1. Subject

This agreement defines the relationship regarding the processing of personal data between Stayvio (processor) and the client (controller) in connection with the use of the platform.

2. Types of Data

• Guest names and contact information

• Reservation data

• Financial records

• Staff user accounts

3. Processor Obligations

• Processing data only according to the controller’s instructions

• Ensuring confidentiality of personnel with access to data

• Implementing appropriate technical and organizational security measures

4. Subprocessors

Stayvio may use infrastructure providers (such as hosting or cloud services) as subprocessors for data processing solely for the purpose of providing the service.

5. Data Subject Rights

Stayvio assists the controller in fulfilling its obligations regarding data subject rights where applicable.

6. Security Breaches

In the event of a personal data security breach, Stayvio will notify the controller without undue delay after becoming aware of the breach.

7. Termination of Processing

Upon termination of the service, personal data may be returned to the controller or deleted, unless applicable legislation requires longer retention.