

Data Protection
Privacy Policy
1. Responsible
HomeyHomes GmbH i. G.
Helmsberg 37
32584 Löhne
Germany
Email: hello@homeyhomes.de
Managing Director: Marc Schönpflug
2. Categories of Data Processed
We process the following categories of data in particular:
-
Master and contact data (name, address, phone number, email)
-
Booking data (travel dates, number of guests, prices)
-
Stay and guest information
-
Payment and billing data
-
Communication data (email, chat, phone, WhatsApp)
-
System, log, and device data
-
Smart lock and access data (Nuki)
-
Cleaning and inspection data, incl. photos/videos
-
Website, cookie, and usage data
-
Data from automations (n8n, AI-based systems)
3. Data Sources
-
Direct entries via website, forms, email, telephone
-
Booking platforms: Airbnb, Booking.com, Expedia Group, FeWo-direkt, HRS Holidays
-
Property management system: Smoobu
-
Pricing system: PriceLabs
-
Digital access systems: Nuki
-
Payment services: Stripe, PayPal
-
Banking / accounting: Qonto, Lexoffice
-
Communication: Gmail, WhatsApp Business, SIPGate
-
Cleaning & inspection: TURNO
-
Automations / workflow systems: n8n + AI agents
4. Purposes of Processing
-
Execution and management of bookings
-
Provision and management of apartments
-
Access control, security, smart lock operations
-
Cleaning, damage documentation, evidence preservation
-
Customer service, communication, guest support
-
Payment processing and invoicing
-
Fulfillment of statutory retention requirements
-
Operation, security, and optimization of the website
-
Internal process automation
Legal bases: Art. 6(1)(a), (b), (c), and (f) GDPR.
5. Website & Hosting
When visiting the website, technical data are automatically processed (IP address, browser type, time, referrer).
Processing is carried out for security and operational purposes.
Legal basis: Art. 6(1)(f) GDPR.
6. Cookies & Consent Management
We use:
-
essential cookies (technically necessary)
-
functional cookies
-
statistical cookies (e.g., anonymized website analytics)
-
marketing cookies (only with consent)
Consent is obtained via a consent banner (TTDSG).
Withdrawal of consent is possible at any time.
7. Contact Forms & Communication
When contacting us, we process the data you provide (name, email, message, optionally phone number).
Storage duration: 6–12 months.
8. Booking System (Smoobu)
Smoobu processes, among other things:
-
booking data
-
stay data
-
guest communication
-
apartment assignments
Legal basis: Art. 6(1)(b) GDPR (performance of a contract).
9. Payment Service Providers (Stripe, PayPal)
The privacy notices of the respective payment providers apply.
Legal bases: contract performance and legal obligations.
10. Banking & Accounting (Qonto, Lexoffice)
Processing of payment, invoice, and accounting data.
Retention according to § 147 AO: 10 years.
11. Digital Access Systems (Nuki)
Processed data:
-
access codes
-
timestamps
-
access events
Purpose: security, access control, documentation.
12. Communication (Gmail, WhatsApp Business, SIPGate)
Processing of messages, metadata, and communication histories for request handling and documentation.
13. Automations & AI Agents (n8n)
Automated processing of:
-
messages
-
system data
-
booking and stay data
-
categories and actions for process optimization
No profiling for advertising purposes.
14. Cleaning & Inspection (TURNO)
Processed data:
-
photos/videos of apartment condition
-
checklists and work records
-
damage reports
-
time logs of cleaning staff
Purposes: documentation, quality assurance, damage assessment.
Legal bases: Art. 6(1)(b), (f) GDPR.
15. External Service Providers
Cleaning companies, maintenance services, key management and technical service providers receive only the data necessary for their tasks.
16. Guest Wi-Fi
Processed data: IP address, MAC address, timestamps, connection duration.
No content analysis.
Storage duration: 7–30 days.
17. Data Processing Agreements
Data processing agreements pursuant to Art. 28 GDPR exist with all key service providers
(e.g., Smoobu, TURNO, Nuki, PriceLabs, hosting providers, payment services).
18. Storage Periods
-
Booking & billing data: 10 years
-
Communication (email, chat): 6–12 months
-
Smart lock data: 6 months
-
Cleaning documentation: 3–12 months
-
System/log data: 7–30 days
19. Rights of Data Subjects (GDPR)
You have the right to:
-
Access (Art. 15)
-
Rectification (Art. 16)
-
Erasure (Art. 17)
-
Restriction of processing (Art. 18)
-
Data portability (Art. 20)
-
Object (Art. 21)
-
Withdraw consent at any time
Requests to: hello@homeyhomes.de
20. Right to Lodge a Complaint
Supervisory authority:
State Commissioner for Data Protection and Freedom of Information NRW (LDI NRW)
www.ldi.nrw.de
For further information, please refer to our Terms and Conditions or visit our homepage.