GetMyHotels.comBeta
DestinationsHow it worksGet the appClaude & ChatGPT
GetMyHotels.com

AI-native hotel and flight booking. Tell us where, we handle the rest.

Discover

  • Search hotels
  • Destinations
  • Get the app
  • Claude & ChatGPT
  • Blog

Help

  • Help center
  • FAQs
  • Contact support

Company

  • About
  • Careers
  • Press

Legal

  • Terms
  • Privacy
  • Cookies
© 2026 GetMyHotels. All rights reserved.
TermsPrivacyYour privacy choicesComplianceLegalDelete accountSitemap
Back to compliance

Data Processing Agreement

If you are a business customer (corporate travel manager, channel partner, or other entity) using GetMyHotels in a way that involves us processing personal data on your behalf, you can execute our standard DPA — incorporating the EU Standard Contractual Clauses and the UK International Data Transfer Addendum where required.

What the DPA covers

  • Article 28 GDPR controller-to-processor terms
  • EU SCCs (Commission Decision 2021/914) Module 2
  • UK IDTA Addendum for transfers from the UK
  • Approved sub-processor list with 30-day change notice
  • Audit rights, breach notification SLA (72 hours), security obligations
  • Return / deletion of personal data at end of term

How to execute

  1. Email privacy@getmyhotels.com with your legal entity name, signatory contact, and the contract this DPA will sit alongside.
  2. We'll send you the latest signed PDF + a counter-sign DocuSign link within 2 business days.
  3. On counter-signature we'll deposit the executed DPA in our vendor register and you'll receive a copy by email.

Need it now?

Most B2B customers can adopt our standard DPA without negotiation. For redlines or jurisdiction-specific addenda (e.g. India DPDPA, Brazil LGPD), expect 5–10 business days for legal review.

Request DPASee sub-processors