Skip to main content

Data flow overview

Data collected by the pixel

When a visitor loads a page with the TinyBell pixel installed, the following data is processed server-side to determine which notifications to show:

Data NOT collected

TinyBell does not collect:
  • Names, email addresses, or phone numbers (unless the visitor voluntarily submits them via a Collector widget)
  • Cookies for cross-site tracking
  • Browsing history beyond the hotel website
  • Financial or payment information
  • Biometric data
  • Social media profiles

Tracking events

Each interaction generates a tracking event stored in the track_notifications table:

Data retention

  • Tracking events: Retained for the duration of the customer’s active subscription
  • Account data: Retained until account deletion is requested
  • Cookie consent logs: Retained in CSV format, accessible only by the account owner

Data deletion

Hotel owners can delete their tracking data at any time from the dashboard. Upon account deletion, all associated data (campaigns, notifications, tracking events) is permanently removed from our database. Under GDPR Article 17, visitors can request data deletion by contacting the hotel (data controller). The hotel can then purge relevant data through TinyBell.

Sub-processors

Cloudflare processes visitor IP addresses and HTTP metadata as part of its security and CDN services. Cloudflare is certified under the EU-US Data Privacy Framework and complies with GDPR. For details, see Cloudflare’s DPA.

Encryption

  • In transit: TLS 1.2+ via Cloudflare (TLS termination at Cloudflare edge, re-encrypted to origin)
  • At rest: Database stored on encrypted volumes
  • Passwords: Bcrypt hashed, never stored in plain text