1. What we collect

When you use StayBrief, we collect:

Account data: name, email address, password (hashed)
Guidebook data: property information, photos, sections you create
Usage data: pages visited, features used, guidebook views (via Plausible — no cookies, IP anonymised)
Payment data: billing information is handled by Stripe and never stored on our servers
Guest data: if you import bookings, we store guest names, email addresses, and booking dates

2. How we use your data

To operate and improve the StayBrief service
To send transactional emails (welcome, trial expiry, password reset)
To process payments via Stripe
To generate your guidebook content using AI services
We do not sell your data to third parties. Ever.

3. Data storage and security

Your data is stored on Railway (EU/US regions) and is encrypted at rest. We use PostgreSQL with row-level data isolation. Passwords are hashed using bcrypt. All traffic is encrypted via TLS.

4. Cookies

StayBrief uses a single session cookie (staybrief_token) for authentication. We use Plausible Analytics, which is cookieless and GDPR-compliant by design. No advertising cookies or tracking pixels.

5. Your rights (GDPR)

If you're in the EU/EEA, you have the right to access, correct, export, or delete your data at any time. Email [email protected] and we'll respond within 72 hours.

6. Third-party services

Stripe — payment processing (privacy policy)
Railway — infrastructure hosting
Resend — transactional email
Plausible — privacy-first analytics
HuggingFace — AI translation (content only, no PII)

7. Contact

Questions? Email [email protected]

Privacy Policy