Privacy Policy and Personal Data Protection (GDPR)

1. Introduction This Privacy Policy governs how the Stayola platform collects, uses, stores, transfers, and protects users’ personal data, in accordance with Regulation (EU) 2016/679 (“GDPR”), applicable Romanian legislation, and European data protection regulations. By accessing or using the platform, the user confirms that they have read, understood, and accepted this policy. 2. About the Platform Stayola is a digital software platform (SaaS) that allows users to: - publish properties; - view listings; - communicate directly with each other; - send booking requests and accommodation-related information. Stayola: - is NOT a travel agency; - is NOT a hotel operator; - does NOT contractually intermediate relationships between users; - does NOT guarantee bookings; - does NOT guarantee user behavior; - does NOT process or manage payments between users, except for any internal services explicitly specified separately; - is NOT a party to contracts or agreements between hosts and guests. Users are solely responsible for the relationships, transactions, and obligations established between them. 3. Data Controller The controller of personal data is the entity that manages the Stayola platform. For questions regarding personal data protection: 📧 contact@stayola.com 4. Categories of Data Collected Depending on how the platform is used, Stayola may collect and process the following categories of data: a) Data provided directly by the user - full name; - email address; - phone number; - address, city, country; - profile information; - property information; - facilities, descriptions, and property characteristics; - uploaded photos, videos, and documents; - messages and conversations between users; - reviews, ratings, and comments; - booking requests and responses. b) Automatically collected data - IP address; - browser and device information; - operating system; - technical identifiers; - technical logs; - platform activity and usage data; - language preferences and local settings; - cookies and similar technologies. c) Verification and security data Stayola may request additional information for user verification and fraud prevention purposes, including: - email address confirmation; - phone number confirmation; - documents proving property usage rights; - photo/video evidence; - voluntarily uploaded supporting documents; - other information necessary for internal verification. 5. Purposes of Data Processing Personal data may be used for: - account creation and administration; - authentication and access security; - operation of the platform; - displaying properties and profiles; - facilitating communication between users; - transmitting booking requests; - fraud, spam, and abuse prevention; - verification of properties and accounts; - improving platform functionality and user experience; - statistical analysis and technical maintenance; - handling disputes and complaints; - compliance with legal obligations; - protecting the legitimate rights and interests of the platform. 6. Legal Basis for Processing Personal data is processed based on: - performance of the contractual relationship regarding platform usage; - user consent; - applicable legal obligations; - Stayola’s legitimate interest regarding security, fraud prevention, and platform operation. 7. Verified Accounts and Properties Stayola may implement internal verification and classification systems for accounts or properties. These may include: - “Verified”; - “Partially Verified”; - “Unverified”; - other internal classifications. The verification process is for informational and guidance purposes only. Verification status: - does NOT represent a legal guarantee; - does NOT guarantee absolute authenticity; - does NOT confirm the legality of user activities; - does NOT guarantee the quality, safety, or existence of properties; - does NOT imply any liability assumed by Stayola. Users must perform their own checks before entering into any collaboration, booking, or transaction. 8. Communication Between Users The platform may allow direct communication between users. Stayola may automatically or manually monitor certain activities for: - security; - fraud prevention; - abuse detection; - compliance with platform terms. Stayola reserves the right to suspend, restrict, or remove accounts and content without prior notice when there are reasonable suspicions regarding: - fraud; - illegal activities; - attempted scams; - spam; - abusive use; - violations of platform terms. 9. Reviews and Public Content Users are solely responsible for the content they publish on the platform. By publishing content, the user declares that: - they own the necessary rights to such content; - the provided information is not false or misleading; - the content does not violate the law or third-party rights. Stayola may remove, modify, restrict, or hide any content considered: - illegal; - false; - abusive; - defamatory; - offensive; - suspicious; - misleading; - incompatible with platform policies. 10. Data Sharing Stayola does NOT sell users’ personal data. Data may be shared: - between users, within the limits of platform functionalities; - with IT, hosting, security, and maintenance providers; - with technical service providers necessary for platform operation; - with competent authorities when legally required; - in situations necessary to protect the rights, security, or operation of the platform. 11. International Data Transfers Certain technical services used by the platform may involve transferring data outside the European Economic Area. In such situations, Stayola will implement reasonable measures to protect data in accordance with GDPR requirements. 12. Data Storage and Security Stayola implements reasonable technical and organizational measures to protect data against: - unauthorized access; - loss; - destruction; - modification; - unauthorized disclosure. However: - no online platform; - no server; - no computer system; - no electronic transmission can guarantee absolute security. Users use the platform at their own risk. 13. Data Retention Period Data may be retained: - for the duration of the account existence; - as long as necessary for service operation; - to comply with legal obligations; - to protect the legitimate interests of the platform; - to resolve disputes and prevent fraud. Backups and certain technical logs may be temporarily retained even after account deletion. 14. User Rights According to applicable legislation, users benefit from: - the right of access; - the right to rectification; - the right to erasure; - the right to restriction of processing; - the right to object; - the right to data portability; - the right to withdraw consent; - the right to file a complaint with the competent authority. Requests may be sent to: 📧 contact@stayola.com Stayola may request additional information to verify the requester’s identity before processing requests. 15. Cookies and Similar Technologies The platform may use cookies and similar technologies for: - authentication; - platform functionality; - remembering preferences; - statistical analysis; - security; - fraud prevention; - service optimization. Users may control cookies through browser settings. Blocking certain cookies may affect platform functionality. 16. Minors The platform is not intended for persons under the age of 18. If Stayola identifies data collected from minors without appropriate legal consent, such data may be deleted without prior notice. 17. Limitation of Liability Stayola exclusively provides a technological platform for listing properties and enabling communication between users. Stayola does NOT guarantee: - user authenticity; - accuracy of published information; - legality of user activities; - property availability; - successful bookings; - quality of services provided by users; - behavior of guests or hosts; - absence of fraud or fraud attempts. Stayola is NOT liable for: - direct or indirect losses; - material or moral damages; - disputes between users; - cancellations; - legal disputes; - fraud; - false information; - illegal activities carried out by users; - issues resulting from platform usage. All relationships between users are assumed exclusively by the users themselves. 18. Policy Changes Stayola reserves the right to modify this policy at any time. The updated version will be published on the platform and may become effective from the publication date. Continued use of the platform represents acceptance of the updated provisions. 19. Contact For questions regarding data protection and privacy: 📧 contact@stayola.com