General Data Protection Regulation

How the GDPR affects the use of Homelike​.

We handle your data with care

At Homelike, we have always handled your data with care – not only since the GDPR. We don’t pass your data on to third parties and we will not use your contact data for advertising purposes unless you have given us your explicit permission to do so.


All in all, you can be sure that your personal data is safe with us!

What does GDPR stand for?

GDPR stands for “General Data Protection Regulation“, a regulation of the European Union that came into effect on May 25, 2018. It covers the entire European Economic Area and applies to companies as well as public authorities.


The aim of the regulation is to strengthen the data protection of private individuals and at the same time make companies more accountable. Previously, there were different laws on data security in every country of the European Union. The GDPR is designed to standardize this patchwork of regulations.

What does this mean in practice?

Internet users have moved into focus and are now better protected against the misuse of personal data throughout Europe. Furthermore, the European Court of Justice has defined every individual’s right to have their data forgotten. Personal data may include the name, age, marital status, address, account details, criminal record, certificates, but also customer data, photos, and videos of individuals.


As a company that is active on the internet, the GDPR requires us to explain transparently which data we store and process and for which purposes we do so. You can find detailed information on how we handle your data at Homelike in our privacy policy.

The GDPR defines the following rights:

  1. The right to information
  2. The right to rectification and erasure (“right to be forgotten”)
  3. The right to limit the processing
  4. The right to object to the processing
  5. The right to data transferability

If you have any further questions regarding this topic, feel free to contact us at

When do we use your data?

1. If we need your data in order to fulfill our contractual obligations (“legitimate interest”)


2. If you have explicitly given your consent

1. Legitimate interest

If you have successfully booked an apartment with Homelike, we will need some of your personal data to fulfill the contract you have concluded with us.


Should one of our contractual partners, e.g. a landlord, require further details or documents from you, you will be asked to send them to them directly. The data will thus not be stored or be processed by us. For B2B clients, the information in their user profiles is usually sufficient to process the entire booking.

2. Customer communication (consent)

If you are interested in further information and news about Homelike, you can subscribe to our newsletter when registering on our platform. You can unsubscribe from the newsletter in your user profile at any time.


The same applies to informative emails with a promotional character. They provide you with relevant information about the city you are moving to or introduce you to local services which might be interesting to you.


In addition, we will send you transactional emails and news about product changes or new features for which you give us your permission when you register. They are essential to our service and help us make your booking experience even more pleasant.

Our data deletion policy

As a Homelike user, you can view, change, and delete your user account at any time. If you would like your personal data to be “forgotten”, we will delete it from our system within 10 working days. Please note that we cannot delete your data as long as you have an active business relationship with us, e.g. if you are currently living in a Homelike apartment or have an active apartment booking.


Tax-related data will be saved by us for a couple of months but will only be disclosed upon government request. It won’t be used for statistics and advertising during this period, either.


Homelike landlords may only use and store your private data to fulfill the rental agreement. They may not pass it on or use it for advertising etc. This applies, in particular, if an apartment was requested but not ultimately booked. In this and similar cases, we oblige our landlords to delete your personal data immediately.

selective focus photo of black and white delete, enter, power button, and F12 computer keys


In order to provide you with the best possible user experience, we work with several partners. These include “Stripe”. Stripe enables us to make simple, fast, and secure payments. For this purpose, we have concluded a data processing agreement (DPA) with Stripe as well as with our other cooperation partners.


Our cooperation with Stripe means that you never provide us with your full credit card or bank details. As a rule, we only receive abbreviated identifiers: the last 4 characters of your IBAN as well as references for your transaction with Stripe. Of course, Stripe also complies with the GDPR. You can find out more about this topic here.

In addition, we work with Salesforce, a software that allows us to meet the needs of our customers in the best possible way. It helps us to draw conclusions about which cities and price segments our customers are interested in. Not only does it make it easier for us to provide you with the information you need but it also enables us to help you solve problems as quickly and efficiently as possible.


We have a further agreement with Hellosign. With Hellosign, Homelike users can sign rental agreements online and it thus enables us to digitize the rental process. This means that both private and corporate customers can book furnished apartments as quickly and easily as hotel rooms and avoid time-consuming on-site appointments.

Provides a fast and secure payment experience

Makes our customer communication easier and more efficient

Allows signing rental agreements online

Europe's largest loyalty program for travelers

Server locations and data encryption

Our booking software was developed in Germany and is hosted on servers in the European Union. The hosting contract is therefore subject to European law including the GDPR.


Our data is stored in the Amazon Virtual Private Cloud. Here, it is protected from external access and can only be accessed via encrypted connections. Furthermore, any communication of user-related data is SSL-encrypted.

Looking for your next home away from home?