Voyera

Privacy Policy

How Voyera collects, uses, and protects your personal data.

Last updated: March 2026

Voyera respects your privacy. This policy explains what personal data we collect, why we collect it, how we use it, and the rights you have.

Data Controller

Voyera Holdings OÜ is the data controller responsible for personal data collected through this platform. Contact: bookings@voyera.com

1. Data We Collect

  • Account & booking information: Name, email address, phone number, postal address, nationality, and passport or ID details where required by the property.
  • Payment information:Card details are collected and processed securely by Stripe. Voyera does not store your full card number — only a tokenised reference and the last four digits for your records.
  • Usage data: Pages visited, search queries, booking interactions, device type, browser type, and IP address for analytics and service improvement.
  • Communications: Messages sent through our contact form or email correspondence with our team.
  • Consent choices: Your operational and optional marketing preferences.

2. How We Use Your Data

  • Process and manage your bookings, including communicating reservation details to property providers.
  • Process payments via Stripe and send transaction confirmations, invoices, and payment reminders.
  • Provide customer support and respond to your enquiries.
  • Send transactional emails (booking confirmations, balance payment reminders, cancellation notices).
  • Improve our platform, analyse usage patterns, and develop new features.
  • Comply with legal obligations, including tax reporting and anti-fraud measures.
  • Send occasional updates about Voyera stays and new offerings to opted-in subscribers. You can unsubscribe at any time via email links or by contacting us directly.

3. Legal Basis (GDPR)

  • Consent (Article 6(1)(a))— for booking registration and optional marketing communications.
  • Contract (Article 6(1)(b))— for processing necessary to fulfil your booking.
  • Legitimate interest (Article 6(1)(f)) — for platform security and operational integrity.
  • Legal obligation (Article 6(1)(c))— for tax reporting and compliance.

4. Stripe Payment Processing

All payments are processed through Stripe, Inc. When you provide your card details during the booking process, this information is transmitted directly to Stripe's secure servers and is subject to Stripe's Privacy Policy (stripe.com/privacy). Voyera stores only a tokenised payment method reference and basic transaction records (amount, currency, status) for booking management and reconciliation purposes.

5. Data Sharing

We share your personal data only with the following parties and only to the extent necessary:

  • Property providers: Your name, contact details, and booking information are shared with the property where you have made a reservation.
  • Stripe: Payment card details for processing transactions.
  • Resend: Your email address for sending transactional emails.
  • Legal authorities: When required by law or to protect our legal rights.

We do not sell your personal data to third parties or use it for advertising purposes.

6. International Transfers

Voyera Holdings OÜ is established in Estonia within the European Economic Area. Where data is processed outside the EEA by our service providers, appropriate safeguards are in place as required by GDPR.

7. Data Retention

We retain your personal data for as long as necessary to provide our services and fulfil the purposes outlined in this policy. Booking records and associated payment data are retained for a minimum of 7 years for tax and legal compliance. Usage data and analytics are retained in anonymised form. Marketing data is retained until consent is withdrawn. You may request deletion of your account data at any time, subject to our legal retention obligations.

8. Security

We use reasonable technical and organisational safeguards to protect your personal data against unauthorised access, loss, or misuse.

9. Children

Our platform is intended for adults. If you believe a child has submitted personal data directly, please contact us at bookings@voyera.com for deletion.

10. Your Rights Under GDPR

You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data (subject to legal retention requirements).
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to processing of your data for specific purposes.
  • Restriction: Request restriction of processing in certain circumstances.
  • Withdraw consent: For any processing based on consent, at any time.

11. Contact

To exercise any of your data rights, or if you have questions about how we handle your personal data, please contact us at bookings@voyera.com. We will respond within 30 days as required by GDPR. If you are not satisfied with our response, you have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).

12. Changes to This Policy

Updates may occur periodically. The latest version is always available at voyera.com/privacy.