Journal #0 January 19, 2026

Privacy Policy

Privacy Policy of the StaycationGo platform.

Updated January 27, 2026

Privacy Policy

Last Updated: January 27, 2026

Welcome to the StaycationGo Privacy Policy.

Jeanna One Inc. (trading as "StaycationGo", "we", "us", or "our") respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) or use our platform, and tell you about your privacy rights and how the law protects you.

1. Important Information and Who We Are

1.1. Purpose of this Privacy Policy

This privacy policy aims to give you information on how StaycationGo collects and processes your personal data through your use of this website, including any data you may provide through this website when you create an account, make a booking, subscribe to our newsletter, or use our services.

This website is not intended for children and we do not knowingly collect data relating to children.

It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them.

1.2. Controller

Jeanna One Inc. is the data controller and is responsible for your personal data collected through the StaycationGo platform.

We have appointed a Data Privacy Manager who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the Data Privacy Manager using the details set out below.

1.3. Contact Details

If you have any questions about this privacy policy or our privacy practices, please contact our Data Privacy Manager in the following ways:

  • Full name of legal entity: Jeanna One Inc. d/b/a StaycationGo
  • Email address: privacy@staycationgo.com
  • Postal address: 12 San Miguel, Rolling Hills Estates, USA - 90274

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk), or the relevant data protection authority in your country or state of residence (including the Data Protection Commission in Ireland or the Attorney General in California). We would, however, appreciate the chance to deal with your concerns before you approach your local authority, so please contact us in the first instance.

1.4. Changes to the Privacy Policy

We keep our privacy policy under regular review. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

  • Minor Changes: If we make minor changes (such as correcting typographical errors or clarifying existing practices), we will post the revised policy on this page and update the "Last Updated" date at the top.
  • Material Changes: If we make material changes to how we collect, use, or disclose your personal data, we will provide you with more prominent notice. This may include sending an email to the address associated with your account or displaying a pop-up notice the next time you visit our website.

Your continued use of the StaycationGo platform after any changes constitute your acceptance of the new privacy policy. If you do not agree to the changes, you should stop using our platform and contact us to delete your account.

2. How Is Your Personal Data Collected?

We use different methods to collect data from and about you including through:

  • Direct interactions. You may give us your Identity, Contact, and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
  1. Create an account on our website (One-Account Policy applies);
  2. Book accommodation or list a property;
  3. Subscribe to our service or publications;
  4. Request marketing to be sent to you;
  5. Enter a competition, promotion, or survey; or
  6. Give us feedback or contact us.
  • Automated technologies or interactions. As you interact with our website and emails, we will automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, web beacons (tracking pixels), and other similar technologies.
  • Third parties or publicly available sources. We may receive personal data about you from various third parties as set out below:
  1. Technical Data from analytics providers (such as Google Analytics)
  2. Identity and Contact Data from social login providers (such as Google or Apple) if you choose to log in via these services.
  3. Identity and Contact Data from data brokers or aggregators for identity verification purposes.

3. How We Use Your Personal Data

3.1. Legal Basis for Processing

We generally rely on the following legal bases to process your data:

  • Performance of Contract: Where we need to perform the contract we are about to enter into or have entered into with you (e.g., facilitating your booking, processing payments).
  • Legitimate Interest: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. This includes using your data to improve our services, for marketing existing customers (soft opt-in), and for newsletter retargeting systems.
  • Legal Obligation: Where we need to comply with a legal obligation.

3.2. Purposes for which we will use your personal data

We have set out below a description of all the ways we plan to use your personal data.

  • To register you as a new customer: Uses Identity, Contact. (Performance of Contract)
  • To process and deliver your booking: Uses Identity, Contact, Financial, Transaction, Marketing and Communications. (Performance of Contract; Necessary for our legitimate interests to recover debts due to us)
  • To verify your identity: Uses Identity, Contact. (Performance of Contract; Necessary for our legitimate interests to prevent fraud and ensure security for Hosts and Guests)
  • To manage our relationship with you: Uses Identity, Contact, Profile, Marketing and Communications. (Performance of Contract; Necessary to comply with a legal obligation; Necessary for our legitimate interests to keep our records updated)
  • To enable you to partake in a prize draw, competition or complete a survey: Uses Identity, Contact, Profile, Usage, Marketing and Communications. (Performance of Contract; Necessary for our legitimate interests to study how customers use our products/services)
  • To administer and protect our business and this website: Uses Identity, Contact, Technical. (Necessary for our legitimate interests for running our business, provision of administration and IT services, network security, to prevent fraud)
  • To deliver relevant website content and advertisements to you: Uses Identity, Contact, Profile, Usage, Marketing and Communications, Technical. (Necessary for our legitimate interests to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
  • To use data analytics to improve our website, products/services, marketing, customer relationships and experiences: Uses Technical, Usage. (Necessary for our legitimate interests to define types of customers for our products and services, to keep our website updated and relevant)
  • To manage and resolve legal disputes, regulatory investigations, and chargeback defense: Uses Identity, Contact, Transaction, Financial, Profile. (Necessary for our legitimate interests to defend our legal rights and those of our Hosts, and to prevent misuse of the platform)
  • To measure email engagement and improve communication: Uses Usage (Opens/Clicks). (Necessary for our legitimate interests to understand user engagement. We use tracking pixels to see if you open our emails or click links. You can stop this tracking by unsubscribing from our emails.)

3.3. Marketing

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.

3.3.1. Promotional offers from us (Soft Opt-in). We may use your Identity, Contact, Technical, Usage, and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services, and offers may be relevant for you. You will receive marketing communications from us if you have purchased services from us and have not opted out of receiving that marketing, even if you have not specifically subscribed to a newsletter.

3.3.2. Third-party marketing. We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.

3.3.3. Opting out. You can ask us or third parties to stop sending you marketing messages at any time by logging into the website and checking or unchecking relevant boxes to adjust your marketing preferences, by following the opt-out links on any marketing message sent to you, or by contacting us. Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a booking or other transaction.

4. Disclosures of Your Personal Data

4.1. Who we share data with

We may share your personal data with the parties set out below for the purposes set out in Section 3 above.

  • Internal Third Parties: Other companies in the StaycationGo Group.
  • External Third Parties:
  1. Service Providers acting as processors who provide IT and system administration services. This includes cloud infrastructure providers and email delivery services.
  2. Payment Processors like third-party payment gateways to process payments. We do not store your complete credit card information on our servers; this data is transmitted directly to the payment processor.
  3. Professional Advisers including lawyers, bankers, auditors, and insurers.
  4. Regulators and other authorities who require reporting of processing activities in certain circumstances.
  5. Hosts: We disclose Guest Names and ID verification status strictly to the Host for security and check-in purposes.
  6. Third parties for ID Verification: To verify the identity of our users and prevent fraud.
  7. Mediation and Dispute Resolution Services: In the event of a dispute, we may share relevant data with third-party mediation services to facilitate a fair resolution.
  8. Business Transfers: Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

4.2. Third-party security

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

5. International transfers

5.1. Global Business

We are a global business, and we prioritize the security of your data.

5.2. Primary Hosting

Our primary customer databases are located within the European Union to ensure optimal data protection under GDPR standards.

5.3. Transfers

We may transfer your personal data outside the UK or the European Economic Area (EEA) to facilitate your booking or for administration. Specifically, our email delivery services may process data in the United States. Whenever we transfer your personal data out of the UK or EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
  • Where we use certain service providers hosted in the US or other non-EEA jurisdictions, we may use specific contracts approved for use in the UK/EU which give personal data the same protection it has in the UK/EU.

6. Data security

6.1. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

6.2. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

7. Data Retention

7.1. How long will you use my personal data for?

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

  • Financial Records: We retain financial records for 7 years to satisfy tax authorities in applicable jurisdictions.
  • Reviews: We retain Guest reviews indefinitely as they constitute a reputation asset for the Host and the platform.
  • Suppression Lists: If you unsubscribe from marketing, we will retain your email address on a "Suppression List" indefinitely. This is a legal requirement to ensure we generally do not contact you again in the future.

8. Your Legal Rights

8.1. Your rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data. You have the right to:

  • Request access to your personal data (commonly known as a "data subject access request").
  • Request correction of the personal data that we hold about you.
  • Request erasure of your personal data. Note that we may not always be able to comply with your request of erasure for specific legal reasons (e.g., tax records) which will be notified to you, if applicable, at the time of your request.
  • Object to processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground.
  • Request restriction of processing of your personal data.
  • Request the transfer of your personal data to you or to a third party (Data Portability).
  • Withdraw consent at any time where we are relying on consent to process your personal data.

8.2. How to exercise your rights

You can exercise many of these rights directly through your account settings (e.g., "Download My Data" or "Delete My Account"). For other requests, please contact us at privacy@staycationgo.com.

9. Jurisdiction-specific provisions

9.1. United States (California Residents - CCPA/CPRA)

If you are a resident of California, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: You may request that we disclose what personal information we collect, use, disclose, and sell.
  • Right to Delete: You have the right to request the deletion of your personal information, subject to certain legal exceptions.
  • Right to Opt-Out of Sale/Sharing: We do not sell your personal data for money. However, we may share data with advertising partners for retargeting, which can be considered a "sale" or "sharing" under California law. You may opt-out of this by clicking the "Do Not Sell My Personal Information" link in our website footer or adjusting your cookie preferences.
  • Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
  • Sensitive Personal Information: We limit the use of your sensitive personal information (like ID documents) to that which is necessary to perform our services (identity verification and fraud prevention).

9.2. United States (Other States)

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), and Utah (UCPA) have similar rights to access, correct, delete, and opt-out of targeted advertising. You may exercise these rights by contacting us at privacy@staycationgo.com.

9.3. European Union (GDPR)

If you are located in the EU or UK, you have the rights outlined in Section 8. While we strive to resolve any concerns you have directly, you also have the right to lodge a complaint with your local Data Protection Authority (DPA).

StaycationGo Journal