Furnished Escape

Privacy policy

Last updated: June 10, 2026

What we collect

Identity: name, email, phone number, and — on your first booking — a government-issued ID image handled by Stripe Identity and retained under Stripe's own data retention policy, never by us.

Booking data: dates, property, travel party, and the messages you send hosts and support. Payment data is handled by Stripe; we receive only a token and the last four digits of the card used.

Device data: browser, IP address, and approximate city-level location derived from IP, used for fraud prevention and to pre-fill the search destination.

How we use it

To operate the platform — matching you to relevant stays, processing payments, preventing fraud, communicating about your booking, and improving the product. We do not sell your personal data and we never share your contact info with hosts before a booking is confirmed.

Who sees your data

Hosts see the minimum necessary to host you: first name, booking dates, party size, and messages you send them. Payment details and ID data are never shared with hosts.

Service providers process data on our behalf under written contracts:

  • Stripe (payments + identity verification + payouts to hosts)
  • Clerk (account and session management)
  • Resend (transactional email delivery)
  • Postgres on our own infrastructure (primary data store)

Law enforcement: we respond to valid legal process and will notify you unless a court order or ongoing investigation prevents notification.

SMS / text messages

If you opt in to text messages on the booking form, we will send transactional and customer-support SMS about your stay (confirmations, check-in instructions, host replies). Message frequency varies. Msg & data rates may apply. Reply STOP to opt out, HELP for help. Full details on our SMS Terms page.

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. All other categories of data described in this policy exclude text-messaging originator opt-in data and consent; this information will not be shared with any third parties.

Your rights

You can access, correct, or delete your account and data at any time. Residents of California (CCPA/CPRA), Virginia, Colorado, Connecticut, Utah, and the EU/UK (GDPR) have additional rights — including the right to opt out of sale (which we don't engage in), request a portable data export, and request deletion.

Email privacy@furnishedescape.com with your request. We respond within 30 days.

Retention

Booking records: retained for 7 years for tax, chargeback, and compliance purposes. Marketing data: retained while your account is active, then 30 days after deletion. Support transcripts: retained for 2 years. Identity verification: retained by Stripe per their policy, typically 30 days after verification.

Security

Transport-layer encryption (TLS) is enforced on every page. Passwords are handled by Clerk, which stores them using industry-standard one-way hashing. Database backups are encrypted at rest. We'll notify affected users of any security incident that materially compromises personal data within 72 hours of discovery.

Cookies

We use first-party cookies to keep you signed in and to remember search preferences. We do not use third-party advertising cookies or cross-site trackers.

Changes

Material changes will be emailed to every active user at least 14 days before they take effect. Continued use after that constitutes acceptance.