Gobnb Property Manager ("Gobnb", "we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our website (www.propertymanager.com.mt) and our property management services.
We comply with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the Data Protection Act (Cap. 586 of the Laws of Malta). By using our services or website, you consent to the practices described in this policy.
The data controller responsible for your personal data is:
We may collect and process the following categories of personal data:
3.1 Information You Provide
- Name, email address, phone number, and postal address
- Property details including location, type, and features
- Bank account details for payment processing
- Identification documents for MTA licence applications
- Correspondence and communications with our team
- Referral programme participant details
3.2 Information Collected Automatically
- IP address and browser type
- Device information and operating system
- Pages visited, time spent on site, and navigation paths
- Referral source and search queries
- Cookies and similar tracking technologies (see Section 9)
3.3 Information From Third Parties
- Booking platform data (Airbnb, Booking.com, etc.) related to your property
- Guest information provided through booking platforms
- Referral information submitted by third parties through our referral programme
We use your personal data for the following purposes:
- Service delivery: To manage your property, process bookings, and provide our property management services
- Communication: To respond to your enquiries, send service updates, and provide customer support
- Financial processing: To process payments, generate invoices, and prepare financial statements
- Legal compliance: To comply with MTA regulations, tax obligations, and other legal requirements
- Service improvement: To analyse website usage patterns and improve our services
- Marketing: To send you newsletters and promotional materials (only with your consent)
- Referral programme: To process and track referral submissions and rewards
We process your personal data on the following legal bases under GDPR:
- Contractual necessity (Art. 6(1)(b)): Processing necessary to perform our management agreement with you
- Legitimate interests (Art. 6(1)(f)): Processing necessary for our legitimate business interests, such as improving our services and communicating with you
- Consent (Art. 6(1)(a)): Where you have given explicit consent, such as for marketing communications
- Legal obligation (Art. 6(1)(c)): Processing necessary to comply with legal requirements, including tax and MTA regulations
We may share your personal data with the following categories of recipients:
- Booking platforms: Airbnb, Booking.com, Agoda, VRBO, and other listing platforms necessary for property management
- Service providers: Cleaning teams, maintenance contractors, photographers, and other professionals who assist in managing your property
- Regulatory authorities: Malta Tourism Authority, tax authorities, and other governmental bodies as required by law
- Payment processors: Banks and payment service providers for processing financial transactions
- Professional advisors: Accountants, lawyers, and auditors as necessary
We do not sell your personal data to third parties. All third-party service providers are contractually required to handle your data securely and in accordance with GDPR.
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:
- Active management data: Retained for the duration of our management agreement plus 6 years for legal and tax purposes
- Financial records: Retained for a minimum of 10 years as required by Maltese law
- Marketing data: Retained until you withdraw consent or unsubscribe
- Website analytics data: Retained for up to 26 months
- Contact form submissions: Retained for 2 years unless a business relationship is established
You have the following rights regarding your personal data:
- Right of access (Art. 15): You can request a copy of the personal data we hold about you
- Right to rectification (Art. 16): You can request correction of inaccurate or incomplete data
- Right to erasure (Art. 17): You can request deletion of your personal data in certain circumstances
- Right to restriction (Art. 18): You can request that we restrict the processing of your data
- Right to data portability (Art. 20): You can request your data in a structured, commonly used, machine-readable format
- Right to object (Art. 21): You can object to processing based on legitimate interests or for direct marketing
- Right to withdraw consent (Art. 7(3)): Where processing is based on consent, you may withdraw it at any time
To exercise any of these rights, please contact us at info@gobnb.eu. We will respond to your request within 30 days.
You also have the right to lodge a complaint with the Information and Data Protection Commissioner (IDPC) in Malta: idpc.org.mt.
Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyse site usage. The types of cookies we use include:
- Essential cookies: Required for the website to function properly (session management, security)
- Analytics cookies: Help us understand how visitors interact with our website (e.g. Google Analytics)
- Marketing cookies: Used to deliver relevant advertisements and track campaign performance
You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect website functionality.
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:
- SSL/TLS encryption for all data transmitted via our website
- Access controls and authentication for internal systems
- Regular security reviews and updates
- Staff training on data protection practices
- Secure storage of physical documents
Your personal data is primarily stored and processed within the European Economic Area (EEA). Where data is transferred outside the EEA (for example, to booking platforms with servers in other jurisdictions), we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.
Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us immediately and we will take steps to delete such information.
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and, where appropriate, by email. The "Last updated" date at the top of this policy indicates when it was last revised.
If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:
