Privacy Policy

GDPR compliant • Last updated: January 2025

Introduction

Innvaro ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This privacy policy explains what personal data we collect, how we use it, and what rights you have.

By using our service, you agree to the processing of your personal data as described in this privacy policy.

Data Controller

Innvaro

E-mail: info@innvaro.com

KVK: 74361333

BTW: NL002408889B57

Innvaro is responsible for the processing of personal data as described in this privacy policy, in accordance with the General Data Protection Regulation (GDPR).

What Data Do We Collect?

Account Data

To create an account, we ask for: name, email address, and organization details. This data is necessary to provide the service.

Accommodation Data

You can enter accommodation details, such as address, description, check-in/check-out times, and house rules. This data is used to train the AI assistant and provide recommendations to your guests.

Guest Data

When guests use the Innvaro chat, we collect anonymous user data (such as device ID) and chat history. This data is used to improve the service and provide personalized recommendations.

Technische gegevens

We verzamelen automatisch technische gegevens zoals IP-adres, browser type en versie, besturingssysteem, device type, en gebruikspatronen. Deze gegevens worden gebruikt om de dienst te verbeteren, problemen op te lossen, en de beveiliging te waarborgen.

Contact Form

When you use the contact form, we collect your name, email address, phone number (optional) and message. This data is used to answer your question.

Why Do We Collect This Data?

We use your data for the following purposes:

  • Providing and improving the Innvaro service
  • Processing your requests and questions
  • Sending important service updates
  • Analyzing usage patterns to optimize the service (anonymized)
  • Security: Ensuring the security and integrity of the service
  • Legal obligations: Complying with applicable laws and regulations

Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

  • Performance of contract: For providing the service you have requested
  • Legitimate interest: For improving the service, security, and fraud prevention
  • Consent: For marketing communications and optional features (you can withdraw this consent at any time)
  • Legal obligation: For complying with applicable laws and regulations

How Long Do We Store Data?

We store your data as long as necessary for the purposes for which it was collected:

  • Account data: as long as your account is active
  • Accommodation data: as long as you use the service
  • Chat history: maximum 2 years after last use
  • Contact form data: maximum 1 year after last contact
  • Technische logs: Maximaal 6 maanden

After terminating your account, your data will be deleted within 30 days, unless we are legally required to keep it longer.

Do We Share Data with Third Parties?

We do not share your personal data with third parties for commercial purposes. However, we work with the following service providers:

  • Hosting providers: For hosting our service (e.g., Vercel). These parties only have access to technical data necessary for their services and are contractually obligated to protect your data.
  • Payment processors: For processing payments (Stripe). Payment data is sent directly to Stripe and is not stored by us.
  • Analytics (optional): For anonymized user statistics. All analytics are anonymized and cannot be traced back to individual users.

We may share data if legally required, if we receive a court order, or to protect our rights and property.

Data Security

We take appropriate technical and organizational measures to protect your data against unauthorized access, loss, destruction or modification.

This includes: encryption of data in transit and at rest, regular security updates, access controls, and regular backups.

Ondanks onze inspanningen kan geen enkele methode van elektronische opslag of verzending 100% veilig zijn. We kunnen daarom niet garanderen dat uw gegevens absoluut veilig zijn.

Cookies

Innvaro uses cookies and similar technologies to deliver and improve the service. We use:

  • Functional cookies: Necessary for the operation of the service (e.g., session management)
  • Analytics cookies: For anonymized user statistics (optional)

You can disable cookies via your browser settings, but this may affect the functionality of the service. For more information about how we use cookies, please contact us.

Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right of Access: You have the right to know what data we process about you.
  • Right to Rectification: You have the right to have incorrect data corrected.
  • Right to Deletion: You have the right to have your data deleted ("right to be forgotten").
  • Right to Limitation: You have the right to limit the processing of your data.
  • Right to Data Portability: You have the right to receive your data in a structured format.
  • Right to Object: You have the right to object to the processing of your data.

To exercise these rights, please contact us viainfo@innvaro.com. We reageren binnen 30 dagen op uw verzoek.

Complaints

If you believe that we are not processing your personal data correctly, you have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens). You can contact the AP via www.autoriteitpersoonsgegevens.nl.

Changes to This Privacy Policy

We may update this privacy policy from time to time. Changes will be published on this page with an updated date. We recommend checking this page regularly.

Contact

For questions about this privacy policy or about the processing of your personal data, you can contact us viainfo@innvaro.com.

Innvaro – Your AI Digital Host for Modern Accommodations