Privacy Policy
Privacy Policy
Last updated: [ADD DATE]
This Privacy Policy explains how Joy of Culture (“we”, “us”, or the “Platform”) collects, uses, stores, and protects personal data when users (“Users”) and hosts (“Hosts”) access or use the Platform. This Privacy Policy is provided in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable data protection laws.
1. Data Controller
Joy of Culture is the data controller responsible for the processing of personal data under this Privacy Policy.
If you have any questions regarding this Privacy Policy or the processing of personal data, you may contact us at:
Email: info@joyofculture.com
2. Personal Data We Collect
2.1 Account Information
Name and surname
Email address
Username and password
Contact details
2.2 Booking and Transaction Data
Booking details and booking history
Payment status and transaction references
Payment card details are processed directly by third-party payment service providers and are not stored by the Platform.
2.3 Host Information
Business name and business-related details (where applicable)
Experience listings and descriptions
Payout-related information
2.4 Communications
Messages exchanged through the Platform
Communications with customer support
2.5 Technical and Usage Data
IP address
Device, browser, and log information
Cookies and similar technologies
3. Purposes and Legal Bases for Processing
We process personal data for the following purposes and legal bases:
3.1 Performance of a Contract (Article 6(1)(b) GDPR)
To create and manage user and host accounts
To process bookings and payments
To facilitate communication between users and hosts
3.2 Legal Obligations (Article 6(1)(c) GDPR)
To comply with tax, accounting, and regulatory requirements
To respond to lawful requests from public authorities
3.3 Legitimate Interests (Article 6(1)(f) GDPR)
To operate, maintain, and improve the Platform
To prevent fraud, misuse, and security incidents
To handle disputes and enforce our Terms and Conditions
3.4 Consent (Article 6(1)(a) GDPR)
For non-essential cookies
For marketing communications where required by law
4. Cookies and Similar Technologies
We use cookies and similar technologies to ensure the proper functioning of the Platform, improve user experience, and analyze usage.
For detailed information about the cookies we use and how to manage your preferences, please refer to our Cookie Policy.
5. Data Sharing and Third Parties
We may share personal data with:
Payment service providers for payment processing
IT, hosting, and infrastructure providers
Analytics and security service providers
Public authorities where required by law
We do not sell personal data to third parties.
6. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.
7. Data Retention
Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, accounting, and reporting obligations.
When personal data is no longer required, it is securely deleted or anonymized.
8. Data Subject Rights
Under the GDPR, individuals have the following rights:
Right of access
Right to rectification
Right to erasure
Right to restriction of processing
Right to data portability
Right to object to processing
Right to withdraw consent at any time
Requests to exercise these rights may be submitted to info@joyofculture.com.
9. Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or disclosure.
10. Children’s Data
The Platform is not intended for use by individuals under the age of eighteen (18). We do not knowingly collect personal data from minors.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Material changes will be communicated through the Platform or by other appropriate means where required by law.
12. Complaints
If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the competent data protection authority in your country of residence or with the Office of the Commissioner for Personal Data Protection of the Republic of Cyprus.