Comstay

Comstay

Menu
Contact us

Privacy Policy (GDPR) — Comstay

Last updated: December 2025

This Privacy Policy explains how Comstay (“Comstay”, “we”, “us”, “our”) collects, uses, stores, and protects personal data when you visit www.comstay.group (the “Website”) or contact us to request information or services.

We are committed to protecting your privacy and processing personal data in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR) where applicable.

1. Data Controller (Responsible Entity)

Comstay
Cédula Jurídica: 3-102-933805
Address: Calle Central, Playa del Coco, Guanacaste, Costa Rica
Email: contact@comstay.com
Website: www.comstay.group

Comstay acts as the data controller for personal data processed through this Website.

2. What Personal Data We Collect

We may collect the following categories of personal data:

A. Data you provide directly

When you contact us, book a call, or request services, you may provide:

  • Identification/contact information (e.g., name, email address, phone number)
  • Message content (details you send through forms or email)
  • Property-related information you choose to share (e.g., listing link, property location, performance context)

Please avoid sending unnecessary sensitive data.

B. Technical and usage data (automatically collected)

When you browse the Website, we may collect technical data such as:

  • IP address (or part of it depending on configuration)
  • Device information (browser type, device type)
  • Pages visited, time spent, navigation patterns
  • Referral source (how you reached the Website)

This data is collected via cookies and similar technologies as described below.

3. Why We Process Your Data (Purposes)

We process personal data for the following purposes:

  1. To respond to inquiries and communicate with you
  2. To schedule and manage calls and consultations
  3. To deliver our services (Airbnb listing optimization and/or Airbnb management support)
  4. To improve our Website performance, user experience, and content
  5. To measure marketing performance and improve advertising campaigns (Google Ads / Meta)
  6. To protect our Website and prevent fraud or abuse
  7. To comply with legal obligations where applicable

4. Legal Bases for Processing (GDPR)

Where GDPR applies, our legal bases include:

  • Consent: for non-essential cookies (analytics and advertising), and where you voluntarily submit a form or contact us.
  • Legitimate interests: to operate, secure, and improve our Website, and to develop our services responsibly.
  • Contract / Pre-contractual steps: to respond to service requests and provide services.
  • Legal obligation: where processing is required to comply with applicable laws.
5. Cookie Banner and Consent Management

We use a cookie banner (consent tool) that allows visitors to accept or reject non-essential cookies and to update preferences at any time.

  • Essential cookies may be used for basic site functionality and security and do not require consent in many jurisdictions.
  • Analytics and advertising cookies are only set after you provide consent, where required by applicable law.

You can change your cookie preferences at any time via the cookie settings link or button available on the Website.

6. Cookies and Tracking Technologies

We use cookies and similar technologies for analytics and advertising, subject to your consent preferences.

A. Google Analytics 4 (GA4)

We use Google Analytics 4 to understand how visitors use the Website and to improve performance and content. Analytics cookies are only activated according to your cookie consent preferences.

B. Google Ads

We use Google Ads tracking to measure ad performance, conversions, and improve campaign efficiency. Advertising cookies are only activated according to your cookie consent preferences.

C. Meta Pixel (Facebook/Instagram)

We use the Meta Pixel to measure and optimize advertising performance, including retargeting and conversion tracking where applicable. Advertising cookies are only activated according to your cookie consent preferences.

D. WordPress

WordPress may set cookies that are necessary for core functionality and security. These are considered essential.

E. WhatsApp

If you click a WhatsApp link/button, you will be redirected to WhatsApp. Your interactions with WhatsApp are governed by WhatsApp’s own privacy policy.

7. Calendly and Google Calendar

If you book a call through Calendly, your booking data (e.g., name, email, scheduling details) is processed to organize the meeting. Scheduling may also involve Google Calendar to manage availability and event creation.

8. Airbnb-Related Data and Co-Host Access

Comstay does not request your Airbnb login credentials.
If we work together operationally on Airbnb, we may be connected as a co-host within Airbnb.

Depending on the permissions granted, we may access certain listing and performance information strictly for the purpose of delivering our services.

9. Data Sharing and Recipients

We do not sell personal data.

We do not share personal data with virtual assistants, partners, or third parties for their own purposes.

We may use service providers (“processors”) necessary to operate our Website and services, such as:

  • Analytics and advertising platforms (Google, Meta)
  • Scheduling tools (Calendly)
  • Hosting / Website infrastructure (WordPress hosting and related technical services)

These providers process data on our behalf and are subject to their own contractual and security measures.

10. International Data Transfers

Comstay is based in Costa Rica. Some service providers (e.g., Google, Meta, Calendly) may process data in countries outside the EU/EEA.

Where GDPR applies, such transfers are handled using appropriate safeguards and mechanisms commonly used by these providers.

11. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy.

  • Client and collaboration data: retained until 6 months after the end of the collaboration
  • Inquiry/lead data (non-client): retained for the time necessary to respond and follow up, then deleted or anonymized where appropriate
  • Technical analytics data: retained according to the configuration of the relevant platforms and your consent choices

We may retain certain data longer if required to comply with legal obligations, resolve disputes, or enforce agreements.

12. Data Security

We apply reasonable technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction.

No method of transmission or storage is 100% secure. However, we work to protect your information using appropriate safeguards.

13. Your Rights (GDPR)

Where GDPR applies, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request deletion (“right to be forgotten”)
  • Restrict or object to processing
  • Data portability (where applicable)
  • Withdraw consent at any time (where processing is based on consent)
  • Lodge a complaint with a supervisory authority in your EU/EEA country

To exercise your rights, contact: contact@comstay.com
We may request verification of identity before processing certain requests.

14. Children’s Privacy

Our services are not intended for individuals under the age of 18, and we do not knowingly collect personal data from minors.

15. Third-Party Links

The Website may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. Please review their privacy policies.

16. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a new “Last updated” date.

17. Contact

Comstay
Calle Central, Playa del Coco, Guanacaste, Costa Rica
Email: contact@comstay.com
Website: www.comstay.group

Scroll to Top