Ethiopia Bookings
nav.register

Version 1.0 · [Insert date before publishing]

Privacy Policy

This legal text is a starting template and must be reviewed and approved by qualified Ethiopian legal counsel before publication. It does not constitute legal advice.

1. Introduction

Ethiopia Bookings (operated by [Company Name], registered in Ethiopia under registration number [XXX]) is committed to protecting the privacy and personal data of all users of our platform. This Privacy Policy explains what data we collect, how we use it, how we protect it and what your rights are.

This policy applies to all users of the Ethiopia Bookings website (ethiopiabookings.com), mobile application and any related services. By using our platform, you agree to the collection and use of information as described in this policy.

We comply with Ethiopia's Personal Data Protection Proclamation (Proclamation No. 1321/2024) and applicable international data protection standards for users accessing our platform from other jurisdictions.

2. Data We Collect

2.1 Data you provide to us

  • Account registration data: name, email address, phone number, password
  • Profile data: profile photo, preferred language, preferred currency, country of residence
  • Booking data: name of guest(s), email, phone number, special requests, payment method (we do not store card details — these are processed by Stripe and never touch our servers)
  • Property listing data (for property owners): property name, address, photos, room types, pricing, bank account or Telebirr details for payouts
  • Review data: post-stay reviews submitted by travellers
  • Communications: messages sent to us via WhatsApp, email or our contact form

2.2 Data we collect automatically

  • Usage data: pages visited, search queries, filters used, time on site
  • Device data: browser type, operating system, IP address, device identifier
  • Location data: city-level location detected from IP address (not precise GPS location unless you explicitly permit it)
  • Cookies: session cookies (required), preference cookies, and analytics cookies (see our Cookie Policy)

3. How We Use Your Data

  • To provide the Ethiopia Bookings service: creating your account, processing bookings, sending booking confirmations, managing payments and payouts
  • To communicate with you: sending booking confirmation, check-in reminders, review requests, platform notifications and (with your consent) marketing emails
  • To improve the platform: analysing usage patterns to improve search, booking flow and user experience
  • To prevent fraud and ensure security: detecting unusual booking patterns, validating payment methods, preventing fake listings
  • To comply with legal obligations: maintaining financial records as required by Ethiopian tax law, responding to lawful requests from government authorities

4. How We Share Your Data

We share personal data only in the following circumstances:

  • With property owners: when you make a booking, we share your name, email and phone number with the property owner. We share your booking reference and check-in date. We do not share your payment details.
  • With payment providers: we pass your booking amount and reference to Stripe, Telebirr or ArifPay to process payments. Each provider has its own privacy policy and handles your payment data under their own regulatory obligations.
  • With service providers: we use Resend for email delivery, Africa's Talking for SMS delivery, and Supabase for data storage. These providers act as data processors under our instructions and are contractually bound to data protection standards.
  • With authorities: we will share data with Ethiopian government authorities when legally required to do so, and will notify you where we are permitted to do so.

We do not sell your personal data to any third party. We do not share your data with advertisers.

5. Data Retention

  • Active user data: retained while your account is active plus 2 years after account deletion
  • Booking records: retained for 7 years as required by Ethiopian tax and financial record-keeping law. Personal data fields in old booking records are pseudonymised after the account retention period.
  • Inactive accounts: accounts with no login activity for 3 years are automatically anonymised
  • Logs: technical logs retained for 30 days in active systems, archived for 1 year

6. Your Rights

Under Ethiopian data protection law and, where applicable, international standards, you have the following rights:

  • Right of access: you can request a copy of the personal data we hold about you
  • Right to rectification: you can correct inaccurate data in your account settings or by contacting us
  • Right to erasure: you can request deletion of your personal data. We will process this within 30 days, subject to retention requirements for financial records
  • Right to data portability: you can download your data (profile, bookings, reviews) from your account settings
  • Right to object: you can opt out of marketing emails at any time via the unsubscribe link in any email

To exercise any of these rights, contact us at: privacy@ethiopiabookings.com or via WhatsApp: +251 XXX XXX XXX

7. Security

We protect your personal data using industry-standard security measures: encrypted connections (TLS 1.3), encrypted database storage, access controls limiting which staff can access personal data, and regular security audits. Your password is stored as a one-way hash — we cannot see it.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email (for registered users) and by posting a notice on the platform for 30 days before the change takes effect. Continued use of the platform after the effective date constitutes acceptance of the updated policy.

9. Contact Us