Hoppa till innehållet

Privacy Policy

Here we explain what personal data we collect, why we need it, and how we protect it when you use Eventboende.

Last updated:

In brief

  • We use your data to operate the platform and manage bookings.
  • We only share information when necessary for the service or required by law.
  • You have the right to request access, correction or deletion under GDPR.

1. Introduction

Eventboende respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use and protect your information.

By using Eventboende you consent to the collection and use of information in accordance with this policy.

2. What data do we collect?

2.1 Data you provide to us

  • Account information: Name, email address, phone number, profile picture
  • Accommodation information (for hosts): Address, descriptions, photos, prices, amenities
  • Booking information: Dates, number of guests, special requests
  • Communication: Messages between guests and hosts, feedback

2.2 Data collected automatically

  • Technical information: IP address, browser type, device type
  • Usage data: Pages you visit, timestamps, interactions
  • Cookies: See section 7 for more information

3. How do we use your data?

We use your personal data to:

  • Provide and improve our service
  • Facilitate bookings between guests and hosts
  • Send booking confirmations and updates by email
  • Enable communication between users
  • Respond to your enquiries and provide customer support
  • Improve the user experience based on feedback
  • Protect against fraud and misuse
  • Fulfil legal obligations

4. Storage and security

4.1 Where is data stored?

Your data is stored securely with our database provider Supabase, which is based within the EU and complies with GDPR regulations. Images and files are stored in secure cloud services.

4.2 How do we protect data?

We use industry-standard security measures:

  • Encrypted data transmission (HTTPS/SSL)
  • Secure passwords (hashed and encrypted)
  • Access control and permission management
  • Regular security updates

Despite these measures, no method of transmission or storage can be 100% secure. We cannot guarantee absolute security.

5. Third-party services

We use the following third-party services which may have access to certain data:

  • Supabase: Database and authentication (based within EU, GDPR-compliant)
  • Resend: Email service for transactional emails (booking confirmations, etc.)
  • Google Maps: Map functionality to display accommodation locations
  • OpenAI: Used for content analysis and improvements (anonymised data)
  • Vercel: Hosting and infrastructure

These services have their own privacy policies and we recommend that you read them.

6. Sharing of data

6.1 With other users

When you make a booking, certain information is shared with the other party:

  • Guests receive the host's contact details (name, email, phone)
  • Hosts receive the guest's contact details (name, email, phone)
  • Profile information and reviews are visible to other users

6.2 With authorities

We may share data if we are legally required to do so, or to:

  • Comply with applicable law or legal proceedings
  • Protect our rights or property
  • Prevent fraud or misuse
  • Protect the safety of users

6.3 We do not sell data

We never sell your personal data to third parties for marketing or other commercial purposes.

7. Cookies

We use cookies and similar technologies to:

  • Keep you logged in
  • Remember your preferences
  • Analyse use of the service
  • Improve the user experience

You can manage cookies through your browser settings, but some features may not work correctly if you disable cookies.

Cookies we use:

  • Necessary cookies: For authentication and basic functionality
  • Preference cookies: To save your choices (e.g. dismissed notices)

8. Your rights (GDPR)

Under GDPR you have the following rights:

  • Right of access: Request a copy of your personal data
  • Right to rectification: Correct inaccurate or incomplete information
  • Right to erasure: Request that we delete your data ("the right to be forgotten")
  • Right to restriction: Restrict the processing of your data
  • Right to data portability: Receive your data in a machine-readable format
  • Right to object: Object to certain processing of your data
  • Right to withdraw consent: Withdraw your consent at any time

To exercise these rights, contact us at support@eventboende.se.

9. How long is data kept?

We retain your personal data for as long as you have an active account or for as long as is necessary to provide the service. After you delete your account, certain data is retained for up to 90 days for backup purposes.

Some data may be retained longer if required for:

  • Accounting purposes (under Swedish law)
  • Resolving disputes or fulfilling legal obligations
  • Preventing fraud or misuse

10. Children

Eventboende is not intended for children under 18 years of age. We do not knowingly collect personal data from children. If you discover that your child has provided us with personal data without your consent, contact us and we will delete the information.

11. Changes to this policy

We may update this Privacy Policy. For material changes we will notify you by email or through a prominent notice on the platform. Continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact us

For questions about this Privacy Policy, to exercise your rights, or for data protection matters, contact us:

Email: support@eventboende.se

Subject line for data protection: "GDPR request" or "Data protection"

We aim to respond to all requests within 30 days.

13. Complaints to the supervisory authority

If you believe that our processing of your personal data is not in compliance with GDPR, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY):

Integritetsskyddsmyndigheten (IMY)

Box 8114, SE-104 20 Stockholm, Sweden

Phone: +46 8 657 61 00

Website: www.imy.se