Privacy Policy
Last Updated: 13th July 2025
This Privacy Policy explains how Beyond Stays Group Limited (“we,” “us,” or “our”) collects, uses, discloses, and protects your personal information.
1. Who We Are
We are Beyond Stays Group Limited, a property and accommodation platform based in Manchester, United Kingdom. Our website address is https://www.beyondstays.co.uk.
2. Information We Collect
We collect information that you provide directly and data collected automatically:
Personal Information: Name, email, phone, booking details
Payment Information: Handled securely by Stripe or ChargeAutomation
Usage Data: Pages visited, time on site, browser type, IP address
3. How We Use Your Information
We use your data to:
Process bookings and payments
Communicate important updates
Improve our website and services
Send marketing messages (where consent is implied or given)
4. Legal Bases for Processing
We rely on the following legal grounds:
Performance of a contract
Legitimate interests
Compliance with legal obligations
Your consent (where required)
5. Sharing of Your Data
We share your information with trusted partners and processors:
Stripe (payments)
ChargeAutomation (bookings & deposits)
Tokeet (property management)
Klaviyo (email marketing)
Google Analytics, PostHog (analytics)
WATI (customer communication)
All data processors are vetted and contractually bound to protect your information.
6. International Data Transfers
While we do not intentionally transfer data outside the UK or EEA, some of our service providers may store or process data internationally. We ensure adequate protections are in place.
7. Your Rights
Under UK GDPR, you have the right to:
Access your data
Correct inaccurate data
Request deletion of your data
Withdraw consent at any time
To exercise your rights, contact us at hello@beyondstaysgroup.co.uk.
8. Data Retention
We retain your personal data only as long as necessary for the purposes outlined above or as required by law.
We implement appropriate technical and organisational measures including:
Role-based access controls
Encryption in transit and at rest
Internal staff training and access limitation