Privacy policy

Last update: 22 of September 2025

1. Who we are

This Privacy Policy applies to users of the website (“Visitors”) and to users who make a booking or purchase (“Authorized Customers”).

Controller: Hutstuf BV, Tiburstraat 32 – 2840 Rumst – VAT no. 0758979468

For all questions about privacy, you can contact us at warm@hutstuf.com.

2. What information we collect

  • From all Visitors: basic profile information, cookies.

  • From Authorized Customers:

    • Bookings: name, address, phone number, email address, stay period, number of guests, booking date and time.

    • Gift cards: name, address, phone number, email address, and optionally recipient’s name and email.

3. Legal grounds for processing

We process your personal data on the following legal bases (Art. 6 GDPR):

  • Contract performance: to process your booking or gift card purchase.

  • Legal obligation: to comply with tax/accounting requirements.

  • Legitimate interests: to improve our services, ensure site security, prevent fraud.

  • Consent: for marketing communication (newsletter) and non-essential cookies. You may withdraw your consent at any time.

4. Third parties and processors

  • Payments: processed by Stripe Payments Europe Limited, 1 Grand Canal Street Lower, Dublin, Ireland. Data may be transferred outside the EU under the EU-US Data Privacy Framework.

  • Booking management: handled by Smoobu GmbH, Pappelallee 78/79, 10437 Berlin, Germany.

  • Other service providers (e.g. banks, insurers) may process data only as needed and under strict agreements.

5. Use of personal data

We use your data to:

  • process bookings and payments,

  • provide booking-related communication before and during your stay,

  • handle gift card orders,

  • send newsletters (if consented),

  • improve the website and services.

We never sell personal data.

6. Data retention

  • Booking and billing data: 7 years (legal obligation).

  • Gift card data: until the card expires + 1 year.

  • Marketing data: until consent is withdrawn.

  • Cookies: according to their technical lifespan (see Cookie Policy).

7. Cookies

  • We use Cookies to improve user experience and remember preferences.

  • You can disable Cookies in your browser, but some functions may not work properly.

  • Third-party providers (such as Stripe and Smoobu) may also set cookies.

  • See our separate Cookie Policy for details.

8. Sharing and disclosure

  • We may share anonymized/aggregated data with partners.

  • We may disclose personal data if legally required (e.g. court order, law enforcement).

  • We do not share data for commercial resale.

9. Data security

  • Access is limited to authorized employees.

  • Sensitive data (such as payment details) is encrypted.

  • Regular audits are carried out.

  • Despite safeguards, no system is 100% secure.

10. Your rights

You have the following rights under GDPR:

  • access to your data,

  • rectification of incorrect data,

  • erasure (“right to be forgotten”),

  • restriction of processing,

  • data portability,

  • objection to processing,

  • withdrawal of consent,

  • lodging a complaint with a supervisory authority (Belgian Data Protection Authority).

Requests can be sent to warm@hutstuf.com. We will respond within 30 days.

11. Children

We do not knowingly collect data from children under 16. If we discover such data has been provided without parental consent, we will delete it.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Changes will be published on our website. For material changes, we will inform you directly if possible.

13. Links to other websites

Our site may contain links to external websites. We are not responsible for their privacy practices and encourage you to read their privacy policies.