Last updated: November 15, 2025

HourNest (“we”, “our”, “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal information when you use our platform, services, mobile app, and website (collectively, the “Services”). We comply with all applicable laws, including the EU General Data Protection Regulation (GDPR).

By using HourNest, you acknowledge that you have read and understood the terms of this Privacy Policy.

1. Information We Collect

1.1 Information You Provide Directly (Personal Data)

We collect Personal Data when you: Create an account, list a space or make a booking, communicate with us or other users, make payments, or submit verification documents.

This may include:

• Identity Data: Full name, gender, date of birth.

• Contact Data: Email address, phone number, physical address.

• Financial Data: Payment card details (processed securely by our payment partners), bank account details for payouts.

• Property Data (Hosts): Property address, photos, descriptions, and booking availability.

• Verification Data: Copies of government-issued ID, business registration information, or other documents required for identity or security checks.

1.2 Automatically Collected Information

When you use our platform, we may automatically collect:

• Technical Data: IP address, device type, browser type, operating system, and unique device identifiers.

• Usage Data: Pages visited, actions taken on the platform (e.g., clicks, searches, booking flows), time spent on the Services, and referring URL.

• Location Data: General location derived from your IP address, and precise location data if you have enabled this setting on your device.

We use cookies and similar technologies to facilitate these collections (see Section 8).

1.3 Information from Third Parties

We may receive information from:

• Payment processors (e.g., Stripe) to confirm payment status and combat fraud.

• Identity verification services for security purposes.

• Social login providers (if you choose to link an account).

• Analytics and marketing partners.

2. How We Use Your Information

We use your information strictly for the purposes outlined below:

• Service Provision: To create and manage your HourNest account, facilitate and fulfill bookings between hosts and guests, and process payments and payouts.

• Customer Support: To provide effective customer service, troubleshoot issues, and respond to your inquiries.

• Security & Fraud Prevention: To verify identity, authenticate users, and prevent, detect, and investigate fraudulent or harmful activity.

• Improvement & Development: To analyze usage trends, test new features, and improve the functionality and performance of our Services.

• Communication: To send essential service-related notifications, security alerts, and, based on your consent, marketing updates and offers.

• Legal & Regulatory Compliance: To comply with legal obligations in Finland, the EU, and any other relevant jurisdiction (e.g., tax or safety regulations).

We confirm that we do not sell your personal data to third parties for their own commercial purposes.

3. Legal Basis for Processing (GDPR)

We process your personal data based on the following GDPR legal grounds:

4. Sharing Your Information

We only share your information with trusted third parties who assist us in providing the Services. We require all third parties to comply with GDPR and maintain equivalent protection for your data.

We may share data with:

• Other Users: Sharing essential information (e.g., name, booking details) between Hosts and Guests to facilitate the booking.

• Payment & Payout Partners: Sharing financial data with services like Stripe to process transactions.

• Cloud Hosting Providers: Utilizing major providers (e.g., AWS, Google Cloud) to securely store our data.

• Identity Verification Partners: Sharing verification documents for security screening.

• Customer Support & Communication Tools: Sharing contact and usage data to manage support tickets and communications.

• Analytics & Marketing Tools: Sharing non-identifiable usage data to track performance and run campaigns.

• Law Enforcement & Regulators: When legally required by court order, subpoena, or to protect our rights or the safety of others.

5. Data Storage & Retention

Your data is stored securely within the EU or in GDPR-compliant environments, protected by measures detailed in Section 6.

We retain your data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law.

• Account Data: Retained for the duration of your active account and typically for a period of

  $$e.g., 2 years$$

  after account closure to resolve disputes and address legal claims.

• Financial Data: Transaction records are retained for

  $$e.g., 6 years$$

  to comply with Finnish and EU tax and accounting laws.

• Usage Data: Retained for

  $$e.g., 12 months$$

  for platform improvement purposes.

You may request the deletion of your data at any time (see Section 7).

6. Security

We use industry-standard technical and organisational measures to protect your data, including:

• Data Encryption: Encrypting data both in transit (using SSL/TLS) and at rest.

• Secure Servers: Storing data on secure servers with restricted access controls.

• Access Controls: Limiting access to personal data only to authorized employees who need it to perform their job.

• Fraud Detection Systems: Implementing measures to proactively identify and prevent malicious activity.

While we take rigorous steps to protect your data, no system is 100% secure. We encourage you to use strong passwords and keep your account credentials confidential.

7. Your Rights (GDPR Data Subject Rights)

As a data subject under GDPR, you have the following rights concerning your personal data:

To exercise any of these rights, please contact us at hournest@hournest.com. You also have the right to lodge a complaint with the Finnish Data Protection Ombudsman or your local Data Protection Authority.

8. Cookies

We use cookies to: enable core platform functionality (e.g., login, saving preferences), analyze site usage, and personalize content.

We use a cookie consent management tool to obtain and manage your preferences. You can adjust your choices via the link at the bottom of our website or by managing settings in your browser. Disabling certain cookies may impact the functionality of the Services.

9. Children’s Privacy

HourNest is strictly not intended for, and we do not knowingly collect data from, individuals under 18 years of age. If we become aware that we have collected personal data from a minor, we will take steps to delete that information immediately.

10. International Transfers

We primarily store and process data within the European Economic Area (EEA). If data must be transferred to a third country (outside the EEA), we ensure equivalent levels of protection are applied by using:

• Standard Contractual Clauses (SCCs) approved by the European Commission.

• Binding Corporate Rules (BCRs), or other GDPR-compliant frameworks.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. When we make significant changes, we will update the “Last updated” date and, where appropriate, notify you directly via email or a prominent notice on the platform.

Continued use of the platform after the effective date of the changes means you accept the revised policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or the handling of your data, please contact us:

HourNest Oy

Email: hournest@hournest.com

Website: www.hournest.com