Data Protection & Privacy Policy (Short-Term Rental Property via Shoobu Direct Bookings)

This Privacy Policy explains how we collect, use, and protect your personal information when you make a booking with us directly via Shoobu.

We are committed to safeguarding your privacy and ensuring compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller. The Host/Property Owner is the Data Controller for any personal data you provide when booking and staying at the property.
2. Information We Collect. Name(s) of lead guest and accompanying guests Contact details (email, telephone number, address) Payment information (processed securely via Shoobu or payment providers) Booking details (dates of stay, number of guests, special requests) Any correspondence with us regarding your booking
3. How We Use Your Information. We process your personal data only for the purposes of: Managing your booking and stay Communicating with you before, during, and after your booking Meeting legal obligations (e.g. local regulations, tax reporting) Ensuring the safety and security of the property and guests Handling deposits, payments, and refunds where applicable We do not sell or share your personal data with third parties for marketing purposes.
4. Lawful Basis for Processing Contractual necessity – to process and manage your booking. Legal obligation – to comply with applicable laws (e.g. tax, safety, record-keeping). Legitimate interests – to maintain property security, improve services, and prevent fraud.
5. Data Retention Booking records and related correspondence are retained for up to 7 years to comply with tax and legal obligations. Contact details used for communication are retained for up to 2 years unless you request deletion sooner. CCTV (if applicable) or security records are retained for no longer than 30 days, unless required for an investigation.
6. Data Sharing We may share limited personal data with: Shoobu (as the booking platform) Payment providers (for processing secure payments/refunds) Professional services (e.g. accountants, cleaners, maintenance staff where necessary) Authorities if required by law (e.g. for tax or safety compliance)
7. Data Security We take appropriate technical and organisational measures to protect your personal data, including encryption of electronic records, secure password management, and limiting access only to those who need it.
8. Your Rights Under UK GDPR, you have the right to: Access the personal data we hold about you Request correction of inaccurate data Request deletion of your personal data (where legally possible) Object to processing or request restriction of use Data portability (where applicable) Withdraw consent (if consent is the lawful basis for processing) To exercise any of these rights, please message us.
9. Complaints If you believe your data has been mishandled, you may lodge a complaint with the UK’s Information Commissioner’s Office (ICO) at www.ico.org.uk.
10. Updates to this Policy We may update this policy from time to time. The most recent version will always be available upon request or on our booking listing.