Privacy Policy

Last updated: May 24, 2026

1. Who We Are

AiraStay operates an online accommodation marketplace connecting guests, property owners, hosts, and property managers. This Privacy Policy explains how we collect, use, disclose, retain, and protect personal data when you use our website, accounts, bookings, payments, verification, messaging, support, and related services.

2. Data We Collect

  • Account data, including name, email address, phone number, password credentials, account type, profile image, and communication preferences.
  • Identity and trust data, including NIN verification submissions, verification images, consent records, verification status, fraud-prevention signals, and compliance records.
  • Booking and property data, including listings, property addresses, property images, booking dates, guest counts, cancellations, reviews, host responses, and support communications.
  • Payment and payout data processed through payment providers, including transaction references, payment status, refund information, and payout records.
  • Technical and usage data, including IP address, browser information, device data, approximate location, cookies, analytics events, logs, and security records.
  • Google account data when you use Google sign-in, including your verified email address, name, and basic profile information returned by Google.

3. Why We Process Data

  • To create accounts, authenticate users, provide customer support, and operate the platform.
  • To publish listings, process bookings, support host and guest communications, and manage cancellations, refunds, reviews, and disputes.
  • To verify identity, reduce fraud, enforce platform rules, protect users, and investigate suspected illegal or harmful activity.
  • To process payments, payouts, taxes, accounting records, chargebacks, and compliance obligations.
  • To improve performance, security, accessibility, analytics, and user experience.
  • To comply with applicable law, lawful government requests, court orders, and regulatory obligations.

4. Legal Bases

We process personal data where necessary to perform our contract with you, comply with legal obligations, pursue legitimate interests such as fraud prevention and platform safety, protect vital interests, establish or defend legal claims, and where required, based on your consent. You may withdraw consent where processing depends on consent, but withdrawal may affect access to services that require that data.

5. Sharing Data

We do not sell personal data. We may share data with:

  • Hosts, guests, and property managers where necessary for booking, check-in, communication, safety, and dispute resolution.
  • Payment processors, cloud hosting providers, email providers, analytics providers, verification providers, and security vendors that support our service.
  • Professional advisers, insurers, auditors, and potential business transfer parties under appropriate confidentiality protections.
  • Law enforcement, regulators, courts, emergency responders, or affected users where required by law or reasonably necessary to prevent fraud, abuse, harm, or illegal activity.

6. Identity Verification and Sensitive Data

Hosts may be required to complete identity verification before listing properties. Where NIN verification is used, we process it for identity, safety, fraud prevention, and regulatory compliance. The platform is designed to avoid storing raw NIN where possible and to store limited verification evidence needed for review, audit, and legal compliance.

7. Cookies and Analytics

We use cookies and similar technologies for login sessions, security, preferences, analytics, performance measurement, and fraud prevention. You can control cookies through your browser, but some features may not work without essential cookies.

8. Retention

We keep personal data only as long as needed for the purposes described in this policy, including account operation, booking history, fraud prevention, tax, accounting, legal claims, dispute handling, and regulatory compliance. We may retain limited records after account closure where required by law or necessary for legitimate safety, anti-fraud, or legal purposes.

9. Your Rights

Subject to applicable law, you may request access, correction, deletion, portability, restriction, objection to processing, withdrawal of consent, and review of certain automated decisions. We may need to verify your identity before acting on a request and may retain information where legally permitted or required.

To exercise rights, contact us at privacy@airastay.com.

10. Security

We use administrative, technical, and organizational safeguards designed to protect personal data. No online service is completely secure, so users must also protect their login credentials and notify us promptly of suspected unauthorized access.

11. International Transfers

Some service providers may process data outside your country. Where this occurs, we use lawful transfer mechanisms and safeguards appropriate to the nature of the data and applicable data protection law.

12. Children

AiraStay is not intended for users under 18. We do not knowingly collect personal data from children. If we learn that a child has created an account, we may delete the account and related data, subject to legal retention requirements.

13. Changes

We may update this Privacy Policy as the platform, law, or our practices change. The updated version will be posted on this page with a new effective date. Continued use of the service after an update means the updated policy applies.

14. Contact

  • Email: privacy@airastay.com
  • Support: support@airastay.com
  • Location: Lagos, Nigeria

Terms of Service

Read platform rules and user responsibilities

Support Center

Contact support or report a concern