes, features and functionalities.
  2. Sending notifications and messages.
  3. Communicating with third-party integrations.
  4. Providing technical support.
  5. Complying with applicable laws if deemed necessary.
WHO OWNS THE DATA?
All guest and reservation data, regardless of input method, is owned by the Property.
WHERE IS THE DATA LOCATED?
WRP uses Amazon Web Services [AWS] in the United States. All WRP data is stored and processed at AWS.
HOW LONG IS DATA STORED?
Data is stored for the duration of the contract between WRP and the Property. Upon the Property’s request, WRP will erase all data that has been entered into the Property’s WRP system.
HOW IS DATA PROTECTED?

WRP follows industry best practices to protect data from loss, misuse and unauthorized access or disclosure.

  1. Data collected by WRP is stored securely in a database and is only accessible by authorized users.
  2. Internet security measures include Internet firewalls, intrusion detection, anti-virus protection and network monitoring. Please note: No internet security program is impenetrable. As such, WRP cannot guarantee the security of the Property’s data.
  3. Unless required for the purposes of executing WRP functionality, WRP will not disclose to others, in whole or in part, any data without the prior written permission of the Property.
SYSTEM ACCESS & EMPLOYEE PRIVILEGES
While WRP offers a variety of security measures to secure system access, including browser encryption, two-factor authentication and IP-restricted access, it is the responsibility of the Property to oversee the creation and distribution of passwords that are used to access WRP. It is also the responsibility of the Property to oversee access-privileges granted to its employees and stakeholders.
THIRD-PARTY INTEGRATIONS
WRP develops third-party integrations that are intended to enhance the WRP system. If the Property adds an integration to their WRP system (via API), the third-party integration will access and use information provided by the Property. Types of third-party integrations include online travel agencies, payment gateways/processors and electronic locks. For a complete list of available third-party integrations, visit: https://www.webrezpro.com/interfaces/. Please note: Data that is received from third parties is governed by the privacy policies of those third parties.
COOKIES
WRP uses cookies to collect Information and improve its services. Cookies are small text files containing a unique identifier that are placed in a browser in order to store information about web browsing and usage. Cookies are used for various purposes, including to prevent the need to re-login into WRP each time the Property accesses the system.
POLICY UPDATES
World Web Technologies may change this policy from time to time. Please visit this page often to see any updates.
PMS PCI Compliance

PCI Compliant

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment.

IP Restricted Access

IP-Restricted Access

IP restriction settings are used to restrict access to WebRezPro by IP address. When this setting is activated, any user attempting to log into the system from an unauthorized IP address will not be able to log in.

SSL Encryption

SSL Encryption

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remains private.

Credit Card EMV Certified

EMV Certified

EMV is a payment method based upon a technical standard for smart payment cards and for payment terminals and automated teller machines that can accept them.

Two-Factor Authentication

Two-factor authentication (also known as 2FA) is a method of confirming a user's identity. In WebRezPro, this means employees must periodically enter an access code that is sent to them through text message or email.