STRProof
Try Free

GDPR Notice

Last updated: 2026-05-17

1. Who We Are

STRProof is the data controller responsible for your personal data under the General Data Protection Regulation (GDPR).

Data Controller: STRProof Email: privacy@strproof.com

3. Your Rights Under GDPR

You have the following rights. We will never charge you for exercising them.

3.1 Right of Access (Art. 15)

You can request a copy of all personal data we hold about you. We will provide it within 30 days in a machine-readable format (JSON).

3.2 Right to Rectification (Art. 16)

You can request correction of inaccurate personal data. You can also update most of your data directly through your account settings.

3.3 Right to Erasure (Art. 17)

You can request deletion of your personal data. We will delete your data within 30 days, except where retention is required by law (e.g., billing records for 7 years).

What gets deleted:

  • Your account information
  • Your properties and rooms
  • Your photos and uploads
  • Your stays and turnovers
  • Your reports

What may be retained:

  • Billing records (7-year legal requirement)
  • Audit log entries (anonymized — your identity removed, action retained)
  • Data that is part of another user's account (e.g., a cleaner's verification of your property)

3.4 Right to Data Portability (Art. 20)

You can receive your data in a structured, machine-readable format. We provide data exports in JSON format through our /gdpr/data-request form.

3.5 Right to Restriction (Art. 18)

You can request that we limit how we process your data, for example if you contest the accuracy of the data or object to processing.

3.6 Right to Object (Art. 21)

You can object to processing based on legitimate interest. We will stop processing unless we have compelling legitimate grounds that override your interests.

3.7 Right to Withdraw Consent (Art. 7)

Where processing is based on consent, you can withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

You can withdraw consent for:

  • Analytics cookies (through cookie settings or account settings)
  • Marketing communications (through email unsubscribe or account settings)

3.8 Right to Lodge a Complaint (Art. 77)

You have the right to lodge a complaint with your national data protection supervisory authority if you believe your data is being processed in violation of the GDPR.

5. Data Protection Impact

STRProof processes property condition photos and guest information. We have assessed the privacy impact:

  • Photos: Contain images of property interiors. We minimize retention and provide deletion tools.
  • Guest data: Limited to what is necessary for property documentation (name, email, phone). Guests can request deletion.
  • Audit logs: Record actions for security but do not contain sensitive personal data beyond user IDs and timestamps.

7. Exercising Your Rights

Online Form

/gdpr/data-request — for access, export, and deletion requests

Email

privacy@strproof.com — for all other GDPR requests

Response Time

30 days from receipt of request. We may extend by up to 60 additional days for complex requests.

Identity Verification

We will verify your identity before processing requests that involve accessing or deleting personal data. This protects your data from unauthorized access.

9. Contact

Data Protection Inquiries: privacy@strproof.com

Data Subject Requests: /gdpr/data-request

Postal Address: Available upon request to privacy@strproof.com