HMCTS LLC - Property Management Systems for Hotels
LegalAcceptable Use Policy

Acceptable Use Policy

This policy governs how you may use the HMCTS LLC platform, API, and associated services.

Introduction

This Acceptable Use Policy (“AUP”) is issued by HMCTS LLC – Hospitality Management Consultancy & Technology Solutions (“HMCTS”, “us”, “our”, or “we”), incorporated in the State of Delaware, United States (Company No. 5137554, EIN: 37-2155102).

This AUP applies to all users of the HMCTS platform, website, API, and associated services (“Services”). By accessing or using our Services, you agree to comply with this policy. This AUP should be read alongside our Terms & Conditions and Privacy Policy.

We reserve the right to suspend or terminate access to any user who violates this policy, with or without prior notice, depending on the severity of the breach.

Permitted Use

You may use the HMCTS platform and Services for legitimate business purposes directly related to the management of hotel, hospitality, or accommodation properties. Permitted uses include:

  • Managing reservations, check-ins, check-outs, and guest records for your property or properties.
  • Connecting to OTA channels (such as Booking.com, Expedia, and Airbnb) via our channel management tools for the properties you operate or manage.
  • Processing guest payments through integrated payment gateways for legitimate accommodation transactions.
  • Generating reports and analytics to support the management and operation of your property.
  • Using the API to build integrations that connect HMCTS with other business tools used in your property operations, where such integrations are disclosed to and approved by HMCTS LLC.
  • Accessing the platform on behalf of authorised employees or contractors of your organisation.

Prohibited Use

You must not use the HMCTS platform or Services in any manner that:

  • Is unlawful or fraudulent. This includes processing payments for fraudulent transactions, creating false bookings, or using the platform to facilitate money laundering, tax evasion, or any other illegal activity.
  • Violates the rights of others. Including the intellectual property, privacy, or other legal rights of guests, third-party software providers, or OTA partners.
  • Compromises platform security. Including attempting to gain unauthorised access to other users' accounts, probing or testing the security of our systems without written authorisation, or introducing malicious code, viruses, or other harmful software.
  • Places excessive load on our systems. Including automated scraping, bulk data extraction, or API calls in volumes that exceed fair use or documented rate limits.
  • Misrepresents your identity or organisation. Including providing false registration information, impersonating another person or business, or using another user's credentials.
  • Facilitates spam or unsolicited communications. Including using guest contact data obtained through the platform to send unsolicited marketing without a valid legal basis and, where required, prior consent.
  • Breaches data protection law. Including using personal data obtained through the platform in ways that are not permitted under UK GDPR, the Data Protection Act 2018, or applicable US state privacy law.
  • Resells or sublicenses access. You may not resell, sublicense, or provide access to the HMCTS platform to third parties without our express prior written consent.

API & Integration Usage

Access to the HMCTS API is subject to the following conditions in addition to those set out in this policy:

  • Authentication credentials must be kept secure. API keys, tokens, and access credentials are issued to you personally and must not be shared with third parties outside your organisation. You are responsible for all activity carried out using your credentials.
  • Rate limits must be respected. Our API applies rate limits to protect the availability of the service for all users. Making requests in excess of documented limits, or attempting to circumvent rate limiting, is prohibited.
  • Third-party integrations must be disclosed. If you use the API to connect HMCTS to a third-party system that involves sharing guest data, you must ensure that such integration complies with applicable data protection law and that guests are informed where required.
  • API access may be suspended for misuse. We reserve the right to suspend or revoke API access at any time if we have reasonable grounds to believe it is being used in violation of this policy.

Data Handling Obligations

The HMCTS platform processes personal data relating to hotel guests and staff. As a platform user, you have obligations regarding the personal data you access and process:

  • You must have a lawful basis for collecting and processing guest personal data, and must inform guests of how their data will be used in accordance with applicable privacy law (including UK GDPR for UK properties).
  • You must not export or transfer guest personal data obtained through the platform to countries without adequate data protection standards unless appropriate safeguards are in place.
  • Guest data must be used only for the purposes for which it was collected. You must not use guest contact details for marketing purposes without a valid consent or other lawful basis.
  • In the event of a data breach affecting personal data processed via the platform, you must notify us and, where required by law, the relevant supervisory authority, within the applicable legal timeframe.

Security Responsibilities

You are responsible for the security of your own systems and the devices used to access the HMCTS platform. Your obligations include:

  • Using strong, unique passwords for your HMCTS account and changing them promptly if you suspect a compromise.
  • Ensuring that only authorised employees or contractors have access to your HMCTS account.
  • Promptly notifying us if you become aware of any unauthorised access to your account or any security vulnerability in our Services.
  • Not disabling, circumventing, or interfering with security features of the platform.

Security vulnerabilities discovered in the HMCTS platform should be reported to us responsibly at uk@hospitalitysoftwaresolutions.com before any public disclosure.

Content Standards

Any content you submit or upload to the HMCTS platform (including property descriptions, images, and guest communications) must:

  • Be accurate and not misleading.
  • Not infringe the intellectual property rights of any third party.
  • Not contain defamatory, offensive, discriminatory, or otherwise unlawful material.
  • Comply with applicable advertising and consumer protection standards in your jurisdiction.

Enforcement & Consequences

We take violations of this AUP seriously. Depending on the nature and severity of the violation, we may take the following actions without prior notice:

  • Suspend or terminate your access to the platform and Services.
  • Remove or restrict access to specific content or features.
  • Notify relevant regulatory authorities, law enforcement agencies, or affected third parties.
  • Take legal action to recover any losses or damages suffered as a result of the violation.

We will use our reasonable judgement in determining the appropriate response to any violation. A suspended account will not be reinstated until we are satisfied that the violation has been remedied and that future compliance can be assured.

Reporting Violations

If you believe that another user of the HMCTS platform is violating this AUP, or if you have discovered a security vulnerability or data protection concern, please contact us promptly:

Reports submitted in good faith will be treated confidentially. We will investigate all credible reports and take appropriate action.

Governing Law

This Acceptable Use Policy is governed by the same law as our Terms & Conditions: the laws of the State of Delaware, United States for US users, and the laws of England and Wales for UK users. Nothing in this policy excludes your statutory rights under applicable law.

Changes to This Policy

We may update this Acceptable Use Policy from time to time to reflect changes in our Services, technology, or applicable law. Material changes will be communicated by updating the “Last updated” date at the top of this page and, where appropriate, by direct notification. Your continued use of the Services after any changes constitutes acceptance of the updated policy.

Contact Us

For any questions about this Acceptable Use Policy, please contact us: