Privacy Policy & Cookie Notice
Last updated: July 15, 2026
Introduction
This privacy policy explains how Buchungsnest ("we", "us", or "our") collects, uses, and protects your personal data when you use our booking calendar application.
Cookie Usage
Our application uses cookies and similar technologies that are essential for the website to function properly. We only use strictly necessary cookies required for core functionality.
Types of Cookies We Use
1. Session Cookies (Strictly Necessary)
Purpose: Authentication and session management
Description: These cookies are essential for you to log in and use the administrative features. They maintain your login session and ensure secure access to your account.
Retention: Session-based (deleted when you close your browser or log out)
Legal Basis: Legitimate interest (GDPR Art. 6(1)(f)) - necessary for the operation of the service
2. Blazor Server Cookies (Strictly Necessary)
Purpose: Real-time server communication
Description: These cookies enable the interactive features of the application by maintaining a SignalR connection between your browser and our server.
Retention: Session-based (deleted when you close your browser)
Legal Basis: Legitimate interest (GDPR Art. 6(1)(f)) - necessary for the operation of the service
3. Antiforgery Cookies (Strictly Necessary)
Purpose: Security and CSRF protection
Description: These cookies protect you from cross-site request forgery attacks by verifying that form submissions come from authenticated users.
Retention: Session-based
Legal Basis: Legitimate interest (GDPR Art. 6(1)(f)) - necessary for security
4. Preference Cookies (Functional)
Purpose: Theme preference storage
Description: These cookies remember your theme preference (light/dark mode) to enhance your user experience.
Retention: Persistent (stored in localStorage until manually cleared)
Legal Basis: Consent (GDPR Art. 6(1)(a))
Data We Collect
- Account Information: Email address, password (encrypted), and role (Admin/Client)
- Business Data: Client names, guest house names, booking details, and guest information
- Technical Data: Session identifiers, authentication tokens (encrypted in browser storage)
How We Use Your Data
We use your personal data to:
- Provide and maintain the booking calendar service
- Authenticate your identity and manage your session
- Store and display your bookings and guest house information
- Enable role-based access control (Admin vs. Client)
- Remember your preferences (e.g., theme selection)
Data Storage and Security
Your data is stored in a SQLite database on our server. We implement appropriate technical and organizational measures to protect your personal data, including:
- Encrypted password storage using industry-standard hashing
- Encrypted session data in browser storage
- HTTPS encryption for data transmission
- Access controls and authentication requirements
Your Rights (GDPR)
Under the General Data Protection Regulation (GDPR), you have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate personal data
- Right to Erasure: Request deletion of your personal data
- Right to Restriction: Limit how we use your personal data
- Right to Data Portability: Receive your data in a structured format
- Right to Object: Object to our processing of your personal data
- Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
Third-Party Services
This application does not use third-party analytics, advertising, or tracking services. All data processing occurs within our own infrastructure.
Managing Cookies
You can manage or delete cookies through your browser settings. However, please note that disabling strictly necessary cookies will prevent you from using key features of the application, including logging in and managing bookings.
Browser cookie settings:
Data Retention
We retain your personal data for as long as your account is active or as needed to provide you with our services. If you wish to delete your account and associated data, please contact us.
Contact Us
If you have any questions about this privacy policy, your data, or wish to exercise your GDPR rights, please contact us at:
Email: privacy@example.com
Changes to This Policy
We may update this privacy policy from time to time. We will notify you of any changes by updating the "Last updated" date at the top of this policy.