Fjer Stay
Obaveštenje o privatnosti
Version 1.0 · Effective: 4 July 2026
Pravna finalizacija u toku. info@fjer.net
1. Purpose
This notice explains who processes personal data when using Fjer Stay (https://app.fjer.net) hotel operations software.
2. Controller
Controller: Seres Marcell (operator of Fjer Stay). Registered address: 7121 Szálka, Kossuth Lajos utca 17., Hungary. Privacy contact: info@fjer.net.
3. SaaS roles
Fjer Stay is multi-tenant SaaS. When a property uses the system for staff and guest data, the property is the controller and the operator acts as processor. For registration, pilot and platform-level data, Seres Marcell is controller. DPA template available on request.
4. Storage
Operational personal data is stored primarily in the EU on Hetzner Cloud (Germany). Daily backups, 14-day retention.
5. Security (GDPR Art. 32)
- Multi-tenant model with tenant isolation
- Passwords hashed with Argon2 — plaintext never stored
- RBAC — role- and group-based access
- SuperAdmin: password + TOTP MFA in production
- Audit log for critical actions
- HTTPS / TLS encrypted transport
- JWT + refresh token rotation, logout revoke
- Login rate limiting and failed login audit
- VBA macro blocking on DOCX uploads
6. Cookies and localStorage
The Fjer Stay app uses essential storage only (sign-in, theme, consent, PWA cache). No marketing cookies.
7. Your rights
Staff/guest operational data: contact your employer/property first. Platform level: info@fjer.net. Response within 30 days. Tenant export/deletion via SuperAdmin/API.
8. Complaints
Contact info@fjer.net or your EU supervisory authority. We update this notice when the service or law changes.