STAYZONE
UK GDPR Compliant Client Standards ICO Registered Data Controller Encrypted Direct Booking Infrastructure
Regulatory Compliance Documentation

Stayzone Privacy Policy

Effective Date: July 5, 2026. This policy outlines how Stayzone Ltd handles client identities, financial escrow protections, and biometric security codes.

1. Introduction

Welcome to Stayzone. We are fully committed to protecting your privacy and protecting your personal data in accordance with the United Kingdom General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This privacy policy describes our standard methods regarding the collection, processing, usage, transmission, and retention of personal particulars supplied when reserving any high-end UK holiday letting listed inside our boutique portfolio.

2. Who We Are & Data Controller

For the purpose of UK Data Protection Legislation, the data controller is Stayzone (referred to as "Stayzone", "we", "us", or "our"), registered at 48 Bruton Place, Mayfair, London, W1J 6NP. Our registered UK Company Number is 08442152.

Stayzone operates as a registered Data Controller under the supervision of the Information Commissioner's Office (ICO). Our statutory ICO Registration Reference is ZB8442152.

3. Information We Collect

To successfully coordinate your luxury short-term accommodations, we gather several categories of personal particulars:

Identity & Contact Data

First name, last name, secure email address, direct contact phone number, and official billing address verified during the reservation process.

Financial Transaction Ledger

PCI-compliant encrypted credit/debit card particulars, checkout payment breakdown values, and direct bank settlement records held inside client escrow accounts.

Stay & Operational Data

Dates of arrival/departure, occupancy numbers, verified identity checks under STAA safety codes, and digital key lockbox audit records.

Technical Analytics Data

IP address coordinates, operational browser variations, device configurations, cookies preference data, and navigation routes on the Stayzone domain.

4. Processing Purposes & Legal Basis

Under UK GDPR, we process your personal data using the following legitimate, lawful bases:

  • Contractual Performance: To process, confirm, and administer your holiday letting reservation and dispatch security key instructions.
  • Vetting & Public Safety Compliance: To verify guest identities against national safety registers and conform with the UK Short Term Accommodation Association (STAA) code of practice.
  • Financial Protection Legitimate Interests: To process deposit capital securely within segregated, legal client trust accounts until successful check-in.
  • Consent: For opt-in marketing newsletters displaying newly acquired properties or estate news. This consent can be withdrawn at any time.

5. Client Escrow Safeguards & Financial Protection

Escrow Processing Standards

Under our premium client protection framework, Stayzone segregates all booking deposit values inside independent client trust bank accounts. Your payment metadata is heavily guarded using PCI-DSS Level 1 specifications and processed via SCA (Strong Customer Authentication) compliance. No card details are ever stored as plain text on our local web systems.

6. Sharing & Data Retention

We do not sell or trade guest particulars with external third-party agencies for direct advertising. Your data is strictly shared with vetted service partners to facilitate your holiday stay:

  • Licensed Estate Owners: The minimum required identification necessary for check-in safety and local security regulations.
  • Compliance Auditors: Housekeeping, maintenance, and linen auditing professionals enforcing the STAA hygiene standard prior to check-in.
  • Financial Settlement Partners: Stripe payment gateways verifying details under PSD2 SCA directives.

We retain your contact and stay ledger details for a maximum of 6 years following your reservation, complying with UK tax accounting laws and liability limitation schedules.

7. Your Statutory Rights (UK GDPR)

As an individual based in the United Kingdom, you possess absolute statutory rights regarding your personal parameters:

Right of Access (SAR)

Request a complete, structured copy of any information we hold on you at any stage.

Right to Rectification

Require us to correct any inaccurate, incomplete, or out-of-date personal parameters.

Right to Erasure ("Right to be Forgotten")

Request the deletion of your records where there is no longer a legal requirement for us to hold them.

Right to Object & Restrict

Halt processing for direct marketing or restrict processing during validation disputes.

8. Inquiries & ICO Escalation

To exercise any statutory rights, submit a formal Data Subject Access Request, or address any inquiries regarding our processing procedures, contact our designated Data Protection Officer:

Data Protection Officer | Stayzone

Address: 48 Bruton Place, Mayfair, London, W1J 6NP

Secure Contact: privacy@Stayzone.co.uk

If you are dissatisfied with our response, you retain the statutory right to file a formal complaint with the UK data watchdog, the Information Commissioner's Office (ICO):

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Helpline Tel: 0303 123 1113 | Website: https://ico.org.uk