Privacy Policy

We value your privacy.

Effective Date: January 28, 2026  |  Last Updated: January 28, 2026

1. Introduction

Welcome to Guest2Host ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclosure, and safeguard your information when you visit our website or use our software-as-a-service platform (the "Service").

By accessing or using Guest2Host, you agree to the terms of this Privacy Policy.

2. Information We Collect

We collect information depending on whether you are a Host (user of our software) or a Guest (end-user booking a property).

A. Information from Hosts

  • Account Data: Your name, email address, and password hash (we do not store raw passwords).
  • Property Data: Information you choose to import from third-party platforms (e.g., Airbnb, VRBO), including property photos, descriptions, house rules, and pricing.
  • Financial Data: We do not store your full bank account or credit card numbers. All payment processing is handled by our third-party partner, Stripe. We only retain the Stripe Account ID and transaction metadata to facilitate payouts.

B. Information from Guests

  • Booking Data: Name, email address, phone number, and stay dates.
  • Payment Data: Credit card details are entered directly into Stripe’s secure iframe. Guest2Host never sees or stores full credit card numbers.

C. Automatically Collected Data

  • Usage Logs: IP addresses, browser type, operating system, and timestamp of visits to help us prevent fraud and debug technical issues.
  • Cookies: We use session cookies to keep you logged in and ensure the site functions correctly.

3. How We Use Your Data

We use the collected data for the following legitimate business purposes:

  • To Provide the Service: Creating your direct booking website, syncing calendars, and processing transactions.
  • To Communicate: Sending booking confirmations (via Resend), invoices, and technical support updates.
  • To Improve Our Platform: Analyzing usage trends to optimize the user experience.
  • To Maintain Safety: detecting fraud, spam, or abuse of the platform.

4. How We Share Your Information

We do not sell, trade, or rent your personal data to third parties. We only share data with the following categories of recipients:

  • Service Providers: We trust specific third parties to power our infrastructure. They are contractually obligated to protect your data:

Stripe: For payment processing and payouts.

Resend: For delivering transactional emails (confirmations, password resets).

Replit / Cloud Providers: For hosting our application and database.

Hosts (For Guests Only): If you are a Guest, we share your name, contact info, and booking details with the Host of the property you booked so they can fulfill your stay.

Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

5. Data Retention

We retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy.

  • Account Data: Retained as long as your account is active.
  • Transaction Data: Retained for a minimum of 7 years to comply with tax and accounting laws.
  • Deletion: If you delete your account, your public data is removed immediately, though backups may be retained for up to 30 days.

6. International Data Transfers

Guest2Host operates globally. Your information, including personal data, may be transferred to—and maintained on—computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ. By using our Service, you consent to this transfer.

7. Your Data Rights (GDPR & CCPA)

Depending on your location (e.g., European Economic Area, California), you have specific rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Correction: You can request that we fix incorrect data.
  • Right to Deletion ("Right to be Forgotten"): You can ask us to erase your personal data, subject to our legal tax retention obligations.
  • Right to Opt-Out: You may unsubscribe from marketing emails at any time.

To exercise these rights, please contact us at hello@guest2host.app.

8. Security of Data

We use commercially reasonable security measures to protect your data, including encryption in transit (HTTPS/TLS) and encryption at rest for sensitive database fields. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

9. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date." Major changes will be communicated via email.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us:

By Email: hello@guest2host.app