Privacy Policy

Last Updated: December 9, 2025

1. Introduction

Sane Host ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our rental property management service.

By using Sane Host, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our Service.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide, including:

  • Account Information: Name, email address, and profile picture (from Google OAuth)
  • Contact Information: Phone number for SMS notifications
  • Property Information: Names, addresses, and details of your rental properties
  • Guest Information: Names, phone numbers, and booking details of your guests

2.2 Calendar Data

We import and process calendar data from external platforms:

  • Airbnb iCal feeds
  • VRBO iCal feeds
  • Google Calendar feeds
  • Other iCal-compatible calendar sources you connect

2.3 Payment Information

Payment processing is handled by Stripe. We do not store your credit card numbers or banking information. Stripe may collect and store payment information in accordance with their privacy policy.

2.4 Usage Data

We automatically collect certain information when you use our Service:

  • IP address and browser type
  • Pages visited and features used
  • Date and time of access
  • Device information

3. How We Use Your Information

We use the collected information for the following purposes:

  • Provide the Service: Aggregate calendars, send notifications, generate guest messages
  • SMS Notifications: Send booking reminders, check-in/check-out alerts, and cleaning schedules
  • Email Communications: Send account-related emails, subscription confirmations, and important updates
  • Improve the Service: Analyze usage patterns to enhance features and user experience
  • Customer Support: Respond to your inquiries and provide assistance
  • Security: Detect and prevent fraud, abuse, or security threats
  • Legal Compliance: Comply with applicable laws and regulations

4. Third-Party Services

We use the following third-party services to provide our Service:

Google OAuth

Used for authentication. We receive your name, email, and profile picture. Google Privacy Policy

Stripe

Used for payment processing and subscription management. Stripe Privacy Policy

Twilio

Used for sending SMS notifications. Twilio Privacy Policy

Mailgun / Brevo

Used for sending transactional emails. Mailgun Privacy Policy / Brevo Privacy Policy

KeyCafe

Used for smart lock key management (if enabled). KeyCafe Privacy Policy

5. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes described in this policy:

  • Account Data: Retained while your account is active and for 30 days after deletion request
  • Booking Data: Retained for 2 years after the booking date for historical reference
  • Payment Records: Retained for 7 years as required by tax and accounting regulations
  • Usage Logs: Retained for 90 days

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data (subject to legal retention requirements)
  • Portability: Request your data in a machine-readable format
  • Withdraw Consent: Withdraw consent for data processing where consent is the legal basis
  • Object: Object to processing of your data for certain purposes

To exercise these rights, please contact us at privacy@sane-host.com

7. Cookies and Tracking

We use cookies and similar technologies to:

  • Essential Cookies: Required for authentication and basic functionality
  • Session Cookies: Maintain your login state across pages
  • Preference Cookies: Remember your settings and preferences

We do not use advertising or tracking cookies. You can configure your browser to refuse cookies, but some features of the Service may not function properly.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of sensitive data at rest
  • Regular security assessments
  • Access controls and authentication requirements

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using our Service, you consent to the transfer of your information to Canada and other countries where our service providers operate.

10. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us and we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we will also send an email notification to the address associated with your account. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

13. Additional Rights for Specific Regions

For California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected and the right to request deletion. We do not sell personal information.

For European Residents (GDPR)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local supervisory authority.

For Canadian Residents (PIPEDA)

Canadian residents have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA). You may contact the Office of the Privacy Commissioner of Canada if you have concerns about our data practices.