Privacy Policy -


Thank you for taking a look at our Privacy Policy. We are glad you are concerned about how we handle your information, it is important to us.


By using our services you agree to our privacy policy set out below. The English language is leading, translations are available for your comfort.


Before we start, some important values:

We promise to protect your data as if is our own.

We won’t sell your data for marketing purposes.

We won’t share your personal data without good reason with other parties. (Like legal obligations)


When ‘we’, ‘us’, ‘our’,  or alike is mentioned in the text of this privacy statement, BOOKA RENTALS BV located in AMSTERDAM, the NETHERLANDS is meant. When we mention ‘websites’, the following domains are meant:,,,,,,,,,




We collect certain types of information:

  1. Personal information

  2. Correspondence information

  3. Use of site information

1. Personal information

We only ask for personal data when we need it for business purposes. All personal data we process is lawfully obtained and with a legal basis. The purpose for collecting the information is so we can continue and run our day-to-day business. We need personal information to give you the ability to fully use the services we offer, advertising your property (owner) or submitting booking requests / bookings via our platform (traveler). We request several types of personal information:

  1. Required account information (traveler)
    (Such as: Name, Email, Password, Phone)

  2. Required account information (owner)
    (Such as: Name, Email, Password, Phone, Address, Security question)

  3. Profile information (owner)

  4. Listing information (owner)

In order to be able to use our services you are required to enter the requested information on the logged-in area of the website.


Connected application information



A user can choose to create an account on our website via the Facebook connect button instead of via email. This can also be used for future log-ins to the website. The information we receive from Facebook is limited to your email address, profile picture and location. We use the email address to communicate with you. The profile picture for your account's profile picture. And your location to set your language, currency, VAT rates and timezone.



Users may choose to connect their Google (calendar) account to our website in order to synchronize booking dates. We only use the Google Calendar (API) information retrieved from your connected calendar to: show the property's availability, add the dates of a booking made via our platform to the calendar, or remove these dates in case of a cancellation. We do not share information already present in the calendar before it was connected with other platforms. We store the dates (bookings) present in the calendar in our database to show the property's availability to our users. When you disconnect your Google account this data is removed from our database.



2. Correspondence information

Correspondence information is information you send us for a support ticket for example. We need a minimum amount of information in order to identify you or your booking and help you out. We use Zendesk ( to help order and maintain the support requests. We are not responsible for the way in which they handle the information they process.


Other correspondence information we store is that between you and the host / guest. The main reason therefor is to provide you an historic overview of what you have discussed with the other party. We also monitor this (automated) to detect possible misuse of the platform and to protect our users, against fraud for example. In no way is correspondence data used for marketing purposes. All sent and receive data can be seen per booking (request) in your account on the “My Bookings” page.



3. Use of site information

We store anonymized information on how the site is used for internal statistics and trends. The information we store are ‘search queries’, these often contain: location, dates and number of people travelling. We also use Google Analytics to analyze anonymized information entered when using our websites.





How we use your data

Your data is used for the purpose it was entered into our system: either so you can book one of the listed properties or so you can advertise your property / properties successfully on our platforms. 


Other reasons to use your data could be, to be able to communicate with you or help you with any support questions you may have.


We infrequently use your information (name, email) with third parties tools (like for marketing purposes, for sending you our newsletter, system updates or to show you relevant ads on (social) media channels like Facebook for example.


We share necessary information with third parties in order to keep our services and platforms in operation. An example is your email address with, which we use to send our transactional emails.


Our website contains links to other parties. We are not responsible for the way in which these parties handle their user’s privacy.


In case our company is sold or merges with another company your data will become available to this new entity. We will notify you hereof.


In case we are legally required to share your data your consent is not requested.



Access / overview of your data

You have the right to view, update and remove the data we store belonging to you. You can do so by logging in to the website and accessing your ‘account’. The information you see on the different pages is almost all the info we store about you. Unless you’ve given us permission to create (certain parts of) your account for you, you have entered and provided the information yourself.


Beside the information that is visible to you from your account we store:

  • The IP address used to make a booking request / booking
  • Your payment method (Example: Visa, iDeal, PayPal)
  • The location from which you make a booking request / booking

Within our company only the people who need access to your data have access to it. This is mainly required to handle support quests you or your guests send us. Or to prevent fraud or other illegal activity. If our 'contact information'-filters are triggered the system alerts us and we can view the related messaging history of the thread which triggered the filter. If the situation requires it, related threads may be examined too.



Payment info

We use Adyen ( to process the payments. We only store the payment result (paid, failed, pending, refused, ect). And which payment method was used (Example: Visa, iDeal, PayPal). Check Adyen’s privacy policy to see how they handle and store your payment details. Booka Rentals BV does not store any other payment information than just mentioned. To be very clear: we do not store a your credit card information and thus are also not able to update it.



Emails we send

We send account and service related emails when actions you have taken on the website or app require us to do so in order to make our service possible. Examples of emails we send are:

  • Account activation link emails
  • Booking related emails
  • Account related emails
  • Support related emails

We use and to send our transactional email. They store the emails our system sends for 30 days after which they are deleted. Mandrill and Mailjet provide us the ability to see statistics related to the sent emails such as: open rate, delivery rate, bounce rates, and so on. We use an external application such as Mandrill to deliver our emails because email delivery is a profession on its own and not our core business.



Short text messages (SMS)

We use MessageBird ( to send you short text messages in a few cases:

  • When a booking request is started but not submitted (traveler)
  • When a booking request is approved by the owner and a payment is required to secure the booking (traveler)
  • When a new (pre-paid) booking request is received (owner)
  • When a (pre-paid) booking request isn’t accepted in 24h, a reminder (owner)

The text messages, containing your first name (at most) and phone number are stored for 6 months on the MessageBird servers. After that period they are deleted. This enables us to check the correct sending of SMS’s every once in a while. Or to check if the messages are delivered. In case they aren’t the phone number provided is often incorrect and needs correction.


Revoke data used

Any user may revoke our access for the following linked application at any time:

  • For Facebook: on the application management tab of your Facebook account.
  • For Google: on the Google token management page or via our calendar management page.




We have the ability to sign up for certain affiliate / referral programs. Each user sign-up is voluntary and is not required to use our rental services. When you sign up for a referral program we create an account for you at with the information you entered and send you the temporary login details of this account. On your first sign in you are required to change your password.

The data you enetred, which we send to Tapfiliate after your approval per confirmation email, is the minimum amount of data needed to create your account and track your conversions. This includes your first & last name and your email address. That is it. Please note that we do not send any data belonging to referred persons to We only use their information, which you provide us, to notify them of the service you invite them for.



Deletion of your data

You can login to the website to review the information we store from you. If information is not required you can delete it yourself. Although we do not advise you (as owner) to do so as it will remove valuable information for your listing and result in less bookings, you can remove it. If you would like to remove required information you can send us a request to delete your account. All information will be deleted which is not linked to a (future or historic) booking. The information we keep is required for our invoices and financial administration. We are required to keep financial information for our administration for 7 years by law.





How do we protect your data?

We protect your data and our websites (code) in several ways. Our websites use an SSL certificate to ensure a secure connection. We also use to speed up and protect our websites and servers. CloudFlare analyzes our traffic and keeps bad actors out before they reach the websites. With it’s CDN of 150+ data centers worldwide it also helps speed up the delivery of our content in places further away from our server location. We also use a Web Application Firewall (WAF) to protect us from potential harm on the IP level. We can set rules to keep certain actors out of the door. We also monitor our websites’ traffic by using CloudFlare, Google Analytics and Lucky Orange. Our code is tested and reviewed on a regulatory basis and updated or improved where needed. And finally all passwords are stored hashed and slated. The chosen security question and answer, for the owner profile, are also stored encrypted.


Each time a user connects his Facebook account, logs in via Facebook or connects a gCalendar we receive a special token. This token can be used to retrieve some limited personal data, to create your account or post to your Facebook timeline. We only post to the timeline of users who voluntary choose to apply for a Facebook discount.


As each token can only be used for a very limited amount of time (about 20 minutes usually) we request offline access. This means we get another token which can be used to get a new access token for this user. These access tokens are stored encrypted as they can be used directly to fetch user data. The offline tokens aren't encrypted as they can't be used without our application secret code, which is stored separately on our side.



Where do we store your data?

At the moment we host our websites and its databases in The Netherlands. The databases are, of course, password protected, have brute force detection mechanisms and IP locks to prevent access from non-whitelisted IP addresses. Your password is stored hashed and salted, so in case of an very unlikely breach it won’t be backwards engineerable.





Google Analytics

Booka Rentals uses Google Analytics to analyze our websites and to measure how effective our AdWords campaigns are. This also shows use where our visitors come from and which pages they visited. The information therefore doesn’t contain any personal data and is not traceable to individual users.


To collect the Google Analytics data a piece of JavaScript is placed on the websites which sends information to Google’s servers around the world. Check Google privacy policy to see how they handle your privacy. To not be included in their analytics’ statistics you can opt-out using their browser plugin.



Storage duration

We store your personal information as long as you have an account on our website. When the account is deleted we also delete your personal information as long as it is not needed for invoices of our financial administration. Such information we need to store at least 7 years according to Dutch law.



Changes to this privacy statement

Booka Rentals BV may choose to update this privacy policy directly and without notice, therefore we advise you to review our privacy statement on a regular basis so you will be updated of any changes. For questions you can always contact us at: