User Agreement

By using this website you must agree to all the following conditions.

Legal notices

You will not hold us responsible for other users' actions or inactions, including things they post. You acknowledge that we are not a traditional travel agent. Instead, the Site is a venue to allow anyone to offer accommodation, at anytime, from anywhere. We are not involved in the actual transaction between hosts and guests. We have no control over and do not guarantee the quality, safety or legality of the accommodation advertised, the truth or accuracy of listings, or the ability of hosts to provide the accommodation.

If you have a dispute with one or more users, you release us (and our officers, directors, agents, subsidiaries, joint ventures and employees) from claims, demands and damages (actual and consequential) of every kind and nature, known and unknown, arising out of or in any way connected with such disputes.

You will indemnify and hold us (and our officers, directors, agents, subsidiaries, joint ventures and employees), harmless from any claim or demand, including reasonable attorneys' fees, made by any third party due to or arising out of your breach of this Agreement, or your violation of any law or the rights of a third party.

Content License
When you give us content, you grant us a non-exclusive, worldwide, perpetual, irrevocable, royalty-free, sublicensable (through multiple tiers) right to exercise the copyright, publicity, and database rights (but no other rights) you have in the content, in any media known now or in the future. (We need these rights to host and display your content.)

Privatestay and are trademarks operated and owned by MPK Systems Ltd | Imprint

Privacy Policy

The protection of personal data is important to us. Your personal data will be processed by us when visiting our websites, when using our services and when contacting us as a supplier, service provider or comparable contractual partner. In the following, we would like to inform you about the nature, extent and purpose of the processing of your personal data. The terms we use, such as "Processing" or "Responsible" follow the content of the definitions of the General Data Protection Regulation (Article 4 GDPR).

I. What types of data are processed for what purpose?

We process personal data only to the extent necessary to provide a functional website, content and services or with the consent of the user. An exception applies in cases where prior consent is not possible or where the processing of the data is permitted by other applicable legal provisions.

1. Provision of the website and creation of log files

Access Data

Our website can be visited without registration. However, in such cases we also collect data on access to our pages and save them as "server log files". The following data is logged:

  1. Information about the browser type and version used
  2. The user’s operating system
  3. The user’s IP address
  4. Date and time of access
  5. Websites from which the user’s system reaches our website
  6. Websites accessed by the user’s system via our website

The data is collected for statistical purposes and in order to improve our website. Storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. The server log files are regularly checked to maintain the performance of the server, especially when there are concrete indications of unlawful use. The legal basis for the temporary storage of data and log files is Art. 6 paragraph 1 letter f GDPR.


We use cookies as part of our online offering. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. The cookies contain a characteristic string that allows the browser to be uniquely identified when the website is reopened. We use cookies primarily to make our website more user-friendly (technically necessary cookies). Some elements of our website require that the calling browser be identified even after a change of page. The following data is stored and transmitted in the cookies:

  1. System settings
  2. Log-in information

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some features on our website cannot be offered without the use of cookies. In such cases, it is necessary that the browser is recognized even after a change of pages. The user data collected through technically necessary cookies will not be used to create user profiles.

The legal basis for the processing of personal data using technically necessary cookies is Article 6 (1) letter f GDPR.

In addition to our own cookies, third parties also use cookies when using our online service. For details, see the following information.

Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC ("Google"), as part of our online offering. Google uses cookies. The information generated by the cookie about the use of the online offering by the users is usually transmitted to a Google server in the USA and stored there.

Google will use the information we collect on our behalf to evaluate the use of our online offering, to compile reports on the activities within this online offering and to provide us with other services related to the use of the online offering and internet usage. Pseudonymous user profiles can be created from the processed data.

We only use Google Analytics with activated IP anonymization. This means that Google’s IP address will be truncated within member states of the European Union and in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and truncated there.

The IP address submitted by the user’s browser will not be merged with other data provided by Google. Users can prevent the storage of cookies by setting their browser software accordingly. Users may also prevent the collection by Google of the data generated by the cookie related to their use of the online offering and the processing of such data by Google by downloading and installing the browser plug-in available at the following link: Google is certified under the Privacy Shield Agreement and therefore guarantees compliance with European data protection law

For more information about data usage by Google, settings and contradictory options, please visit the websites of Google: "Google Uses Your Data When You Use Our Partners Sites or Apps", " Advertising ", " Managing information that Google uses to show you advertising ".

2. Contact form and e-mail contact

A contact form is available on our website that can be used for electronic contact. If a user uses this option, the data entered in the input form will be transmitted to us and saved. These data are:

  1. First name
  2. Last Name
  3. Email address
  4. Website
  5. Message content

At the time the message is sent, the following data is also stored:

  1. The user’s IP address
  2. Date and time of sending

Alternatively it is possible to contact the provided e-mail address. In this case, the user’s personal data transmitted by e-mail will be stored. There is no transfer of the data to third parties. The data is used exclusively for processing the message.

The processing of the personal data from clients’ input is used only to deal with the communication. In the case of contact via e-mail, this also includes the required legitimate interest in the processing of the data. Other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

The legal basis for the processing of the data, given the provision of consent by the user, is Art. 6 paragraph 1 letter a GDPR. The legal basis for the processing of the data transmitted in the course of sending an e-mail is Article 6 (1) letter f GDPR. If the purpose of the e-mail is to conclude a contract, then the additional legal basis for processing is Art. 6 paragraph 1 letter b GDPR.

II. Data deletion and storage duration

The data processed by us are deleted or limited in their processing in accordance with Articles 17 and 18 GDPR. Unless expressly stated otherwise in the context of this privacy policy, the data stored by us are deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory storage requirements. Insofar as the data is not deleted because it is required for other and legitimate purposes, its processing will be restricted, i.e. that data is blocked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons. In accordance with legal requirements in Germany, data is stored for 6 years pursuant to § 257 paragraph 1 HGB (account books, inventories, opening balance sheets, annual accounts, commercial letters, accounting documents, etc.) and for 10 years pursuant to § 147 Abs. 1 AO (books, records, financial reports, accounting documents, commercial and business letters, documents relevant to taxation, etc.).

3. Data collection for contract execution with accommodation providers

Insofar as you conclude contracts with us to display your property, we will process your personal data insofar as this is necessary for the execution of the contract. The basic information we process includes:

  1. Inventory data (e.g., names, addresses).
  2. Contact information (e.g., e-mail, phone numbers).
  3. Contract data (e.g., contract, term, customer category).
  4. Payment details (e.g., bank details, payment history).
  5. Usage data (e.g., data that includes both the temporal criteria of your use of our service and the extent of its use.).
  6. Meta / communication data (e.g., device information, IP addresses).

The processing of this data serves the purpose of enabling the provision of the contractually agreed services; in particular to get in touch with you and to bill for services rendered to you. The legal basis for the processing of the data transmitted in the course of sending an e-mail is Article 6 (1) letter b GDPR.

III. Your rights

If your personal data are processed by us, you are a concerned person within the meaning of the GDPR. You then have the following rights in relation to us or the "controller" within the meaning of the GDPR:

Who is responsible for processing personal information?

Responsibility for the processing of personal data lies with MPK Systems Ltd., Davoser Str. 1g, D-14199 Berlin,, Managing Director: Mark Kinchin.

Right of access to personal data

You may request confirmation from us as to whether personal information concerning you is processed by us. You can then request information from the controller regarding the following:

  1. The purposes for which the personal data are processed;
  2. The categories of personal data being processed;
  3. The recipients or categories of recipients to whom the personal data relating to you have been or will be disclosed;
  4. The planned period of storage of personal data concerning you or, if specific information is not available, criteria for determining the duration of storage;
  5. The existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
  6. The existence of a right of appeal to a supervisory authority;
  7. All available information on the source of the data if the personal data are not collected from the data subject;
  8. The existence of automated decision-making including profiling under Article 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved and the scope and intended impact of such processing on the data subject.

You have the right to request information about whether the personal data relating to you are transferred to a third country or to an international organization. You can request the appropriate guarantees in accordance with Art. 46 GDPR in connection with such transfers.

Right to Correction

You have a right to the correction and/or completion of your personal data by the controller, insofar as the processed personal data concerning you is incorrect or incomplete. The controller must make the correction without delay.

Processing restriction

You may request the restriction of the processing of your personal data under the following conditions:

  1. If you contest the accuracy of your personal information for a period of time that enables the controller to verify the accuracy of your personal information;
  2. The processing is unlawful and you reject the deletion of personal data and instead demand the restriction of the use of personal data;
  3. The controller no longer needs personal information for the purposes of processing, but you need it for the purposes of enforcing, exercising or defending legal claims;
  4. If you have objected to the processing in accordance with Art. 21 (1) GDPR and it is not yet certain whether the legitimate reasons of the person responsible outweigh your reasons.

If the processing of your personal data has been restricted, your personal data may be processed only with your consent, or for the purposes of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person, or for reasons concerning the important public interest of the Union or of a Member State.

If processing is restricted according to the conditions referred to above, you will be informed by the controller before the restriction is lifted.

Deletion right

You may request that your personal information be deleted immediately if one of the following applies:

  1. Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
  2. You revoke your consent to the processing in accordance with Art. 6 paragraph 1 letter a or Art. 9 paragraph 2 letter a GDPR and there is no other legal basis for processing.
  3. You register an objection in accordance with Art. 21 paragraph 1 GDPR to the processing and there are no overriding justifiable reasons for the processing, or you register an objection to the processing in accordance with Art. 21 paragraph 2 GDPR.
  4. Your personal data has been processed unlawfully.
  5. The deletion of the personal data concerning you is required to fulfil a legal obligation under European Union law or the law of the Member States to which the controller is subject.
  6. The personal data relating to you were collected in relation to information society services offered in accordance with Article 8 (1) GDPR.

Right to information disclosed to third parties

If the controller has made the personal data concerning you public and is obligated to delete this data in accordance with Article 17 (1) of the GDPR, the controller, taking into account the available technology and implementation costs, shall take appropriate measures, including of a technical nature, to inform data controllers who process the personal data that you as an affected person have demanded that such data controllers delete all links to this personal data or to copies or replications of this personal data.


The right to deletion does not exist if the processing is necessary
  1. to exercise the right to freedom of expression and information;
  2. to fulfil a legal obligation which requires the processing under the law of the European Union or of the Member States to which the controller is subject, or to carry out a task which is in the public interest or in the exercise of official authority conferred on the controller;
  3. for reasons of public interest in the field of public health pursuant to Art. 9 (2) letter h and i and Art. 9 (3) GDPR;
  4. for archival purposes of public interest, scientific or historical research purposes or for statistical purposes pursuant to Article 89 (1) GDPR, to the extent that the right referred to in subparagraph (a) is likely to render impossible or seriously affect the achievement of the objectives of that processing;
  5. to assert, exercise or defend legal claims.

Right to Information

If you have made known to the controller your assertion of your right to the correction, deletion or restriction of the processing of your personal data, the controller is obliged to notify all recipients of your personal data of the correction or deletion of the data concerned or of the restriction of its processing unless this proves impossible or involves disproportionate effort. You have a right to demand that the controller inform you about these recipients.

Data portability

You have the right to receive data relating to your person that you have passed on to the controller in a structured, current and machine-readable format. In addition, you have the right to transfer this information to another person without hindrance by the controller who has provided you with the data relating to your person, provided that

  1. the processing is based on an agreement pursuant to Art. 6 paragraph 1 letter a GDPR or Art. 9 paragraph 2 letter a GDPR or on a contract pursuant to Art. 6 paragraph 1 letter b GDPR and
  2. processing is done by automated methods.

In exercising this right, you also have the right to have the personal data relating to you transmitted directly from one controller to another party, insofar as this is technically feasible. The freedoms and rights of others may not hereby be affected.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the controller.

Right to object

You have the right at any time, for reasons arising from your particular situation, to register your objection to the processing of personal data concerning you that takes place pursuant to Art. 6 paragraph 1 letter e or f; this also applies to profiling based on these provisions.

The controller will no longer process the personal data relating to you unless he can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, pursuing or defending legal claims.

If the personal data relating to you are processed for the purposes of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.

If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

Regardless of Directive 2002/58 / EC, you have the option, in the context of the use of information society services, of exercising your right to object through automated procedures that use technical specifications.

Right to revoke the data protection consent declaration

You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent prior to the revocation.

Right to complain to a regulator

Irrespective of any other administrative or judicial remedy, you have the right to file a complaint with a supervisory authority, in particular in the Member State of its residence, place of work or the place of alleged infringement, if you believe that the processing of your personal data violates the GDPR.

The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 of the GDPR.

Effective date: 20 May 2018