Privacy Policy

1. Data we collect

We collect the following types of information when you use PrivatePads:

Account information

When you create an account, we collect your name, email address, and password (stored securely as a hash). If you complete your profile, we may also store a profile photo and bio.

Booking data

When you make or receive a booking, we store the booking dates, property details, pricing, and booking status.

Payment information

Payment processing is handled entirely by Stripe. We do not store your full card number or bank details. We retain a Stripe customer ID and basic transaction records (amounts, dates, status) for accounting purposes.

Usage and analytics

We may collect information about how you interact with the Platform, including pages visited, search queries, and device/browser information. This data helps us improve the service.

2. How we use your data

We use the information we collect to:

• Provide, maintain, and improve the Platform
• Process bookings and payments
• Send booking confirmations, reminders, and other transactional emails
• Communicate important updates about your account or the service
• Enforce our Terms of Service and Acceptable Use Policy
• Detect and prevent fraud, abuse, and safety concerns
• Comply with legal obligations

3. Data sharing

We do not sell your personal data to third parties. We share data only with the following service providers, as necessary to operate the Platform:

• Stripe — for secure payment processing. Stripe's privacy policy applies to payment data they handle.
• Resend — for sending transactional emails (booking confirmations, notifications). Only your email address and message content are shared.

We may also disclose information if required by law, regulation, or legal process, or to protect the rights, safety, or property of PrivatePads, our users, or the public.

4. Data retention

We retain your account data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are required to retain certain records for legal, tax, or accounting purposes.

Booking and transaction records may be retained for up to 7 years after the booking date to comply with financial record-keeping requirements.

5. Your rights

Under the UK General Data Protection Regulation (UK GDPR), you have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you
• Correction — request that we correct any inaccurate or incomplete data
• Deletion — request that we delete your personal data, subject to legal retention requirements
• Portability — request your data in a structured, machine-readable format
• Objection — object to certain types of processing, such as direct marketing

To exercise any of these rights, please contact us at privacy@privatepads.com. We will respond to your request within 30 days.

6. Cookies

PrivatePads uses a session cookie to keep you logged in. This cookie is essential for the Platform to function and does not track you across other websites.

We do not currently use third-party tracking cookies or advertising cookies. If this changes, we will update this policy and provide you with appropriate notice and controls.

7. Security

We take reasonable technical and organisational measures to protect your personal data, including encrypted connections (HTTPS), hashed passwords, and secure payment processing via Stripe. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

8. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or a prominent notice on the Platform. Your continued use of PrivatePads after changes take effect constitutes acceptance of the updated policy.

9. Contact

If you have questions or concerns about your privacy or this policy, please contact us at privacy@privatepads.com.