Skip to content
manediu

Privacy Policy

Last updated: 3 July 2026

This policy explains how Manediu(“we”, “us”) collects, uses and safeguards your personal data when you use our platform, and the rights you have under the EU General Data Protection Regulation (GDPR) and comparable laws. Please review the specifics with your own legal counsel before relying on this document commercially.

1. Who we are (Data Controller)

Manediu is the data controller for personal data processed through this platform. For any privacy question or to exercise your rights, contact us at mahmoud.nassef@manediu.com.

2. What data we collect

  • Account data — name, email, phone, country, role and (for hosts) subscription tier.
  • Listings & booking data — property details you publish, and the booking requests and enquiries you submit or receive.
  • Communications — messages you send us (e.g. contact or corporate enquiries).
  • Technical data — strictly-necessary cookies for authentication and preferences, and standard server logs (e.g. IP address, timestamps) for security.

3. How and why we use it (Legal bases)

  • To provide the service — creating your account, publishing listings, handling booking requests (performance of a contract).
  • Transactional email — account, booking and security notifications (legitimate interest / contract). These are not marketing and cannot be opted out of while you hold an account.
  • Marketing email — only if you opt in; you can withdraw consent at any time from your profile.
  • Security & fraud prevention — protecting the platform (legitimate interest, legal obligation).

4. Who we share it with (Processors)

We share data only with processors that help us run the service:

  • Supabase — database, authentication and file storage (hosted in the EU).
  • Railway — application hosting (EU region).
  • Resend — transactional email delivery.

We do not sell your personal data.

5. Data retention

We keep your data while your account is active. When you delete your account, your profile and the records that depend on it are removed; some minimal records may be retained where required by law or for legitimate security purposes.

6. Your rights

Under the GDPR you have the right to:

  • access a copy of your data (available as a download from your profile);
  • rectify inaccurate data (edit it in your profile);
  • erase your data (delete your account from your profile);
  • data portability (your export is provided in machine-readable JSON);
  • object to or restrict certain processing, and withdraw consent for marketing.

You also have the right to lodge a complaint with your local data protection authority.

7. International transfers

Our infrastructure is hosted in the EU. Where a processor transfers data outside the EEA, it is done under appropriate safeguards (e.g. Standard Contractual Clauses).

8. Cookies

We use only strictly-necessary cookies. See our Cookie Policy for details.

9. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by the “last updated” date above.