Effective: 2026

Privacy Policy

What we collect

Account info (name, email, role, company), property/vendor details you upload, booking history, payment metadata (processed by our payment processor — we do not store full card numbers), and compliance documents (EIN, W-9, COI, license) stored in encrypted private buckets accessible only to you and our compliance team.

Biometric authentication

If you enable Face ID / Touch ID / Windows Hello, your biometric template never leaves your device. We store only an opaque public credential identifier in your browser's local storage. Clear it any time by signing out and selecting "Forget this device".

How we use it

To operate the Platform, verify tax-incentive eligibility, comply with law (tax reporting, anti-fraud), and improve the service. We do not sell personal information.

Sharing

With Hosts/Vendors when you book or contract; with state film offices when you request a certified audit report; with service providers (hosting, analytics, payments) under written confidentiality.

Your rights

Access, correction, deletion, and portability requests: privacy@setstay.example. California, EU, and Canadian residents have additional rights under CCPA/CPRA, GDPR, and PIPEDA respectively.

Retention

Tax and booking records: 7 years (IRS/state audit window). Other data: until account deletion plus 30 days.