GDPR Compliance

    Last updated: March 2026

    At Resify, we are committed to full compliance with the General Data Protection Regulation (GDPR). We respect the privacy rights of our users in the European Economic Area (EEA) and the United Kingdom, and have implemented comprehensive measures to ensure data protection by design and default.

    1. Our Role

    Under the GDPR, Resify primarily acts in two capacities:

    • Data Controller: Regarding the personal data of our direct customers (hosts, property managers) including billing data and account details.
    • Data Processor: Regarding the personal data of end-guests who make bookings on the websites we build for our customers. In this scenario, our customer is the Data Controller, and we process the data strictly following their instructions to facilitate the booking.

    2. Lawful Basis for Processing

    We process personal data based on the following legal grounds:

    • Contractual Necessity: To provide our direct booking website services, process payments, and provide customer support.
    • Legitimate Interests: To improve our platform, ensure security, and prevent fraud.
    • Consent: Where required, such as for dropping non-essential cookies or sending marketing communications.
    • Legal Obligation: To comply with applicable laws, such as tax and accounting regulations.

    3. Cross-Border Data Transfers

    Resify operates globally. Where personal data originating from the EEA or UK is transferred to countries outside these regions (such as the United States), we ensure an adequate level of protection is maintained by utilizing European Commission-approved Standard Contractual Clauses (SCCs) and implementing robust technical and organizational safeguards.

    4. Data Subject Rights

    The GDPR grants specific rights to individuals regarding their personal data. We are dedicated to facilitating these rights:

    • Right to Access: You can request a copy of the personal data we hold about you.
    • Right to Rectification: You can request that we correct inaccurate or incomplete data.
    • Right to Erasure (Right to be Forgotten): You can request the deletion of your personal data when it is no longer necessary for the purposes it was collected.
    • Right to Restriction of Processing: You can ask us to pause the processing of your data under certain conditions.
    • Right to Data Portability: You can request your data in a structured, commonly used, and machine-readable format.
    • Right to Object: You can object to our processing of your data based on legitimate interests or for direct marketing.

    5. Exercising Your Rights

    If you are a Resify customer and wish to exercise any of these rights, please contact us at dpo@resify.com. If you are an end-guest who booked through a Resify-powered website, please direct your request to the property host (the Data Controller), and we will assist them in fulfilling your request.

    6. Data Processing Agreement (DPA)

    For our customers operating within the EEA or serving European guests, a comprehensive Data Processing Agreement (DPA) incorporating Standard Contractual Clauses is incorporated into our Terms of Service.

    Ready to stop renting your guests and own your business?

    Get an agency-quality site without the agency price tag. We handle the entire setup, you handle the guests.

    Guarantee30-day money-back guarantee
    No long-term contracts