Security Whitepaper

Calls, reservations, payments and administrator actions share the same security boundaries.

This document explains to hotel managers and technical teams how calls are verified, reservation actions are isolated by hotel, access is restricted and critical actions are recorded.

Call and hotel data-flow architecture for the security whitepaper
Security Whitepaper
Hotel-level data isolation
Signed external connections
Audit trail

Security foundation

Incoming calls are verified at the source, linked to the correct hotel by phone number and deduplicated. User access is restricted by hotel membership, role and action permission.

01

Hotel-level data isolation

Call, guest, reservation, payment, assistant configuration and audit records are isolated by hotel. Users can access only data permitted by their property membership and role.

02

Call data flow

Call summaries, transcripts and cost data arrive through verified connections. Duplicate external notifications and repeated reservation submissions are blocked by idempotency controls.

03

Access management

Two-factor authentication is mandatory for platform administrators and optional for hotel managers. Reservation, finance, telephony and assistant settings are controlled by separate role permissions.

Security control points

Call entry
Source, phone and event verification
Matched hotel
Reservation action
Authorization and conflict prevention
Authorized roles
Administration
Mandatory two-factor authentication and audit trail
Platform administrator

Call event processing

Auditable workflow
01
Call source is verified
02
Hotel is matched
03
Reservation action is authorized
04
Duplicate action is blocked
05
Audit record is created

The security whitepaper reflects the product design

This architecture supports security claims with auditable product behavior.

Back to Security