Last Updated: November 12, 2025
Tavvolo, Inc. ("Tavvolo," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our community-specific vacation rental platform, including our website, mobile applications, and related services (collectively, the "Service").
Please read this Privacy Policy carefully. By accessing or using the Service, you agree to this Privacy Policy. If you do not agree with this Privacy Policy, you may not access or use the Service.
Account Information: When you register for an account, we collect your name, email address, phone number, password, and profile photo (optional).
Identity Verification: Through our integration with Stripe Identity, we collect government-issued identification documents (such as driver's licenses or passports), photos for facial recognition, and biometric data necessary for identity verification. Stripe Identity processes this information according to their privacy policy.
Property Listings: If you are a Host, we collect property addresses, descriptions, photos, amenities, house rules, pricing, availability calendars, and other property-related information.
Payment Information: Payment card information, bank account details, and billing addresses are collected and processed by Stripe, our payment processor. We do not store full payment card numbers on our servers, but we may store the last four digits for your reference.
Communications: We collect the content of messages you send through the Service, including messages between Hosts and Guests, customer support inquiries, and reviews.
User-Generated Content: We collect photos, reviews, ratings, comments, and other content you submit to the Service.
Preferences and Settings: We collect information about your preferences, communication settings, notification preferences, and account settings.
Device Information: We automatically collect device type, operating system, unique device identifiers, mobile network information, and device settings.
Usage Information: We collect information about your interactions with the Service, including pages viewed, links clicked, features used, search queries, booking history, and time spent on the Service.
Location Information: With your permission, we collect precise geolocation data from your mobile device. We may also derive approximate location from your IP address.
Log Information: Our servers automatically record information including IP addresses, browser type and language, access times, pages viewed, app crashes, and system activity.
Cookies and Similar Technologies: We use cookies, web beacons, pixels, and similar tracking technologies to collect information about your browsing activities and preferences. For more information, see Section 6 below.
Social Media: If you connect your account to social media services, we may receive information from those services, such as your profile information and friend lists, in accordance with their privacy settings.
Background Checks: If you consent, we may receive information from third-party background check providers.
Other Users: We may receive information about you from other users, such as when they invite you to the platform, include you in a booking, or write reviews about their experience with you.
We use the information we collect to:
We may share your information in the following circumstances:
When you make or accept a booking, we share relevant information with the other party, including names, contact information, property addresses, and booking details. Your public profile information may be visible to other users of the Service.
We share information with third-party service providers who perform services on our behalf, including:
These service providers are contractually obligated to protect your information and use it only for the purposes for which it was disclosed.
We may disclose your information if required by law or in response to valid legal requests, including:
If we are involved in a merger, acquisition, asset sale, bankruptcy, or other business transaction, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.
We may share your information with third parties when you give us consent to do so, such as when you authorize third-party integrations or participate in promotional activities.
We may share aggregated or de-identified information that cannot reasonably be used to identify you, such as statistics about Service usage or demographic trends.
We retain your information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, enforce our agreements, and for other legitimate business purposes. The retention period varies depending on the type of information:
We implement reasonable administrative, technical, and physical security measures to protect your information from unauthorized access, use, disclosure, alteration, and destruction. These measures include:
However, no system is completely secure, and we cannot guarantee the absolute security of your information. You are responsible for maintaining the confidentiality of your account credentials.
We use cookies, web beacons, pixels, and similar technologies to collect information about your browsing activities and preferences. These technologies help us:
Most web browsers automatically accept cookies, but you can modify your browser settings to decline cookies. However, disabling cookies may affect your ability to use certain features of the Service. Mobile device users can manage tracking through device settings.
Depending on your location, you may have certain rights regarding your personal information:
You have the right to access your personal information and request a copy in a portable format. You can access most of your information through your account settings.
You have the right to correct inaccurate information or update incomplete information. You can update most information through your account settings.
You have the right to request deletion of your personal information, subject to certain exceptions (e.g., legal obligations, pending transactions, or fraud prevention). To request deletion, contact us at privacy@tavvolo.com. Note that some information may be retained in backup systems for a limited period.
You have the right to object to or restrict certain processing of your information, including for direct marketing purposes. You can opt out of marketing communications using the unsubscribe link in emails or by updating your communication preferences in account settings.
Where we rely on your consent to process information, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
You have the right to lodge a complaint with a data protection authority about our collection and use of your personal information.
To exercise any of these rights, contact us at privacy@tavvolo.com. We will respond to your request within the timeframe required by applicable law (typically 30 days). We may request additional information to verify your identity before processing your request.
The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@tavvolo.com, and we will delete such information from our systems.
Your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate. These countries may have data protection laws different from your country. By using the Service, you consent to such transfers. We implement appropriate safeguards to protect your information when it is transferred internationally, including standard contractual clauses and other mechanisms approved by regulatory authorities.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
To exercise these rights, contact us at privacy@tavvolo.com or call [phone number]. You may designate an authorized agent to make requests on your behalf.
If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):
Legal basis for processing: We process your information based on:
Data Protection Officer: For questions about our GDPR compliance, contact our Data Protection Officer at dpo@tavvolo.com.
The Service may contain links to third-party websites, applications, and services that are not operated by us. This Privacy Policy does not apply to those third-party services. We are not responsible for the privacy practices of third parties, and we encourage you to review their privacy policies before providing them with any information.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated Privacy Policy with a new "Last Updated" date. Material changes will be communicated through email notification or a prominent notice on the Service. Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: privacy@tavvolo.com
Data Protection Officer: dpo@tavvolo.com
Customer Support: support@tavvolo.com
Website: www.tavvolo.com
Mailing Address: Tavvolo, Inc., [Address to be determined]
* * *
By using Tavvolo, you acknowledge that you have read and understood this Privacy Policy.