Privacy Notice
Effective as of 1 November 2023.
This “Privacy Notice” describes the privacy practices of Safely B.V. (“Safely”, “we”, “us”, or “our”) as data controller in connection with its insurance and related services, the safely.com website, the Safely mobile application, any other website or mobile application that we own or control and which posts or links to this Privacy Notice, guest verification or any other feature and services available in the European Economic Area or United Kingdom, through our websites or mobile application (collectively, the “Service”), and the rights and choices available to individuals with respect to their information. Safely may provide additional or supplemental privacy notices to individuals for specific products or services that we offer at the time we collect personal information such as when conducting background checks. These supplemental privacy notices will govern how we may process the information in the context of the specific product or service.
The terms ‘personal data’ and ‘personal information’ are used interchangeably in this Privacy Notice to refer to any information relating to an identified or identifiable natural person from the perspective of Safely, whether that is our customer, vendor, a representative or contact of our customer, or anyone we are in contact with otherwise, such as an insured, a prospective customer or tenant that undergoes guest verification (hereinafter addressed as “you”).
Table of Contents
- Personal Information We Collect
- Third Parties Involved in the Processing of Personal Information
- Your Choices and Rights
- Other sites, mobile applications and services
- Security practices
- International data transfers
- Children
- Changes to this Privacy Notice
- How to Contact Safely
Personal Information We Collect
Information you provide to us. Personal information we collect on or through the Service or otherwise may include:
- Business and personal contact information, such as your first and last name, email and mailing addresses, phone number, professional title and company name.
- Content you choose to upload to the Service, such as text, images, audio, and video, along with the metadata associated with the files you upload. This also includes information you provide by completing forms on our Service.
- Profile information, such as your username and password that you may set to establish an online account with us, your photograph, interests, and preferences. Registration information, such as information that may be related to a service, an account or an event for which you register.
- Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online.
- Financial information, such as your stated income, economic standing, financial account number or payment card information.
- Demographic Information, such as your birthdate, city, state, country of residence, and postal code.
- Government-issued identification numbers, such as a national identification number (e.g., Social Security Number, tax identification number, passport number), state or local identification number (e.g., driver’s license of state ID number).
- Transaction information, such as information about payments to and from you and other details of products or services you have purchased from us. This may include billing information.
- Usage information, such as information about how you use the Service and interact with us, including information associated with any content you upload to the websites or otherwise submit to us, and information you provide when you use any interactive features of the Service such as characteristics regarding your stays at other locations.
- Marketing information, such as your preferences for receiving communications about our activities, events, and publications, and details about how you engage with our communications.
- Information relating to your job application, which means any information you provide us if you wish to apply for a job directly with us, such as your resume/curriculum vitae, letter, capabilities and any other information in that context.
- Other information that we may collect which is not specifically listed here such as reservation information, home information, insurance claim information and insurance policy information, but which we will use in accordance with this Privacy Notice or as otherwise disclosed at the time of collection.
Information we obtain from third-party platforms. We may maintain pages for Safely on social media platforms, such as Facebook, LinkedIn, Twitter, Google, YouTube, Instagram, and other third party platforms. When you visit or interact with our pages on those platforms, the platform provider’s privacy notice will apply to your interactions and their collection, use and processing of your personal information. You or the platforms may provide us with information through the platform, and we will treat such information in accordance with this Privacy Notice. To the extent that we use third party cookies or similar technologies on our Service which results in the processing of personal information by Safely, this Privacy Notice shall apply. We refer to the “Cookies” section below.
If you choose to login to the Service via a third-party platform or social media network, or otherwise connect your account on the third-party platform or network to your account through the Service, we may collect information from that platform or network. For example, this information may include your username, user ID, profile picture, cover photo, and networks to which you belong. You may also have the opportunity to provide us with additional information via the third-party platform or network, such as a list of your friends or connections and your email address. You can read more about your privacy choices in the “Third party platforms or social media networks” portion of the “Your Choices” section.
Information we obtain from other third parties. We may receive personal information about you from third-party sources other than thr aforementioned platforms. For example, we may receive information from booking sites, homeowners, guests, property managers, identity verification vendors, consumer reporting agencies, data providers, publicly-available sources, marketing partners and insurance companies. This may include, to the extent permitted by law, information such as guest/host identification number, guest/host name, guest/host address, guest/host phone number, guest/host email address, guest/host date of birth, guest/host driver’s license number.
Purposs and Legal bases for processing
We use your personal information only as permitted by law. Under applicable data protection law, we need to rely on a ‘legal basis’ to process personal information. For instance: consent, the performance of a contract (including steps required to meet your request prior to enter into a contract), a legal obligation or our or a third party’s legitimate interests. If you would like to understand how we weigh our legitimate interests against your rights and interests, you may contact us for further information.
Our legal bases for processing the personal information described in this Privacy Notice, and the purposes for which we process that personal information, are described in the table below.
| Processing purpose Details regarding each processing purpose listed below are provided in the section above titled “How we use your personal information”. | Legal basis |
| Make an assessment of the customer that wishes to enter an insurance agreement We use personal information to: · check for relevant prior insurance fraud (through industry databases available in your market) · make the necessary checks required under regulatory law · obtain information we deem necessary to enter an agreement (or act as intermediary in such an agreement) | Performance of contract Legal obligation Legitimate interest |
| Provide services to our customers This will include providing insurance services, the Services, and serving as intermediary for insurance products, which may entail that we share personal information with the respective insurance companies involved. | Performance of contract |
| Provide guest verification services to our customers For the benefit of our customer who acts as a host, we may perform a basic background check on the prospective tenant, using publicly available information, such as an ID verification tool and/or sanctions database, to the extent permitted by law. The customer decides whether and how it weighs the outcome of any such verification in the process of accepting tenants – not Safely. | Legitimate interest of the customer |
| Procurement of products and services We engage with vendors and their personnel, or process personal information that is included in or related to deliveries. | Performance of contract Legitimate Interest |
| To deliver the Service We use personal information to: · establish and maintain user profiles on the Service · facilitate your login to the Service via third-party identity and access management providers, such as Booking.com · understand your needs and interests, and personalize your experience with the Service and our communications · provide support and maintenance for the Service | Performance of contract Legitimate interest |
| Compliance, fraud prevention, and safety We may use personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern the Service; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity. In this context, we may collect, store, and use your facial geometry (biometric data) for purposes of identification and fraud prevention. | Legitimate interest Consent (to the extent required by law) |
| Research and development We analyze use of the Service to improve the Service and to develop new products and services, including by studying user demographics and use of the Service. | Legitimate interest |
| Provide information about our products and services We may send non-commercial information, security updates, administrative messages and service messages or answer your questions and queries. | Legitimate interest |
| To send you marketing and promotional communications We may send you Safely-related marketing communications as permitted by law. You will have the ability to opt-out of our marketing and promotional communications as described in the opt-out of marketing section below. | Legitimate interest Consent (to the extent required by law) |
| To display advertisements We work with advertising partners to display advertisements on the Service or elsewhere online. These advertisements are delivered by our advertising partners and may be targeted based on your use of the Service or your activity elsewhere online. To learn more about your choices in connection with advertisements, please see the section below titled “Targeted online advertising.” | Legitimate interest Consent (to the extent required by law) |
| Corporate transactions/due diligence In the course of a potential merger or takeover, personal information may be provided to a potential buyer or investor. | Legitimate interest |
| Create anonymous, aggregated or de-identified data We may create anonymous, aggregated or de-identified data from your personal information and other individuals whose personal information we collect. We make personal information into anonymous, aggregated or de-identified data by removing information that makes the data personally identifiable to you. We may use this anonymous, aggregated or de-identified data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business. | Legitimate interest |
| Comply with a request for information A regulator or other government authority may instruct us to provide personal information. | Legal obligation |
| Ensuring physical, system and general IT security This may involve the processing of data to ensure the ongoing confidentiality, integrity, availability and resilience of our processing systems and services. We may also give access to third parties that we engage for this purpose. | Legal obligation |
| Process job applications If you apply for a job with us, we process the personal information we received through our website, email or otherwise, including the personal information we obtain during any background screening (where applicable), such as: – from public sources such as Google Search, LinkedIn and any other social media website; – a prior assessment of your capabilities, verifying your identity, or consulting references and, where permitted by local law, the verification of background checks, including criminal records. Unless you have consented to longer storage, your application will generally be deleted 4 weeks after the job application procedure has ended, if we will not enter into an agreement with you. | Legitimate Interest Consent (to the extent required by law) |
Use for new purposes
We may use your personal information for reasons not described in this Privacy Notice where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.
Third Party Personal Information
Users of the Service may have the opportunity to provide a guest or host’s personal information to us. To the extent required by law, the host may only submit such information to us if it has permission to provide the guest or host’s personal information to us.
Sensitive personal Information
We ask that you not provide us with any sensitive personal information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Service, or otherwise to us, unless we specifically ask you for it or where this is required by law.
If you provide us with any sensitive personal information to us when you use the Service, you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Notice. If you do not consent to our processing and use of such sensitive personal information, you must not submit such sensitive personal information through our Service
Third Parties Involved in the Processing of Personal Information
In some cases, Safely shares your personal information with third parties, which may either be independent ‘data controllers’ or ‘data processors’ acting on Safely’s behalf. Below we explain when this is the case, and why.
Affiliates. We may share your personal information with our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Notice, only to the extent strictly necessary.
Service providers. We may share your personal information with third party companies and individuals that provide services on our behalf (as ‘data processors’) or help us operate the Service (such as customer support, payment processing, hosting, analytics, email delivery, marketing, and database management services). These third parties may use your personal information only as directed or authorized by us and in a manner consistent with this Privacy Notice, and are prohibited from using or disclosing your information for any other purpose.
Partners. We may sometimes share your personal information with partners or enable partners to collect information directly via our Service. For example, we may share personal information with insurance companies, travel sites, identity verification vendors, data providers and others, for the purposes as explained herein.
Third-party platforms and social media networks. If you have enabled features or functionality that connect the Service to a third-party platform or social media network (such as by logging in to the Service using your account with the third-party, providing your API key or similar access token for the Service to a third-party, or otherwise linking your account with the Service to a third-party’s services), we may disclose the personal information that you authorized us to share. We do not control the third party’s use of your personal information.
Other Users of the Service and the Public. We may provide functionality that enables you to disclose personal information to other users of the Service or the public. For instance, we may share guest personal information with hosts and host information with guests. Additionally, you may be able to maintain a user profile with information about yourself that you can make available to other users or the public. You may also be able to submit content to the Service (such as comments, reviews, surveys, blogs, photos, and videos), and we will display and share your name, username, and a link to your user profile along with the content you submit. We may make available settings through the [My Account] page that enables you to exercise choice regarding certain information that is displayed publicly or to other users. We do not control how other users or third parties use any personal information that you make available to other users or the public.
Professional advisors. We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
Industry insurance fraud prevention. We may share personal information regarding our customers with an insurance fraud prevention database owner, to the extent permitted by local applicable law, and where proportionate to the fraudulent behavior of the customer.
Biometric data. Biometric Data will not be disclosed or disseminated beyond Safely, its vendors and/or service providers unless:
- you consent;
- the disclosure or dissemination completes a financial transaction requested or authorized by the subject of the biometric data or the subject’s legally authorized representative;
- the disclosure or dissemination is required by applicable law; or
- the disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.
Cookies and Other Information Collected by Automated Means
We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and activity occurring on or through the Service. The information that may be collected automatically includes your computer or mobile device operating system type and version number, manufacturer and model, device identifier (such as the Google Advertising ID or Apple ID for Advertising), browser type, screen resolution, IP address, the website you visited before browsing to our website, general location information such as city, state or geographic area; and information about your use of and actions on the Service, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access. Our service providers and business partners may collect this type of information over time and across third-party websites and mobile applications. The service providers and their respective cookies/technologies are specified on our Cookie Policy.
On our webpages, this information is collected using cookies, browser web storage (also known as locally stored objects, or “LSOs”), Flash-based LSOs (also known as “Flash cookies”), web beacons, and similar technologies, and our emails may also contain web beacons. In our mobile application, we may collect this information directly or through our use of third-party software development kits (“SDKs”). SDKs may enable third parties to collect information directly from our App.
Your Choices and Rights
In this section, we describe the rights and choices available to all users. Below are your legal rights under data protection law.
Opt out of marketing communications. You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us at privacy@safely.com. You may continue to receive service-related and other non-marketing emails.
Cookies & Browser Web Storage. We may allow service providers and other third parties to use cookies and similar technologies to track your browsing activity over time and across the Service and third party websites. For more details about such technologies, see our Cookie Policy.
Targeted online advertising. Some of the business partners that collect information about users’ activities on or through the Service may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behavior or mobile application usage for purposes of targeted advertising.
Users may opt out of receiving targeted advertising on websites through members of the Network Advertising Initiative by clicking here or the Digital Advertising Alliance by clicking here. European users may opt out of receiving targeted advertising on websites through members of the European Interactive Digital Advertising Alliance by clicking here, selecting the user’s country, and then clicking “Choices” (or similarly titled link). Users of our mobile applications may opt out of receiving targeted advertising in mobile apps through participating members of the Digital Advertising Alliance by installing the AppChoices mobile app, available here, and selecting the user’s choices. Please note that we also may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms that we linked above.
In addition, your mobile device settings may provide functionality to limit our, or our partners’, ability to engage in ad tracking or targeted advertising using the Google Advertising ID or Apple ID for Advertising associated with your mobile device.
If you choose to opt-out of targeted advertisements, you will still see advertisements online but they may not be relevant to you. Even if you do choose to opt out, not all companies that serve online behavioral advertising are included in this list, so you may still receive some cookies and tailored advertisements from companies that are not listed.
Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit https://www.allaboutdnt.com.
Choosing not to share your personal information. Where we are required by law to collect your personal information, or where we need your personal information in order to provide the Service to you, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with our services. We will tell you what information you must provide to receive the Service by designating it as required at the time of collection or through other appropriate means.
Third-party platforms or social media networks. If you choose to connect to the Service via a third-party platform or social media network, you may have the ability to limit the information that we may obtain from the third-party at the time you login to the Service using the third-party’s authentication service or otherwise connect your account. Subsequently, you may be able to control your settings through the third-party’s platform or service. For example, you may access and change your settings through the Facebook settings page for Apps and Websites. If you withdraw our ability to access certain information from a third-party platform or social media network, that choice will not apply to information that we have already received from that third-party.
Rights under data protection law. In addition to the above, you, as a data subject, have the following rights:
(i) Right of access, this means you can make a request to obtain access to the personal information concerning you;
(ii) The right to rectification or correction of your personal data;
(iii) The right to erasure of the personal data concerning you;
(iv) The right to restriction of the processing;
(v) The right to data portability, this means that you have the right to receive your personal data in a structured, commonly used and machine-readable format, and that you have the right to transmit those data to another controller;
(vi) The right to object to processing based on ‘legitimate interest’.
(vii) The right to lodge a complaint with a supervisory authority;
(viii) The right to withdraw your consent, where our processing is based on consent.
The above stated rights, with the exception of your right to lodge a complaint with the supervisory authority, can be exercised by submitting a request to us via privacy@safely.com, and only to the extent that you enjoy such rights under applicable law. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.
Other sites, mobile applications and services
The Service may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.
Security practices
The security of your personal information is important to us. We employ a number of organizational, technical and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.
International data transfers
While Safely B.V. is headquartered in the Netherlands, we have service providers in other countries, and your personal information may be transferred to the United States or other locations outside of your state, province, or country where privacy laws may not be as protective as those in your state, province, or country.
European Union users should read the important information provided below about transfer of personal information outside of the European Union.
Children
The Service is not directed to, and we do not knowingly collect personal information from, anyone under the age of 16 . If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us. We will delete such information from our files as soon as reasonably practicable. We encourage parents with concerns to contact us.
Changes to this Privacy Notice
We reserve the right to modify this Privacy Notice at any time. If we make material changes to this Privacy Notice, we will notify you by updating the date of this Privacy Notice and posting it on the Service. We may, and if required by law will, also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if you have an account where we have your contact information) or another manner through the Service.
Any modifications to this Privacy Notice will be effective upon our posting the new terms and/or upon implementation of the new changes on the Service (or as otherwise indicated at the time of posting). In all cases, your continued use of the Service after the posting of any modified Privacy Notice indicates your acceptance of the terms of the modified Privacy Notice.
How to Contact Safely
Please direct any questions or comments about this Policy or privacy practices to the Data Protection Officer, who can be reached at privacy@safely.com . You may also write to us via postal mail at:
Safely B.V.
Attn: Legal – Privacy
Vijzelstraat 68-78
1017 HL Amsterdam, The Netherlands
Retention
We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes. Statutory retention obligations may vary for each EU Member State. Safely will generally adhere to the longest statutory retention period applicable.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
When we no longer require the personal information we have collected about you, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you. Biometric Data will not be disclosed or disseminated beyond Safely, its vendors and/or service providers unless:
- you consent;
- the disclosure or dissemination completes a financial transaction requested or authorized by the subject of the biometric data or the subject’s legally authorized representative;
- the disclosure or dissemination is required by law; or
- the disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.
Cross-Border Data Transfer
If we transfer your personal information out of Europe to a country not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be performed:
- Pursuant to the recipient’s compliance with standard contractual clauses, Data Privacy Framework, or Binding Corporate Rules
- Pursuant to the consent of the individual to whom the personal information pertains
- As otherwise permitted by applicable data protection law, for instance in the event of certain types of incidental transfers.
You may contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the European Economic Area.