Privacy policy

Who we are. Katre Konsultatsioonid OÜ is the data controller for personal data collected in connection with your booking and stay.

What we collect. Name, contact details (email, phone), booking details, payment information (processed via our payment provider — we do not store full card details), and any information you provide during communication with us. Where required by Estonian law, we may also request ID information at check-in.

Why we collect it. To process your booking, communicate with you, comply with legal obligations (accommodation registration, tax, anti-money-laundering), and provide customer support.

Legal basis. Contract performance (Article 6(1)(b) GDPR), legal obligation (Article 6(1)(c) GDPR), and our legitimate interests (Article 6(1)(f) GDPR).

Who we share it with. Booking platforms you used to reserve (e.g. Booking.com, Airbnb), our payment processor (Stripe), and authorities where legally required. We do not sell your data.

How long we keep it. As long as needed to provide the service and meet legal retention requirements (typically up to 7 years for accounting records under Estonian law).

Your rights. Under the GDPR, you have the right to access, correct, delete, restrict, or object to processing of your data, as well as data portability and the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon, aki.ee).

Contact for data matters: katre.plaan@gmail.com