Cozio Home

Privacy Policy

Last updated: 26 June 2026

This Privacy Policy explains how Cozio ("we", "us") collects, uses and protects personal information when hosts use our service and when guests view a digital guidebook. We handle personal data in line with the EU/EEA General Data Protection Regulation (GDPR).

Who we are

Cozio is operated by Embrik Skrindo (operating as an individual), based in Norway. For the data below, Cozio is the data controller of host account data, and a data processor acting on a host's behalf for the guest information that host collects through their guidebook (the host is the controller of that guest data). Contact us at privacy@cozio.eu.

Information we collect

From hosts (account holders)

  • Account details: name, email address and a hashed password.
  • Property and guidebook content you create.
  • Billing information, processed by our payment provider (Stripe). We never store full card numbers.
  • Usage data such as logins and feature use, to operate and improve the service.

From guests (people who open a guidebook)

  • Anonymous view analytics (page views, which sections are opened). No account is required.
  • Only if a host enables it and a guest chooses to submit it: contact details, online check-in details, messages, upsell requests and reviews.

Legal bases for processing

  • Performance of a contract — to provide the Service you sign up for.
  • Legitimate interests — to secure, operate, analyse and improve the Service.
  • Consent — where required, including optional guest data a host chooses to collect.
  • Legal obligation — e.g. keeping billing and tax records.

How we use information

  • To provide, maintain and secure the service.
  • To process payments and manage subscriptions.
  • To power features the host has enabled (AI concierge, messaging, analytics).
  • To respond to support requests and send essential service notices.

AI features

When a host enables the AI concierge or AI content tools, the relevant guidebook content and guest questions are sent to our AI provider (Anthropic) solely to generate a response. This data is not used to train models.

Cookies & local storage

We use a single strictly-necessary cookie to keep signed-in hosts authenticated. Guidebooks use your browser's local storage to remember anonymous view sessions and prompts you have dismissed. We do not use advertising or cross-site tracking cookies.

Sub-processors & sharing

We do not sell personal data. We share data only with the providers needed to run the Service:

  • Supabase — database hosting (EU region).
  • Vercel — application hosting and content delivery.
  • Stripe — payment processing.
  • Anthropic — AI responses for the concierge and content tools.

Each is bound by appropriate data-protection terms. Guest information a host collects is shared only with that host.

International transfers

Some providers (e.g. Stripe, Anthropic) may process data outside the EU/EEA. Where they do, the transfer is protected by appropriate safeguards, such as the EU Standard Contractual Clauses or an adequacy decision.

Retention

We keep account and guidebook data for as long as the account is active. Hosts can delete a property (and its guest data) at any time, and can request deletion of their account by contacting us.

Your rights

Under the GDPR you may access, correct, export, restrict, object to or delete your personal data, and withdraw consent where processing relies on it. To exercise these rights, contact us at the address above. You also have the right to lodge a complaint with a supervisory authority — in Norway, the Norwegian Data Protection Authority (Datatilsynet). Guests should contact the host whose guidebook they used, and we will assist that host.

Security

Passwords are hashed, traffic is encrypted in transit, and access to data is restricted. No method of transmission or storage is completely secure, but we take reasonable measures to protect your information.

Changes

We may update this policy. We will post the new date above and, for material changes, notify hosts by email or in the app.

Contact

Questions about this policy or your data? Email privacy@cozio.eu.