BookiApp
Back

Privacy Policy

Last updated: May 13, 2026

BookiApp ("we", "us" or "our") values your privacy. This privacy policy explains how we collect, use and protect your personal data.

1. Data Controller

BookiApp

Email: admin@bookiapp.com

Web: https://bookiapp.com

For all questions regarding personal data protection, you can contact us at the email address above.

2. Data We Collect

We collect the following types of data:

Account Data:

- Email address

- First and last name

- Phone number (optional)

Property Data:

- Property names and descriptions

- Addresses and locations

- Accommodation photos

Booking Data:

- Guest names

- Stay dates

- Guest contact information

Technical Data:

- IP address

- Browser type

- Device information

Guest Portal Activity:

- Time of first and last visit to the portal

- Push notification subscription status

- Message read status

This data is visible only to the host of your booking and is used solely so the host knows whether they can effectively reach you through the app or should use another communication channel (phone, email).

3. Legal Basis for Processing

We process personal data based on:

- Contractual obligation: Processing necessary for service provision

- Legitimate interest: Service improvement and security

- Consent: For marketing communications (you can withdraw at any time)

4. How We Use Your Data

We use your data to:

- Provide and maintain our service

- Enable communication between hosts and guests

- Send service-related notifications

- Track Guest Portal activity so the host knows whether the guest has opened the portal and can effectively be reached through the app (legitimate interest, GDPR Art. 6(1)(f))

- Improve user experience

- Protect against fraud and abuse

5. Data Sharing

We only share your data with:

- Service providers: Clerk (authentication), Supabase (database), Stripe (payments), Sentry (error tracking), Google Analytics (public-page statistics, only with consent)

- Guests: Only information necessary for their stay

- Legal authorities: When legally required

We never sell your personal data to third parties.

6. Your Rights (GDPR)

As an EU resident, you have the right to:

- Access: Request a copy of your data

- Rectification: Correct inaccurate data

- Erasure: Request data deletion ("right to be forgotten")

- Restriction: Limit how we use your data

- Portability: Download data in machine-readable format

- Object: Object to processing in certain situations

To exercise your rights, contact us at admin@bookiapp.com.

7. Data Security

We implement technical and organizational measures to protect data:

- Data encryption in transit (HTTPS/TLS)

- Secure password storage

- Regular security audits

- Limited data access

8. Smart Inbox and Google Data (Gmail Integration)

Smart Inbox is an optional feature that lets you manage guest inquiries from your Gmail account directly inside BookiApp. If you choose to connect Gmail, the following rules apply:

Access permissions (OAuth scopes):

- gmail.readonly — read your incoming emails so AI can detect accommodation inquiries

- gmail.send — send replies to guests on your behalf, only after your explicit confirmation

- userinfo.email and userinfo.profile — link your Gmail account to your BookiApp profile

What we do with your Gmail data:

- We fetch emails from your inbox and store them in our database (Supabase) so they can be displayed in the Smart Inbox interface

- AI (Google Gemini) analyzes email content to detect accommodation inquiries, parse dates, guest counts and draft replies

- We send replies only after you click "Send"

What we do NOT do with your Gmail data:

- We do not sell your Gmail data to third parties

- We do not use your Gmail data for advertising

- We do not use your Gmail data to train AI models (Gemini API does not train on our requests)

- We do not share your Gmail data with other BookiApp users

- Humans do not read your emails except for security, troubleshooting, or when legally required

Google API Services User Data Policy:

BookiApp's use and transfer of information received from Google APIs adheres to the [Google API Services User Data Policy](https://developers.google.com/terms/api-services-user-data-policy), including the Limited Use requirements.

Deleting Gmail data:

- You can disconnect Gmail at any time in Smart Inbox settings — access is revoked immediately

- Stored emails are deleted within 30 days after disconnection

- You can also revoke access at [myaccount.google.com/permissions](https://myaccount.google.com/permissions)

9. Retention Period

We retain data while:

- You have an active account with us

- Necessary for service provision

- Legal retention obligation exists

After account deletion, data is deleted within 30 days, unless law requires longer retention.

10. Cookies

We use cookies for service functionality. For more information, see our Cookie Policy.

11. Policy Changes

We may update this privacy policy. We will notify you of significant changes via email or in-app notification.

12. Contact

For privacy questions:

Email: admin@bookiapp.com

You have the right to file a complaint with the data protection supervisory authority in your country.

© 2026 BookiApp. All rights reserved.