Legal

Privacy Policy

Your trust matters to us. This policy explains exactly what information Gamanee collects, why we collect it, how we protect it, and the control you have over your own data.

Last updated · July 2, 2026

01Information we collect

  • Account information: name, email address, phone number, and date of birth when you sign up, plus a profile photo if you add one.
  • Booking information: stay dates, guest counts, and payment confirmation details when you make or host a booking. Card processing is handled by our payment gateway — we never store full card numbers.
  • Host information: verification details, business information, payout instructions, and property specifications.
  • Support messages: when you contact us, we store your message as a support ticket along with your contact details so we can respond.
  • Device & usage data: IP address, browser type, pages visited, and interaction analytics that help us improve the platform.

02How we use your information

  • Process and manage stays, reservations, and bookings.
  • Send booking confirmations, receipts, and important account updates.
  • Provide customer support and resolve disputes between guests and hosts.
  • Personalize recommendations and improve platform performance.
  • Detect and prevent fraud, abuse, and security incidents.
  • Comply with legal obligations under Sri Lankan law.

03Emails & notification preferences

We send two kinds of messages: transactional (booking confirmations, cancellations, security alerts — these are essential and always sent) and optional updates (booking reminders and in-app notifications).

You can control optional notifications any time from your notification preferences page.

04Google Calendar API & user data

If you connect your Google Calendar account to Gamanee as a host to coordinate room bookings, we access your Google Calendar data to:

  • Retrieve, create, or update events representing blocked/unavailable dates for your registered property rooms.
  • Maintain an automated scheduling system to prevent booking overlaps.

Our Google Calendar commitments:

  • No storage of personal events: we do not fetch, inspect, or store personal calendar event descriptions, titles, attendees, or details — we only process date blockages.
  • No sharing: we do not share, rent, sell, or transfer your Google Calendar information or Google user data to any third parties for any purpose, including marketing or advertising.
  • Revocation: you can disconnect your Google account at any time via the Calendar Settings page, which immediately deletes all Google OAuth tokens from our servers and revokes access.

05When we share information

We never sell your personal data. We share it only with:

  • Hosts and guests — the minimum needed to complete a booking (e.g. your name and stay dates go to your host).
  • Service providers — payment processors, email delivery, cloud hosting, and analytics providers, bound by confidentiality obligations.
  • Legal authorities — when required by law or to protect the safety of our users.

06Data security & retention

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. All payment and API transactions are encrypted using SSL/TLS.

We retain your data while your account is active. If you delete your account, it enters a 14-day grace period after which your profile, notifications, and personal data are permanently removed from our systems.

07Your rights & choices

You can, at any time:

  • Access and update your personal information from your profile page.
  • Request a copy of the data we hold about you.
  • Request correction of inaccurate data.
  • Delete your account — self-service from your security settings, with a 14-day window to change your mind by simply signing back in.
  • Object to or restrict processing of your data.

08Cookies & tracking

We use cookies and similar technologies to keep you signed in, remember preferences, and understand how the platform is used. Essential cookies are required for sign-in and booking to work; analytics cookies can be blocked in your browser settings without breaking core features.

09Children's privacy

Our services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children. If you believe a child has provided us data, contact us and we will delete it.

10Changes to this policy

We may update this policy as the platform evolves. Material changes will be reflected in the "Last updated" date above, and significant changes will be announced by email or in-app notice.

Questions about this policy?

Our team is happy to clarify anything on this page. Reach us through the contact form or email us directly at gamanee.official@gmail.com.

Contact us