Offbeat Privacy Policy

Version: 1.1 – 26 August 2025

1. INTRODUCTION

This Privacy Policy explains how Offbeat (“we”, “us”, “our”) collects, uses, and protects your personal data when you use our website or services throughout your use of the Offbeat platform. We are committed to handling your personal information responsibly and in compliance with applicable data protection laws, including the UK GDPR and EU GDPR (where relevant).

2. WHAT DATA WE COLLECT

When you use our site or submit an accommodation intent form, we may collect:

  • Contact details – your name, email address, and phone number
  • Booking intent data – desired location, travel dates, preferences
  • Communication data – messages, email correspondence
  • Payment data – billing and transaction details (handled via Stripe)
  • Technical data – IP address, browser type, time zone, and device type

We do not collect or store any sensitive personal data.

3. HOW WE USE YOUR DATA

We use your data to:

  • Process your accommodation intent
  • Communicate with you regarding your inquiry and any curated offers
  • Facilitate booking and payment (including collecting fees via Stripe)
  • Send service-related updates (e.g. booking status)
  • Send marketing emails if you have opted in
  • Improve our website performance and user experience

4. LEGAL BASIS FOR PROCESSING

Under the UK and EU GDPR, we rely on the following lawful bases:

  • Contract – to process your inquiry and manage bookings
  • Consent – for marketing communications (opt-in only)
  • Legitimate interests – to operate and improve our business, provided your rights don’t override these interests

5. MARKETING COMMUNICATIONS

We will only send you marketing emails if you have given us clear consent (e.g., by ticking an opt-in box). You can unsubscribe at any time via the link in our emails.

6. WHO WE SHARE YOUR DATA WITH

We may share your data with:

  • Hosts – to facilitate booking and provide offer details
  • Stripe – to process payments securely
  • Email platforms – to communicate with you
  • Service providers – for analytics and site functionality

We do not sell your personal data.

7. INTERNATIONAL DATA TRANSFERS

Some of our service providers may process your data outside the UK or EU. Where this occurs, we ensure appropriate safeguards are in place (e.g. standard contractual clauses or adequacy decisions).

8. DATA RETENTION

We retain your data for as long as necessary to provide our services and fulfil any legal or contractual obligations. If you request deletion, we will delete or anonymise your data, unless we’re required to keep it for legitimate legal reasons.

9. YOUR RIGHTS

You have the right to:

  • Access the data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Withdraw consent (e.g. for marketing)
  • Object to processing in certain circumstances
  • Lodge a complaint with the UK Information Commissioner’s Office (ICO) or relevant EU authority

To exercise any of these rights, contact us at: [email protected]

10. SECURITY

We take appropriate technical and organisational measures to protect your data from loss, misuse, unauthorised access, or disclosure. Payments are processed securely via Stripe.

11. COOKIES

Our website may use cookies or similar technologies to improve user experience and site performance. You will be notified and able to manage cookie settings upon your first visit.

12. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. The most recent version and date will always be published on our site.

13. CONTACT US

If you have questions about this Privacy Policy or how we handle your data, contact: [email protected]