Radefy – Terms of Service
1. Agreement & Acceptance
These Terms of Service (“Terms”) govern your access to and use of Radefy’s websites, applications, APIs, hardware integrations and related services (“Services”). By creating an account, placing an order, clicking “I agree”, or using the Services, you agree to these Terms. Radefy primarily serves B2B accommodation operators (hotels, villas, apartments, property managers, system integrators). If you are a consumer, mandatory EU rights may still apply and prevail where applicable.
2. Who We Are & Contact
- Entity: Radefy I.K.E. (Greek private company)
- Registered seat: [insert address] | VAT: [insert] | GEMI: [insert]
- Email: legal@radefy.com (legal) | support@radefy.com (support)
- The Privacy Policy, Cookie Policy, Data Processing Addendum (DPA) and Sub‑processors page form part of these Terms.
3. Definitions
- Account: your administrative account to configure and operate the Services.
- Accommodation Unit: a bookable room/apartment/bed or similar.
- Connected Lock: a smart lock connected to Radefy (Radefy or third‑party e.g., Nuki, TTLock).
- FlexTracks: pricing track for Guest Experience features, billed per room/apartment.
- LeaseFlex: pricing track for Access & Energy, billed per connected lock; includes lease‑to‑use options.
- Free Plan: access‑basic plan available only with Radefy lock purchases on the e‑shop.
- Order: an online checkout order or signed sales order specifying plans, quantities, prices, and term.
- Subscription Term: the initial and any renewal period for your plan.
4. Services – What You Get
- Access control: e‑keys (manual/automated), remote unlock, common‑door groups, audit logs.
- Electric/Energy: presence‑based automation (HVAC, hot water, relays) and savings analytics.
- Guest Experience: online check‑in, branded web app, digital guide, AI assistant, comms hub (WhatsApp/SMS/Email), automated journeys, website widget, upsells/marketplace.Cookie Policy (English)
- Integrations: PMS/Channel Managers, payment processors, messaging providers, lock manufacturers.
- Analytics & administration portals. We may improve or modify features; we avoid materially reducing core functionality during a paid term unless required for legal/safety reasons (we will notify you where feasible).
5. Accounts, Eligibility & Your Responsibilities
- You must be legally capable of contracting on behalf of a business.
- Keep credentials confidential; one user = one login; you are responsible for Account activity.
- Maintain accurate property data (units, locks, staff permissions) and comply with hospitality, safety and tax rules (e.g., AADE in Greece).
- Obtain and maintain any third‑party subscriptions required for integrations (PMS, messaging, payments).
- Obtain valid consents for guest communications (email/SMS/WhatsApp) and ensure the legality of your content and instructions.
6. Pricing, Plans & Billing
6.1 Plan Structure
- FlexTracks (GX per room/apartment): Lite, Pro, Premium.
- LeaseFlex (Access & Energy): Access Core/Plus (per connected lock) with optional Energy add‑on (per room).
- Free Plan: available only to customers who purchase Radefy locks from the e‑shop; limited Access‑Basic.
6.2 Trials, Seat Limits & Overages
- Trial: [insert days] free for eligible GX plans; fair‑use applies.
- Plans include limits (e.g., seats, SMS credits, channels). Exceeding limits incurs overage charges at then‑current rates: [insert overage table/link].
6.3 Billing & Taxes
- Prices exclude VAT and applicable taxes/fees; you are responsible for taxes.
- Billing frequency: monthly unless the Order specifies annual prepayment (discounts may apply).
- Charges start on the Subscription Start Date (checkout or Order).
- Auto‑renewal: annual—cancel ≥30 days before renewal; monthly—cancel before next billing cycle.
- No refunds for partial periods or unused Services except where required by law.
6.4 Messaging Usage (SMS/WhatsApp/Email)
- Some tiers include bundled SMS; overage billed per message at published rates.
- Delivery depends on carriers and recipient consent; you must comply with telecom, anti‑spam and privacy rules (consent logs, opt‑out).
6.5 Price Changes
We may update list prices and overage rates prospectively. Changes do not affect a current pre‑paid term. WeCookie Policy (English) will provide reasonable notice before renewal if pricing will change.
7. LeaseFlex – Equipment Lease Terms
- Ownership: leased equipment remains Radefy’s property.
- Delivery/installation: via certified partners; site readiness (power/network/doors) is your responsibility.
- Risk of loss: passes to you upon delivery; you are responsible for theft, damage, or misuse.
- Care & use: no unauthorised firmware/hardware changes; only supported components.
- Return/upgrade: return within 30 days after end/termination or pay applicable buy‑out/damage fees.
- Support & replacements: per your plan/SLA; abuse or non‑standard installs may be charged.
8. Third‑Party Services & Integrations
Cookie Policy (English)The Services interoperate with third parties (PMS/Channel Managers, payment processors, messaging providers, lock manufacturers). Their terms and fees apply; availability is subject to those providers. You authorise data exchange to operate your configuration.
9. Acceptable Use
- Do not breach law (privacy, consumer, telecom, export/sanctions) or infringe third‑party rights.
- Do not interfere with the platform, bypass security, or misuse APIs.
- No reselling/white‑labelling without written consent.
- Do not access to build a competing product. We may suspend to protect the platform or comply with law.
10. Data Protection (GDPR)
- Roles: for most Guest/staff data you upload, you are the Controller and Radefy is the Processor. For website analytics/billing/admin we act as Controller.
- DPA: our Data Processing Addendum (inc. SCCs where relevant) governs processing, sub‑processors, security, transfers and deletion/return.
- Your duties: lawful basis, notices/consents for messaging/profiling; configure retention; honour data subject rights.
- Deletion/export: on request or termination we provide standard exports, then delete per DPA and legal retention.
- Sub‑processors: maintained and published; we notify of material changes.
11. Support, Maintenance & Service Levels
Support is provided per plan (email, chat, priority/SLA). We may perform scheduled maintenance. Availability may be affected by third‑party networks or integrations. Beta features are provided “as‑is”.
12. Intellectual Property & Licence
- Radefy and licensors own all IP in the Services. We grant a limited, non‑exclusive, non‑transferable licence during your Subscription Term for internal business use.
- Feedback may be used without restriction or obligation.
- Do not use our trademarks except per brand guidelines or written consent.
13. Payment Processors & Marketplace Providers
If you activate payments, you agree to the processor’s terms and fees. Radefy is not a payment institution. Marketplace/local services offered to Guests are provided by third parties under their own terms.
14. Warranties & Disclaimers
- We warrant the Services will materially conform to current documentation during a paid term.
- Except as expressly stated, the Services (including beta, trial, or free plan) are provided “as‑is” without warranties of merchantability, fitness for a particular purpose or non‑infringement; we do not guarantee uninterrupted operation or message delivery.https://radefy.com/policies/
- You warrant you have rights and consents to use/submit data and operate connected devices.
15. Indemnities
- By Radefy: we defend/indemnify against third‑party IP claims alleging the Services infringe EU/EEA IP; remedies may include procuring rights, modification, replacement, or termination with pro‑rata refund for the affected feature.
- By you: you defend/indemnify Radefy against claims arising from your data/content, unlawful messaging/consent failures, use of third‑party services, or your breach of these Terms.
16. Liability Cap
To the maximum extent permitted by law, neither party is liable for indirect or consequential losses. Except for (i) death/personal injury due to negligence, (ii) fraud, (iii) your fee/tax obligations, (iv) your IP/use‑restriction breaches, (v) your data‑protection violations, and (vi) indemnities, each party’s total aggregate liability in any 12‑month period is limited to the fees actually paid (or payable) by you to Radefy for the Services giving rise to the claim in that period.
17. Term, Suspension & Termination
- The Agreement starts on your first Order effective date and continues until terminated.
- We may suspend/limit the Services for security, legal or non‑payment reasons.
- Either party may terminate for material breach not cured within 30 days of notice or upon insolvency.
- Early termination does not relieve payment of committed fees for the current term unless required by law or agreed in writing.
- On termination, data export is available for 30 days; deletion follows per DPA/retention policy.
18. Publicity & References
With your consent, we may display your name/logo as a customer and develop case studies. Consent may be withdrawn at any time.
19. Compliance, Export & Anti‑corruption
You will comply with EU/Member State laws including anti‑bribery, sanctions/export controls, telecom and e‑privacy rules. Do not use the Services in embargoed territories or for prohibited purposes.
20. Force Majeure
Neither party is liable for delay or failure caused by events beyond reasonable control (e.g., natural disasters, strikes, major Internet outages, acts of authorities, war). Payment obligations are excluded.
https://radefy.com/policies/21. Assignment
You may not assign these Terms or an Order without our prior written consent (not unreasonably withheld). We may assign to an affiliate or in connection with a merger, acquisition or sale of assets.
22. Governing Law & Jurisdiction; Language
These Terms and any dispute are governed by the laws of Greece and applicable EU law. The courts of Athens, Greece have exclusive jurisdiction, without prejudice to mandatory consumer venue rules (if applicable). The controlling language is English; translations are for convenience.
23. Notices & Contact
Legal notices: email to legal@radefy.com and registered post to the address set above. Operational communications may be via email or in‑product notifications.
24. Entire Agreement & Changes
These Terms, together with the Order, Privacy Policy, Cookie Policy, DPA and any Service‑specific schedules, form the entire agreement and supersede prior terms. We may update these Terms to reflect new features, legal requirements or clarifications. For material changes, we will provide notice; changes take effect on renewal or earlier if required by law; continued use after the effective date constitutes acceptance.
25. Schedule A – Plan Overview (Informative)
- Free (Radefy locks only): Access‑Basic (manual/remote e‑keys, remote unlock), 1 seat, ticket/email support; no premium GX automation.
- FlexTracks (per room/apartment): Lite/Pro/Premium—see Pricing page; AI assistant, comms hub and automated journeys progressively unlock at higher tiers.
- LeaseFlex (per connected lock): Access Core/Plus; optional Energy add‑on (per room) for presence‑based automations and savings analytics.
- Enterprise: custom bundles (SSO/SCIM, 1‑year audit retention, premium SLA, dedicated success). Prices/features may vary by region; the Order controls.
Radefy – Privacy Policy
1) Who We Are & How to Contact Us
Controller: Radefy I.K.E.,
Email (privacy/legal): legal@radefy.com
Support: support@radefy.com
Data Protection Officer dpo@radefy.com
If you believe your data has been misused, you may lodge a complaint with the Hellenic Data Protection Authority (HDPA) at www.dpa.gr; however, we welcome the opportunity discuss with you and to resolve any concern or complaint you may have, first.
2) Scope, Roles & Audience
This Policy applies to our websites, web/mobile apps, APIs, and connected services (the “Services”). Radefy acts as a “Controller” for website analytics, marketing, account administration, billing and product telemetry we initiate; Radefy acts as a “Processor” for Guest and staff data that Customers input or generate inside the platform. Customers are accommodation operators (hotels, villas, apartments, property managers, system integrators) and their staff users and Guests.
3) Personal Data We Collect
3.1 Account & Business Contact
Names, role, business email/phone, company details, billing contacts, hashed passwords, seat assignments, audit logs.
3.2 Property, Device & Access
Property/Unit IDs, Connected Locks (Radefy/third‑party e.g., Nuki/TTLock), device identifiers, firmware status, access groups, electric/energy device profiles and rules.
3.3 Operational & Transaction Data
Reservation/stay metadata, issued/revoked e‑keys, remote unlock events, audit trails, payments/upsell metadata (we do not store full credit card numbers).
3.4 Guest Interaction (Customer‑Controlled)
Online check‑in fields configured by the Customer, messaging history (email/SMS/WhatsApp/website widget), language, preferences, consents.
3.5 Usage, Diagnostics & Security
Log files, device/IP, browser/OS, session IDs, error/performance metrics, security events (2FA/SSO status).
3.6 Marketing & Website Data
Cookie/SDK IDs, consent choices, page views, UTMs, ad interactions, form submissions, webinar/trade‑show registrations.
3.7 Special Categories
We do not intentionally collect special categories of data. Customers should avoid collecting such data unless required by law and with a valid legal basis.
4) Sources of Data
- You (or your employer) during sign‑up, checkout, support or trainings.
- Your systems via integrations you enable (e.g., PMS/Channel Manager, payment processors).
- Your devices (locks, relays, hubs, sensors).
- Guests through GX flows configured by you (check‑in, messaging, guide).
- Derived telemetry and aggregated analytics from service use.
5) Purposes & Legal Bases (GDPR)
We process personal data for:
- Providing and operating the Services (contract).
- Security and abuse prevention, auditing, incident response (legitimate interests; legal obligations where applicable).
- Billing and payments; tax and accounting (contract; legal obligation).
- Customer support and success (contract; legitimate interests).
- Product improvement and aggregated analytics (legitimate interests, minimised; opt‑out where required).
- Marketing and communications including remarketing on Google/LinkedIn/META and offline conversionCookie Policy (English) imports (consent for cookies/ads; and consent or permitted B2B soft opt‑in for email/SMS/WhatsApp).
- Compliance with law and lawful requests (legal obligation).
6) Cookies, Tracking & Consent
We use a Consent Management Platform (CMP) to obtain and record your choices for analytics and advertising cookies. You can accept, reject, or customise categories at any time. If you consent to advertising cookies, platforms like Google, LinkedIn and Meta may show you Radefy ads and measure performance (including Google “Consent Mode” and server‑to‑server integrations where permitted). See the Cookie Policy for details.
7) Payments
Payments are handled by certified payment service providers; we receive tokens and transaction metadata only. Their privacy notices apply.
8) Sharing & Recipients
- Cloud hosting, monitoring and security providers.
- Integrations you enable: PMS/Channel Manager, payment processors, messaging/SMS gateways, smart‑lock vendors (e.g., Nuki/TTLock connectors).
- Professional services and certified installers/integrators for deployment and support.
- Marketing tools (consent‑based) for newsletters, webinars, and ad platforms.
- Auditors, accountants, legal counsel; authorities where legally required.
9) International Transfers
When transferring personal data outside the EU/EEA, we rely on lawful mechanisms such as the European Commission’s “Standard Contractual Clauses (SCCs)”, and, where applicable, adequacy decisions (e.g., EU‑U.S. Data Privacy Framework). Supplemental measures include encryption and access controls.
10) Retention
We retain data only as long as necessary for the purposes above and as required by law. Default windows: Access/Security Logs [e.g., 12 months], Account & Content after termination [e.g., 12 months], Support Tickets [e.g., 24 months], Marketing Records [e.g., until opt‑out or 24 months inactivity], Billing/Tax up to 10 years. Upon contract termination, we provide standard exports on request and then delete per the DPA and backup cycles.
11) Security Measures
- Encryption in transit (TLS 1.2+) and at rest.
- Role‑based access control, least privilege, 2FA/SSO support; periodic access reviews.
- Secure SDLC, code review, dependency scanning, vulnerability management.
- Hardened cloud baseline, network segmentation, WAF, patching, secrets management, continuous monitoring.
- Audit logging, change management, retention schedules, disaster recovery and tested backups.
- Incident response runbooks; if a personal data breach occurs, we will assess impact and notify authorities and affected users without undue delay (GDPR Arts. 33–34).
12) Your Rights
- Access, rectification, erasure, restriction, portability.
- Objection to processing based on legitimate interests and to direct marketing.
- Withdraw consent at any time (does not affect prior processing).
To exercise, email legal@radefy.com (or use your account portal). We may verify identity and respond within one month (extendable by two for complex requests).
13) Children
Our Services target professional accommodation operators and are not directed to children under 16. If we learn of such data, we will delete it.
14) Automated Decision‑Making & Profiling
We do not conduct automated decisions with legal or similarly significant effects. We use limited profiling to segment audiences for product communications and ads with consent, and to flag security anomalies.
15) Changes to this Policy
We may update this Policy. We will post changes online and, for material updates, provide prominent notice. The “Last updated” date shows the latest revision.
16) Contact Details
Radefy – Cookie Policy
1) Scope & Consent
This Cookie Policy explains how Radefy uses cookies and similar technologies on its websites and apps. We operate a Consent Management Platform (CMP) that lets you **accept**, **reject**, or **customise** cookie categories. Your choices are stored and can be changed at any time via the cookie banner’s settings link.
2) What Are Cookies & Similar Tech
Cookies are small files placed on your device. We also use SDKs, pixels and local storage to remember settings, measure usage and deliver/measure advertising (with consent).
3) Categories We Use
- **Strictly Necessary** – security, authentication, load balancing; cannot be switched off.
- **Preferences** – language and site choices to improve your experience.
- **Analytics** – consent‑based measurement (e.g., GA4) to understand usage and improve the product.
- **Advertising/Remarketing** – consent‑based tags (e.g., Google Ads, LinkedIn Insight Tag, Meta Pixel) to show relevant ads and measure performance.
4) Google Consent Mode & Server‑Side
With your consent, we use **Google Consent Mode** so analytics/ads tags adapt to your choices. We may also use server‑to‑server integrations and **Enhanced Conversions** to improve measurement in a privacy‑safe way. Where consent is not granted, cookies for analytics/advertising are not set; measurement is limited.
5) Third‑Party Cookies & Partners
If you consent to Advertising or Analytics, third parties may set cookies. These include Google, LinkedIn and Meta, as well as our email and webinar providers. Each provider’s privacy policy applies to their processing. See our Sub‑processors page for up‑to‑date partners.
6) How to Manage Cookies
- Use the cookie banner/settings to update your choices at any time.
- Browser controls let you block/delete cookies; functionality may be reduced if Strictly Necessary cookies are blocked.
- To opt out of specific ad networks, see your Google, LinkedIn or Meta ad settings.
7) Retention
Cookies and local storage persist for different durations. We aim to keep analytics identifiers for **[e.g., 13 months]** and advertising identifiers for **[e.g., 90–390 days]**, unless you clear them earlier or withdraw consent.
8) Updates & Contact
We may update this Cookie Policy to reflect legal or technical changes. For questions, contact **legal@radefy.com**. For privacy matters, see our Privacy Policy.
Radefy – Sub Processors
Sub Processors
Radefy might use data processors with access to certain customer data in order to provide our service. This page aims to provide information about the sub processors identity, function and location.