Privacy Policy

Last Updated: October 19, 2025

Table of Contents

1. Introduction

Welcome to AirPrice ("we," "our," or "us"). We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website and services.

AirPrice provides AI-driven pricing intelligence for rental property hosts. We are fully compliant with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

By using our services, you agree to the collection and use of information in accordance with this policy.

2. Data We Collect

2.1 Information You Provide to Us

  • Account Information via OAuth: When you sign up using Google, Microsoft, Facebook, or LinkedIn, we receive your name, email address, and profile picture from your chosen provider. We do not store or manage passwords - authentication is handled entirely by these trusted providers.
  • Property Information: Rental listing URLs, property details, and pricing information
  • Payment Information: Billing address and payment details (processed securely through our payment providers - we never store credit card information)
  • Communication Data: Messages, feedback, and support requests you send to us

2.2 Information We Collect Automatically

  • Usage Data: How you interact with our website and services
  • Device Information: IP address, browser type, operating system, and device identifiers
  • Cookies and Similar Technologies: As described in our Cookie Policy
  • Analytics Data: Page views, time spent on pages, and navigation patterns

2.3 Information from Third Parties

  • OAuth Authentication Providers: When you sign up using Google, Microsoft, Facebook, or LinkedIn, we receive basic profile information (name, email, profile picture). These providers handle all authentication and password management - we never have access to your login credentials.
  • Publicly Available Data: Information about your rental listings from public sources like booking.com to provide market analysis
Important Security Note: AirPrice uses industry-standard OAuth 2.0 authentication exclusively. We do not store, manage, or have access to your passwords. All authentication is handled securely by Google, Microsoft, Facebook, and LinkedIn. This significantly reduces security risks and protects your account.

3. How We Use Your Data

We use your personal data for the following purposes:

3.1 Service Provision

  • To create and manage your account
  • To provide pricing analysis and reports for your rental properties
  • To send you reports and updates about your properties
  • To process your payments and manage subscriptions

3.2 Communication

  • To respond to your inquiries and support requests
  • To send you important service updates and notifications
  • To send marketing communications (with your consent)

3.3 Service Improvement

  • To analyze usage patterns and improve our services
  • To develop new features and functionality
  • To conduct research and analysis

3.4 Legal Compliance

  • To comply with legal obligations
  • To protect our rights and prevent fraud
  • To enforce our Terms of Use

3.5 Legal Basis for Processing (GDPR)

We process your data based on:

  • Contract Performance: Processing necessary to provide our services
  • Legitimate Interest: For service improvement and analytics
  • Consent: For marketing communications and cookies
  • Legal Obligation: To comply with applicable laws

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information in the following circumstances:

4.1 Service Providers

We work with trusted third-party service providers who assist us in operating our business. These include:

  • Cloud Hosting: Microsoft Azure for data storage and hosting
  • Payment Processing: Secure payment processors for handling transactions
  • Email Services: For sending reports and communications
  • Analytics: For understanding how users interact with our service

All service providers are bound by data protection agreements and process data only as instructed.

4.2 Legal Requirements

We may disclose your information if required by law or to:

  • Comply with legal processes or government requests
  • Protect our rights, property, or safety
  • Prevent fraud or illegal activities

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.

5. Data Storage and Security

5.1 Storage Location

Your data is stored securely on Microsoft Azure servers located in the European Union. We ensure that all data transfers comply with GDPR requirements.

5.2 Security Measures

We implement industry-standard security measures including:

  • OAuth 2.0 Authentication: We use OAuth exclusively - no passwords are stored on our servers
  • End-to-end encryption for data transmission (SSL/TLS)
  • Encryption at rest for stored data
  • Regular security audits and updates
  • Strict access controls and multi-factor authentication for our staff
  • Regular backups and disaster recovery procedures
  • Employee training on data protection and GDPR compliance
  • Secure API integrations with third-party services

No Password Storage: By using OAuth authentication, we eliminate the risk of password breaches entirely. Your login credentials are managed by industry leaders (Google, Microsoft, Facebook, LinkedIn) who specialize in security.

5.3 Data Breach Notification

In the unlikely event of a data breach, we will notify affected users and relevant authorities within 72 hours, as required by GDPR.

6. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

6.1 Right to Access

You can request a copy of all personal data we hold about you.

6.2 Right to Rectification

You can request corrections to any inaccurate or incomplete data.

6.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data, subject to legal obligations.

6.4 Right to Restrict Processing

You can request that we limit how we use your data in certain circumstances.

6.5 Right to Data Portability

You can request a copy of your data in a machine-readable format.

6.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing.

6.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time.

6.8 How to Exercise Your Rights

To exercise any of these rights, please contact us at airprice.privacy@gmail.com. We will respond within 30 days.

7. Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience. For detailed information, please see our Cookie Policy.

7.1 Essential Cookies

Required for the website to function properly (e.g., session management, security).

7.2 Analytics Cookies

Help us understand how visitors use our website (requires consent).

7.3 Marketing Cookies

Used to deliver relevant advertisements (requires consent).

You can manage cookie preferences through our cookie consent banner.

8. Third-Party Services

Our website may contain links to third-party websites. We are not responsible for their privacy practices. We recommend reviewing their privacy policies.

8.1 OAuth Authentication Providers

AirPrice uses OAuth 2.0 for secure authentication. When you sign in using Google, Microsoft, Facebook, or LinkedIn, you are redirected to their secure login pages. We never see or store your password. The OAuth providers' privacy policies apply to the authentication process:

We only receive basic profile information (name, email, profile picture) that you explicitly authorize during the OAuth consent process. You can revoke AirPrice's access at any time through your provider's security settings.

8.2 Payment Processors

Payment information is processed directly by our payment providers and is not stored on our servers.

9. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Active Accounts: Data is retained while your account is active
  • Closed Accounts: Data is deleted within 90 days of account closure, except where legal obligations require retention
  • Legal Requirements: Financial records are retained for 7 years for tax purposes
  • Marketing Data: Deleted immediately upon unsubscribe request

10. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us, and we will delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification for significant changes

We encourage you to review this policy periodically. Your continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: airprice.privacy@gmail.com
Support: airprice.support@gmail.com
Address: AirPrice, [Your Business Address]
Data Protection Officer: airprice.dpo@gmail.com

Supervisory Authority:
If you are located in the EU/EEA, you have the right to lodge a complaint with your local data protection authority.