Privacy Policy

This Privacy Policy describes how RentTools ("the Service", "we", "our"), operated by Ilya Asminkin as an independent maintainer, collects, uses, stores, and protects information when you use the hosted instance at https://renttools.io. By using the Service you agree to the practices described below. If you self-host the open-source code on your own infrastructure, you act as the data controller for that instance and this policy does not apply to you.

1. Who we are

The Service is operated by Ilya Asminkin as a free, non-commercial side project. There is no parent company. The contact address for any privacy question, data request, or complaint is:

[email protected]

Under the EU General Data Protection Regulation (GDPR) and the UK GDPR, Ilya Asminkin is the data controller for the personal data described in section 2(a)–(c) below. For guest passport data you upload (section 2(d)), you are the controller and we act as your processor.

2. What data we collect

We collect only the minimum necessary to operate the Service.

(a) Account data

Username and password (stored as a bcrypt hash; the plain-text password is never written to disk or logs). Account creation timestamp, last login timestamp, role (owner / cleaner / admin), and — if you choose to provide one — an optional support email address. We do not require an email at signup.

(b) Service data you create

Properties, reservations, calendar links, message templates, cleaning records, and any notes or tags you add. iCal feed URLs you connect to external platforms (Airbnb, Booking.com) and the events those feeds return.

(c) Operational data

Server-side request logs containing path, HTTP status, response time, IP address, and authenticated user ID. Application error reports captured by Sentry (see section 4). Calendar sync logs per property. Audit logs of create/update/delete actions on your own resources. Operational data is retained for up to 30 days to debug incidents and detect abuse.

(d) Guest passport data (you upload)

When you upload a passport photo for OCR, the image is transmitted to Google Gemini for one-time field extraction (full name, date of birth, document number, country, document type, expiry date). The extracted fields are attached to the relevant reservation in your account. The original photo is not retained on our servers after extraction completes.

3. How we use your data and the legal basis

• Performance of contract (Art. 6(1)(b) GDPR): authenticating you, storing your properties and bookings, syncing calendars, generating cleaning schedules, rendering message templates, exporting your data on request.
• Legitimate interests (Art. 6(1)(f) GDPR): keeping the Service secure, debugging errors, protecting against abuse and rate-limit violations, and operating infrastructure (logs, backups, monitoring). Where we rely on legitimate interests we balance them against your rights and ask only what we need.
• Legal obligation (Art. 6(1)(c) GDPR): retaining data as required to respond to lawful requests from authorities.
• For guest passports you upload: we are your processor and act on your documented instructions only. You are responsible for having an appropriate lawful basis (your local hospitality registration law, consent, etc.).

We do not use your data for advertising, profiling, automated decisions with legal effect, or training third-party machine-learning models.

4. Sub-processors and third parties

We use a small set of infrastructure providers to run the Service:

• DigitalOcean, LLC — hosts the application server and the SQLite database (EU region). Acts as a hosting sub-processor. Privacy policy.
• Cloudflare, Inc. — DNS, CDN, and TLS proxy. Sees IP addresses and request metadata but does not see decrypted application content beyond what is needed to forward traffic. Privacy policy.
• Google LLC (Gemini API) — processes uploaded passport images for one-time OCR. Subject to Google's Gemini API terms and Google's privacy policy.
• Functional Software, Inc. (Sentry) — receives application error reports including stack traces, the requesting IP, and the authenticated user ID for debugging. Personally identifiable request bodies are scrubbed. Privacy policy.
• Better Stack s.r.o. (BetterStack) — external uptime monitoring; pings the public health endpoint only. Does not see user data. Privacy policy.
• Airbnb & Booking.com — third parties whose iCal export URLs you choose to provide. We only pull data from the URLs you give us; we do not push anything back to them.

We do not sell, rent, or transfer personal data to any other party. We disclose data to authorities only when compelled by valid legal process.

5. International data transfers

The application server is in the European Union. Sentry, Google Gemini, Cloudflare, and DigitalOcean's control plane involve data transfers to the United States. Where personal data is transferred outside the EEA / UK, we rely on the European Commission's Standard Contractual Clauses and the Data Privacy Framework adequacy decisions (where applicable) as the transfer mechanism, and on the providers' contractual commitments to equivalent protection.

6. Where data lives and how long we keep it

• Account, service, and audit data: kept for as long as your account is active, then deleted within 7 days of account-deletion request.
• Encrypted SQLite backups: 14 daily, 8 weekly, 6 monthly snapshots, then purged. Backups containing data of a deleted account age out of all tiers within ~6 months of deletion.
• Operational logs (request, sync, error): up to 30 days.
• Sentry error events: 90 days (Sentry's default for free tier).
• Uploaded passport images: not retained — discarded immediately after Gemini extraction.

7. Cookies

We set exactly one cookie: a HTTP-only, Secure, SameSite=Lax session cookie holding a 7-day JWT, used solely for authentication. We do not use third-party analytics, advertising, social-media, or tracking cookies. We do not need a cookie banner because we do not place non-essential cookies.

8. Your rights

Under GDPR (and similar laws in the UK, California, Brazil, etc.) you have the right to:

• Access the personal data we hold about you. Use Profile → Export my data for a JSON dump of your full account.
• Rectify inaccurate data — every field is editable in-app.
• Eraseyour data ("right to be forgotten") — Profile → Danger zone → Delete my account. Removes everything tied to your account immediately, with backup ageing as described above.
• Port your data to another service — the Reports panel exports reservations as CSV, and the full export above is JSON.
• Restrict or object to processing we base on legitimate interests. Email [email protected] with the subject "GDPR request" and we will respond within 30 days.
• Withdraw consent where consent is the legal basis (e.g. when you have asked us to email you about service changes — currently we don't).
• Lodge a complaint with your national data-protection authority. EU users can find their local authority at edpb.europa.eu.

9. Security

We protect your data with TLS 1.2+ in transit (Let's Encrypt certificates, Cloudflare Full-Strict mode end-to-end), bcrypt password hashing at rest, JWT-based session authentication with HTTP-only cookies, IP-based rate limiting on auth endpoints, automated daily backups, firewalled host access (ufw), brute-force protection (fail2ban), and automatic security updates (unattended-upgrades). No system is 100% secure; we will notify affected users without undue delay if we discover a breach that puts your data at risk.

10. Guest passport data — your responsibility

When you upload guest passports to RentTools you remain the data controller under GDPR for that information. You must have your own lawful basis to collect and retain it (typically a hospitality registration obligation under your local law, sometimes consent), inform your guests, and respect their rights to access, rectify, and erase the data you hold about them. We act on your instructions only and will assist you in fulfilling guest data requests.

11. Children

The Service is intended for property owners and is not directed at children. We do not knowingly collect personal data from anyone under 16. Don't create an account on behalf of a minor. If you believe we have data about a minor, contact us at [email protected] and we will delete it.

12. Automated decision-making

We do not make decisions about you with legal or similarly significant effect using automated processing. Rate limits and the optional account- suspension kill switch are operated manually by the maintainer.

13. Changes to this policy

We may update this Policy when the Service changes or when laws change. Material updates will be flagged inside the app and dated at the top of this page. Continued use after changes go live means you accept the updated Policy. Past versions are available in the public Git history of the open-source repository.

14. Contact

For any privacy question, data request, or complaint:

[email protected]

You can also file a public issue at github.com/Gribadan/RentTools.io/issues — but please use email for anything that contains personal data.