Privacy Policy
Cohosty privacy notice for hosts, guests and platform users.
Data controller
Hosty Lab di Silvia Cesarini
Via Bottica 25, 06033 Cannara (PG), Italy
VAT ID IT04024360549
team@cohosty.it
Certified email: silvia.cesarini2@postecert.it
This notice explains how Cohosty processes personal data for host accounts, AI assistants, guest requests, payments, support, security and service communications.
Cohosty acts in different roles depending on the data. For host account and subscription data, Hosty Lab acts as an independent controller. For guest data processed through a host assistant, the host is normally the controller and Hosty Lab acts as processor on the host instructions.
1. Data we process
Depending on how the service is used, Cohosty may process account details, contact details, billing information, property information, AI assistant configuration, uploaded content, usage logs, support messages and technical security data.
For guests, data may include conversations with the assistant, extra or booking-related requests, contact details supplied by the guest, request status, preferred language, technical metadata and transactional email status.
- Host account, billing and subscription data.
- Property, assistant and uploaded configuration content.
- Guest conversations and request details processed for the host.
- Technical logs, security events, analytics and consent-based marketing data.
2. Purposes and legal bases
Data is processed to provide the service, manage accounts and subscriptions, send transactional communications, provide support, prevent fraud or abuse, comply with legal obligations and improve the reliability of the platform.
Where required, Cohosty relies on consent, for example for marketing communications or non-essential marketing cookies.
- Contract performance for the requested service.
- Legal obligations for tax, accounting and lawful requests.
- Legitimate interest for security, abuse prevention and service improvement.
- Consent for marketing and optional tracking technologies.
3. Processors and international transfers
Cohosty uses selected service providers for hosting, database infrastructure, AI services, payments, email, analytics and support. Some providers may be located outside the European Economic Area.
Where data is transferred outside the EEA, Cohosty uses safeguards such as Data Privacy Framework participation, Standard Contractual Clauses or equivalent lawful transfer mechanisms where applicable.
4. Retention and rights
Data is retained only for as long as needed for the relevant purpose, legal obligations, security or dispute management. Accounting records may be retained for the period required by law.
Data subjects may request access, rectification, erasure, restriction, portability or objection where applicable. Guests should also contact the host when the host is the controller for guest assistant data.
Privacy contacts
team@cohosty.it
Certified email: silvia.cesarini2@postecert.it