Privacy policy

Last updated: 2026-05-05

room2let operates under the EU General Data Protection Regulation (GDPR) and Greek law. This page is a placeholder for the production legal text.

Data we collect

• Account: email, name, hashed password, OAuth identifiers
• Listings: titles, descriptions, photos, geographic coordinates
• Bookings: dates, guest counts, payment status, Stripe references
• Operational: IP address (for fraud prevention), user agent, request logs

Where the data lives

Application servers, the primary database and photo storage are hosted in the EU. Payments are processed by Stripe (Ireland and the United States, under their EU SCC and DPA). Email delivery runs through providers operating within the EU.

Your rights

You can request access, correction, or deletion of your data at any time via your account, or by emailing privacy@room2let.example.