How it WorksPricingAdd to Chrome

Privacy Policy

Last updated: January 2025

1. Introduction

DoNotStay ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our browser extension and website.

2. Information We Collect

Account Information

When you create an account, we collect:

  • Email address (used for authentication via one-time codes)

Payment Information

When you purchase credits, we collect:

  • Stripe customer ID (to link your purchases)
  • Purchase history (credit pack type, amount, timestamp)

Payment details (card numbers, billing address) are processed directly by Stripe and are never stored on our servers.

Hotel Data (Collected by the Extension)

When you analyze a hotel, we temporarily collect from the Booking.com page:

  • Hotel name, location, rating, and URL
  • Guest reviews (reviewer name, country, rating, date, review text)

This data is sent to our servers for AI analysis. Individual review text is not permanently stored—only the generated verdict is cached.

Usage Data

  • Hotel IDs you have analyzed (for rate limiting and caching)
  • Credit balance and usage
  • Timestamps of analyses

Website Analytics

We use Vercel Analytics on our website to understand how visitors use our site. This collects anonymous page view data and does not track you across other websites. No personal information or cookies are used for analytics.

Anonymous Users

If you use the extension without an account, we generate a random device identifier stored locally in your browser. This is used to provide limited free analyses and is not linked to any personal information.

Feedback

If you submit feedback on a verdict, we store the feedback type and any details you provide to improve our service.

3. How We Use Your Information

We use the collected information to:

  • Analyze hotel reviews and generate AI-powered verdicts
  • Cache verdicts to improve performance (7-day retention)
  • Process credit purchases and track your balance
  • Prevent abuse through rate limiting
  • Improve the accuracy of our AI analysis based on feedback
  • Communicate with you about your account or support requests

4. Data Sharing and Disclosure

We share data with the following service providers:

  • Anthropic (Claude AI): Hotel and review data is sent to Anthropic's API for AI analysis. This data is not linked to your personal identity.
  • Stripe: Processes payments securely. We only store your Stripe customer ID.
  • Supabase: Hosts our database and authentication services.
  • Vercel: Hosts our website and API. We use Vercel Analytics to collect anonymous website traffic data (page views, no personal information).

We do not sell your personal information to third parties. We do not use advertising services or cross-site tracking.

5. Data Retention

  • Account data: Retained until you request deletion
  • Verdict cache: Automatically expires after 7 days
  • Analysis history: Retained for rate limiting purposes
  • Payment records: Retained as required for accounting and legal purposes

You may request deletion of your data at any time by contacting us.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • HTTPS encryption for all data transmission
  • Secure authentication via one-time email codes
  • Row-level security policies on our database

However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

7. Your Rights

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your data

To exercise these rights, contact us at mail@donotstay.app.

8. Browser Extension Permissions

Our browser extension requires the following permissions:

  • Host access to booking.com: To read hotel information and reviews on hotel pages you visit
  • Host access to donotstay.app: To sync your login session between the website and extension
  • Storage: To save your authentication token, cached credits, and device identifier locally
  • Active Tab: To detect when you're viewing a supported hotel page

We only access data on Booking.com hotel pages. We do not access your browsing history or data on other websites.

9. Cookies and Local Storage

We use a single essential cookie:

  • donotstay_session: Stores your authentication session (30-day expiry). This cookie is required for the extension to sync your login status.

Vercel Analytics uses browser local storage (not cookies) to collect anonymous page view data. This data is not linked to your identity and does not track you across other websites.

We do not use advertising or cross-site tracking cookies.

10. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will delete the information promptly.

11. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for such transfers.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date.

13. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at mail@donotstay.app.