Skip to content
← Back to home

Privacy Policy for the Gjestfri App

Last updated: April 2026

This is a courtesy translation. The Norwegian version prevails.

1. Data controller

Appit AS is the data controller for the personal data collected through the Gjestfri app.

Org. no.: 933 898 210
Address: Kokstadveien 41, 5257 Kokstad, Norway
Email: trond@appit.ai
Phone: +47 900 79 800

2. What data does the app collect?

Account information

Name, email address, phone number, and password. Collected at registration and sign-in.

Property data

Address, photos, descriptions, rates, and availability for your rental units. Photos are uploaded from the camera or photo library.

Booking data

Dates, rates, channel source, guest details, and status for bookings synced through Channex or created directly.

Payment data

Payment transactions are processed by Stripe. We do not store card details in the app. The Stripe SDK is used for secure payment handling.

Communication data

Messages between you and your guests through the app.

Device information

Operating system, app version, device model, and language settings. Used for troubleshooting and compatibility.

Push notification tokens

When you approve push notifications, we store an anonymous device token from the Apple Push Notification Service (APNs) or Google Firebase Cloud Messaging (FCM). The token is only used to send you notifications and cannot be used to identify you personally.

Camera access

The app asks for access to the camera and photo library so you can take and upload photos of your rental properties. Photos are only used to present the properties in the app and on booking platforms. Camera access is not used for any other purpose.

3. Push notifications

Gjestfri sends push notifications to keep you up to date on:

  • New bookings and booking changes
  • Guest messages
  • Cleaning tasks and reminders
  • Check-ins and check-outs
  • Price recommendations and important updates

Receiving push notifications is your choice. The app asks for permission on first launch. You can turn off notifications at any time in your device settings under Gjestfri.

4. Third-party services in the app

The app uses the following third-party services:

ServicePurposeData transfer
Channex APIBooking sync with Airbnb, Booking.com, and other channelsEU
Stripe SDKPayment processingUSA (EU-US Data Privacy Framework)
Apple Push Notification ServicePush notifications (iOS)USA (Apple)
AI servicesGenerating price suggestions, texts, and recommendationsUSA (data anonymized where possible)

5. Data transfers outside the EEA

Some of the third-party services we use operate in the United States. We make sure transfers comply with the GDPR through:

  • The EU-US Data Privacy Framework (Stripe, Apple)
  • Standard contractual clauses (SCCs) where the DPF does not apply

We only transfer data that is necessary for the service to function.

6. Tracking and advertising

The Gjestfri app does not use App Tracking Transparency (ATT) and does not track you across other apps or websites. We do not show ads in the app. We do not use advertising identifiers (IDFA/GAID).

7. Children's privacy

Gjestfri is a business application aimed at short-term rental hosts. The app is not intended for children under 13. We do not knowingly collect personal data from children. If we discover that we have received data from a child under 13, we will delete it immediately.

8. Data sharing

We never sell your personal data. We only share data with third parties that are necessary to deliver the service (see section 4). All third parties are governed by data processing agreements.

9. Data retention

  • Account data: For as long as you have an active account, plus up to 30 days after deletion
  • Booking data: 5 years after the booking (the Norwegian Accounting Act)
  • Payment data: 5 years after the transaction (the Norwegian Accounting Act)
  • Push notification tokens: Deleted when you uninstall the app or disable notifications
  • Device information: Deleted when your account is deleted

10. Your rights

You have the right to access, rectification, erasure, data portability, restriction of processing, and objection. See our general privacy policy for full details about your rights.

To exercise your rights, contact us at trond@appit.ai. We respond within 30 days.

11. Deleting your account and data

You can request deletion of your account and all associated data at any time. See our account deletion page for instructions.

12. Google Play Data Safety

For users of the Android version, here is a summary of our data practices:

  • Data is encrypted in transit (TLS/HTTPS)
  • You can request data deletion
  • We do not share data with third parties for advertising
  • We collect: name, email, phone, address, photos, payment information (through Stripe), and device identifiers (push tokens)

13. Changes

We may update this policy. For material changes, we will notify you by push notification or email.

Questions about privacy? Contact us at trond@appit.ai

See also our general privacy policy and the app terms of use.