Privacy Policy
Last updated: April 23, 2026
StayGuard (“StayGuard”, “we”, “our”) operates an identity verification and fraud-screening service for short-term-rental hosts operating in Canada. This policy explains what personal information we collect, how we use it, who we share it with, and your rights under the Personal Information Protection and Electronic Documents Act (PIPEDA) and substantially similar provincial legislation.
If you prefer a plain-language overview, see the privacy summary. This policy controls if the two ever conflict.
1. Who we are and how to contact us
StayGuard is a Canadian business based in Toronto, Ontario. For privacy questions or to exercise your rights under this policy, email privacy@stayguard.ca. We respond within 30 days as required under PIPEDA.
2. Whose information this applies to
- Guests — individuals who complete a StayGuard verification at the request of a host.
- Hosts — individuals who register a StayGuard account to screen their guests.
- Visitors — anyone browsing stayguard.ca or our marketing pages.
3. What we collect and why
From guests, during verification:
- Government-issued photo ID and a selfie, processed by our identity provider (currently Stripe Identity). StayGuard receives only a verification outcome, a report ID, and a masked last-four of the document number — not the underlying images.
- Email address and phone number, used to confirm a reachable channel and to measure signals such as account age (age, not content, feeds the fraud score).
- Payment method details captured by Stripe in its hosted elements. StayGuard stores only a tokenised reference, last-four of the card, brand, and billing ZIP — never the primary account number.
- Booking metadata supplied by the host: guest name, check-in/out dates, total amount, property reference.
From hosts, during signup and operation:
- Name, email, password hash, optional phone for SMS alerts.
- Workspace name, property addresses, and nightly rate.
- Billing information (payment method token, subscription tier) via Stripe. StayGuard does not see or store raw card numbers.
- Usage data: pages viewed, decisions made, timestamps — used for audit and support.
4. Legal basis and consent
We collect guest information with the guest’s express, informed consent. The first screen of every verification explicitly describes what will be collected, what the host will and will not see, and requires an affirmative click to proceed. Consent can be withdrawn at any time by emailing privacy@stayguard.ca.
For hosts and visitors, we rely on the legitimate-business-purpose grounds recognised under PIPEDA (service operation, security, and fraud prevention) together with your acceptance of these terms on signup.
5. What the host can and cannot see
StayGuard is built so the host receives attestations, not evidence. A host sees whether identity was verified, a fraud risk band (low / medium / high), a payment-consistency result, a completeness percentage, and a recommended action. A host never sees raw ID images, full document numbers, selfies, or unmasked contact-age signals.
6. Who we share information with
We share personal information only with the following categories of service providers:
- Stripe, Inc. — identity verification, payments, and subscription billing. Stripe acts as a data processor and is bound by its own privacy policy.
- Twilio, Inc. — sending SMS verification codes and host alerts.
- Resend — transactional email delivery.
- Render, Inc. — application hosting and database storage.
We do not sell personal information. We do not share guest data with advertisers, data brokers, or credit bureaus. We do not perform social-media scraping.
7. Where your data lives
StayGuard’s application servers and primary database run on Render infrastructure located in the United States and Canada. Some service providers (Stripe, Twilio, Resend) may process data in the United States or other jurisdictions under contractual safeguards. Where data crosses borders we rely on the Standard Contractual Clauses or equivalent protections published by our processors.
8. Retention
- Guest verification records (attestations, rules-engine output, audit events) are retained for seven years after the booking’s check-in date to support fraud investigation and any protection claim.
- Underlying identity evidence held by Stripe Identity is retained per Stripe’s policy; StayGuard never stores the raw image.
- Host account data is retained while your workspace is active and for 90 days after cancellation, then deleted except for billing records required by Canadian tax law (retained for seven years).
- Access logs and audit entries are retained for two years.
9. Security
We use transport-layer encryption (HTTPS) for all traffic, encryption at rest for the primary database, per-domain HMAC signing keys, hashed storage for one-time codes, and workspace-level isolation of all business data. Access to production systems is restricted and logged. In the event of a security breach likely to create a real risk of significant harm we will notify affected individuals and the Office of the Privacy Commissioner of Canada as required under PIPEDA.
10. Your rights
Under PIPEDA and similar provincial laws you have the right to:
- Know what personal information we hold about you.
- Request a copy in a machine-readable format.
- Ask us to correct inaccurate or outdated information.
- Withdraw consent, subject to legal or contractual restrictions.
- File a complaint with the Office of the Privacy Commissioner of Canada.
Send requests to privacy@stayguard.ca. We will verify your identity before acting on account-linked requests.
11. Children
StayGuard is not directed at individuals under 18 and we do not knowingly collect personal information from minors. If you believe a minor has submitted information, email privacy@stayguard.ca and we will delete it.
12. Changes to this policy
We may update this policy from time to time. When we do we will update the “Last updated” date at the top and, for material changes, email active account holders at least 14 days before the change takes effect.