Stay Verify

Privacy Policy for Stay Verify

Last Updated: 17/09/2025

This Privacy Policy describes how MYKA STAYS ("Stay Verify", "we", "us", or "our") collects, uses, processes, and discloses your information in relation to your access to and use of the Stay Verify services. This policy is drafted in compliance with applicable data protection regulations, including the EU General Data Protection Regulation (GDPR) and India's Digital Personal Data Protection Act, 2023 (DPDPA).

1. Data Fiduciary & Contact Information

For the purpose of this policy, the Data Fiduciary (equivalent to a "Data Controller" under GDPR) responsible for your personal information is:

MYKA STAYS
SHOP NO 6, Second Floor, Karma Point,
Vasco da Gama, Goa 403802, India

If you have any questions about this Privacy Policy or our information handling practices, you can contact us at:

  • Email: sales@stayverify.com
  • Mobile: +91 8793869171

2. Information We Collect

We collect different types of information depending on your role (Property Owner or Guest).

2.1 For Property Owners (Our Clients)

As a Property Owner using our Service, we collect information necessary to provide you with our services. We act as the Data Fiduciary for this information.

  • Identity & Account Data: Name, email address, phone number, and account credentials.
  • Property Data: Property name, address, contact details, and brand logo.
  • Transaction Data: Subscription plan details and payment information. Please note, we use Razorpay as our payment processor, and we do not store your full credit card or bank account details.
  • Technical Data: IP address, browser type, and usage information on our platform.

2.2 For Guests of Property Owners

When a Property Owner uses our service to verify their guests, we process guest information on behalf of the Property Owner. In this context, the **Property Owner is the Data Fiduciary**, and **Stay Verify acts as the Data Processor**.

  • Identification Data: Government-issued identification documents (e.g., Passport, Aadhar, Driving License) uploaded by the guest.
  • Extracted Data: Information extracted from the ID documents, such as name, date of birth, and ID number, for verification purposes.

3. Purpose and Legal Basis for Processing Data

We use your data for specific, explicit, and lawful purposes.

  • To Provide the Service (Performance of Contract): We process Property Owner data to create accounts, manage subscriptions, and provide access to our dashboard. We process Guest data on behalf of the Property Owner to fulfill their need for identity verification.
  • For Legitimate Interests: To improve our service, provide customer support, and for security monitoring to prevent fraud.
  • To Comply with Legal Obligations: To meet legal requirements and respond to lawful requests from authorities.
  • With Your Consent: We rely on the Property Owner to obtain the lawful consent from their Guests for the collection and processing of their ID documents for verification purposes.

4. Data Retention and Deletion

We retain data only for as long as necessary.

  • Property Owner Data: We retain your account information as long as you have an active subscription and for a reasonable period thereafter to comply with our legal and financial obligations.
  • Guest Data: All guest identification documents and any data extracted from them are **automatically and permanently deleted from our systems 60 days after the guest's specified check-out date**. This is a critical security and compliance feature of our service.

5. Your Rights as a Data Subject

Under GDPR and DPDPA, you have certain rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to correct any inaccurate or incomplete information.
  • Right to Erasure ('Right to be Forgotten'): You can request the deletion of your personal data, subject to our legal and contractual obligations.
  • Right to Restrict Processing: You can request that we limit the processing of your data under certain conditions.
  • Right to Data Portability: You can request to receive your data in a structured, commonly used, and machine-readable format.
  • Right to Grievance Redressal: You have the right to have any grievances addressed.

To exercise these rights, please contact us using the details in Section 1. If you are a Guest, please direct your request to the Property Owner (the Data Fiduciary) first.

6. Data Security

We implement robust technical and organizational measures to protect your data, including encryption, access controls, and secure storage on Firebase (Google Cloud) infrastructure. However, no method of transmission over the Internet is 100% secure.

7. Third-Party Service Providers (Data Processors)

We use trusted third-party service providers to help us deliver our services:

  • Google Cloud / Firebase: For application hosting, database, storage, and authentication.
  • Razorpay: For secure payment processing for subscriptions.

These providers are bound by their own privacy and security obligations.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page and, where appropriate, through email. We encourage you to review this policy periodically.