Logo
Diventa Host
Logo
  • Diventa Host

Legal

Terms of UsePrivacy PolicyCookie PolicyInsurance PolicyGDPRImpressum

Privacy Policy

2026-06-05

Last updated: 5 June 2026

This Privacy Policy explains how Music Traveler GmbH ("Music Traveler", "we", "us", or "our") collects, uses, shares, and protects your personal data when you use our website, mobile applications, embeddable booking widget, and related services (together, the "Services").

Music Traveler is a marketplace that connects Hosts who list spaces, instruments, and equipment with Users who book them. We are the data controller for the personal data described in this Policy.

Contact:

  • Music Traveler GmbH, Annagasse 1/10, 1010 Vienna, Austria
  • Privacy enquiries: privacy@musictraveler.com
  • Managing Director: Julia Rhee

If you do not agree with this Policy, please do not use the Services.

1. Summary

  • What data do we collect? — Account and profile data, booking and payment data, content you submit, communications, and technical/usage data.
  • Do we collect sensitive data? — No. We do not intentionally collect special-category data.
  • Do we sell your data? — No. We do not sell or "share" personal data for cross-context behavioural advertising.
  • Do we use tracking cookies? — Only analytics, and only after you consent. See our Cookie Policy.
  • Who do we share data with? — Vetted service providers (e.g. payments, hosting, email, analytics) under contract, and the Host or User you transact with.
  • What are your rights? — Access, correction, deletion, portability, restriction, objection, and consent withdrawal. See Section 9.
  • Where can you manage your data? — In your account at Settings → Privacy, or by emailing privacy@musictraveler.com.

2. What data we collect

2.1 Data you provide

  • Account & profile: name, email address, phone number, password (stored hashed), profile photo, preferred language and currency, and contact preferences.
  • Host data: business/contact details, payout details collected and held by our payment processor (Stripe), listing content, availability, and pricing.
  • Booking data: the listings you book, dates and times, number of guests, messages to Hosts, and booking history.
  • Payment data: payments are processed by Stripe. We do not store full card numbers on our own servers; we store limited transaction metadata (amount, currency, status, last4/brand as provided by Stripe). See <https://stripe.com/privacy>.
  • Communications: messages you send through our in-app chat, emails, support enquiries, and contact-form submissions.
  • Verification data: information used to verify your phone number (via our OTP provider, Prelude) and, where you choose social login, the profile data returned by Apple, Google, or Facebook (typically name and email).

2.2 Data collected automatically

  • Device & log data: IP address, browser and device type, operating system, language, referring URLs, and timestamps.
  • Usage data: pages viewed, searches, features used, and interactions, collected via privacy-focused analytics. See the Cookie Policy.
  • Approximate location: derived from your IP address for currency/locale defaults and search relevance. Precise device location is only used if you grant permission in our mobile apps.

2.3 Data we do not collect

We do not intentionally collect special-category data (e.g. health, religion, ethnicity, biometric data). Please do not submit such data through the Services.

3. How we use your data

We use personal data to:

  • create and manage your account and authenticate you;
  • enable bookings between Users and Hosts and operate the marketplace;
  • process payments, payouts, refunds, and security deposits via Stripe;
  • send service communications (booking confirmations, reminders, receipts, security notices);
  • provide customer support and resolve disputes and damage claims;
  • protect the Services against fraud, abuse, and security threats;
  • measure and improve our Services through analytics;
  • send marketing or newsletter communications where you have opted in; and
  • comply with legal, tax, and accounting obligations.

4. Legal bases (EU/UK/Swiss users)

Where the EU GDPR, UK GDPR, or Swiss FADP applies, we rely on the following legal bases:

  • Creating your account; operating bookings; processing payments — Performance of a contract (Art. 6(1)(b))
  • Tax, accounting, and other legal record-keeping — Legal obligation (Art. 6(1)(c))
  • Security, fraud prevention, service communications, product improvement, and analytics aggregation — Legitimate interests (Art. 6(1)(f))
  • Non-essential analytics cookies (e.g. Google Analytics, Microsoft Clarity); marketing emails/newsletter — Consent (Art. 6(1)(a))

You can withdraw consent at any time (Section 9) without affecting processing already carried out.

5. Who we share data with

We share personal data only as needed to run the Services:

  • The other party to your transaction. When you book, we share the information the Host needs to host you (and vice versa) — e.g. name, booking details, and messages.
  • Service providers (processors) under written contracts. Our key sub-processors are:
  • Stripe — Purpose: Payments, payouts, marketplace (Connect); Region: EU / US (global)
  • Cloudflare — Purpose: CDN, security, bot protection (Turnstile), tag management (Zaraz), object storage (R2); Region: Global
  • Railway — Purpose: Application and database hosting; Region: EU / US
  • Resend — Purpose: Transactional email delivery; Region: US
  • Prelude — Purpose: Phone number verification (OTP); Region: Global
  • Google (Maps, Translation, OAuth, Analytics) — Purpose: Maps & geocoding, translation, sign-in, analytics; Region: Global
  • Apple, Facebook (Meta) — Purpose: Social sign-in (OAuth); Region: Global
  • Microsoft Clarity — Purpose: Product analytics / session insights (consent-gated); Region: US
  • Umami — Purpose: Privacy-focused, self-hosted web analytics; Region: EU (self-hosted)
  • Meilisearch — Purpose: Search (self-hosted); Region: EU (self-hosted)
  • Authorities and legal requests where required by law or to protect rights, safety, and the integrity of the Services.
  • Business transfers. In a merger, acquisition, or asset sale, data may transfer to the successor entity, subject to this Policy.

We do not sell personal data and do not share it for cross-context behavioural advertising.

International transfers

Some providers process data outside the EEA/UK. Where they do, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK Addendum) or an adequacy decision.

6. Cookies and analytics

We use a small number of strictly necessary cookies to operate the Services (e.g. login session, security/bot protection). Non-essential analytics tools load only after you consent through our cookie banner, which is powered by Cloudflare Zaraz. You can change your choices at any time via the "Cookie settings" link in the footer or at Settings → Privacy. Full details are in our Cookie Policy.

7. How long we keep data

We keep personal data only as long as necessary for the purposes above:

  • Account data: for the life of your account, then deleted or anonymised after closure (subject to the exceptions below).
  • Booking, payment, and invoicing records: retained for the period required by Austrian tax and commercial law (generally up to 7 years).
  • Support and dispute records: as long as needed to handle the matter and any follow-up.
  • Marketing data: until you unsubscribe or withdraw consent.

We may retain limited data longer where necessary to prevent fraud, resolve disputes, or comply with law.

8. How we protect data

We use appropriate technical and organisational measures, including encryption in transit, hashed passwords, access controls, and reputable infrastructure providers. No system is perfectly secure, so we cannot guarantee absolute security, but we work to protect your data and to notify you and regulators of qualifying breaches as required by law.

9. Your rights

Depending on where you live, you may have the right to:

  • access the personal data we hold about you;
  • correct inaccurate or incomplete data;
  • delete your data ("right to be forgotten");
  • restrict or object to certain processing;
  • request portability of data you provided to us;
  • withdraw consent at any time; and
  • not be subject to decisions based solely on automated processing that produce legal or similarly significant effects.

How to exercise them:

  • Most settings are self-service at Settings → Privacy (update your profile, manage cookie consent, or request account deletion).
  • Otherwise, email privacy@musictraveler.com. We will respond within the time limits set by applicable law (generally one month under the GDPR).

You also have the right to lodge a complaint with a supervisory authority. Our lead authority is the Austrian Data Protection Authority (Österreichische Datenschutzbehörde), Barichgasse 40-42, 1030 Vienna, dsb@dsb.gv.at. UK users may contact the ICO (ico.org.uk); Swiss users may contact the FDPIC.

Account deletion

You can request deletion at Settings → Privacy → Delete account. We will deactivate and delete your account and associated data, except where we must retain certain records (e.g. for tax, fraud-prevention, or legal compliance).

10. Regional disclosures

10.1 United States (California, Colorado, Connecticut, Utah, Virginia, and similar states)

We do not sell personal information and do not "share" it for cross-context behavioural advertising. We do not process sensitive personal information for inferring characteristics. Depending on your state, you may have rights to know, access, correct, delete, and appeal, and the right to non-discrimination for exercising these rights.

We collect the following categories (as defined by the CCPA): identifiers (name, email, IP, account ID), customer-records data (contact and payment information), commercial information (transaction history), internet/usage activity (with consent for analytics), and approximate geolocation. To exercise your rights, email privacy@musictraveler.com. You may use an authorised agent with valid proof of authorisation.

10.2 Canada

We process personal data under PIPEDA on the basis of your consent (express or implied) or as otherwise permitted by law. You may withdraw consent subject to legal and contractual restrictions.

10.3 Australia & New Zealand

We handle personal information consistent with the Australian Privacy Principles and New Zealand's Privacy Act 2020. You may request access or correction, or complain to the OAIC (Australia) or the Office of the Privacy Commissioner (New Zealand).

10.4 Other regions

Additional local rights may apply. Contact us and we will assist where required by law.

11. Children

The Services are intended for users 18 and older (16+ for certain Music Traveler Live events with parental consent). We do not knowingly collect data from children below these ages.

12. Changes to this Policy

We may update this Policy from time to time. We will update the "Last updated" date above and, for material changes, provide additional notice. Continued use of the Services after an update constitutes acceptance of the revised Policy.

13. Contact

Music Traveler GmbH Annagasse 1/10, 1010 Vienna, Austria privacy@musictraveler.com

For company registration and management details, see our Impressum.

Logo

Noleggio alternativo di locali per progetti creativi ed eventi.

Piattaforma

  • Sfoglia locali
  • Inserisci il tuo spazio
  • Luoghi
  • Mappa del sito

Per gli host

  • Inserisci il tuo spazio
  • Widget di prenotazione
  • Servizio tour
  • Inizia

Supporto

  • Centro assistenza
  • Contattaci
  • Sicurezza
  • Partner

Azienda

  • Ambasciatori
  • Blog
  • Missione
  • Stampa

Legale

  • Informativa sulla privacy
  • Termini di servizio
  • Impressum
  • Cookie
Seguici
Scarica l'app:Download on the App StoreGet it on Google Play

© 2026 Music Traveler. Tutti i diritti riservati.

|

Accedi

o

Non hai un account?

Hai già un account?

Ricordi la password?

Controlla la tua email

Abbiamo inviato un link di verifica a

Controlla la tua casella di posta e clicca sul link per verificare il tuo account.

Se non la trovi, controlla la cartella spam.

Non hai ricevuto l'email?

Become a Host First

Building

To subscribe to the SaaS plan, you need a host profile. List your venue first and you'll be able to add the widget subscription afterwards.

List Your VenueArrow

Language & Currency

Language

Currency

Request to Book

Requesting to book

Hosted by the host

The host will be notified by email and can reply through the platform messaging system.