Privacy Policy
Last updated: February 10, 2026
1. Introduction
Aparto ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect information when you use our platform at aparto.io.
2. Data Controller
The data controller is Aparto, operated by Bojan Maric, based in Bosnia and Herzegovina. For payment processing, Dodo Payments (dodopayments.com) acts as the Merchant of Record and has its own privacy policy for billing-related data.
3. Information We Collect
We collect information you provide directly: account information (name, email, password), property details (names, descriptions, photos, pricing), guest inquiry data (name, email, phone, message), and payment information (processed by Dodo Payments — we do not store credit card details). We also collect automatically: usage data (pages visited, features used), device information (browser type, operating system), and IP address and approximate location.
4. How We Use Your Information
We use your information to: provide and maintain our services, generate your property website, process translations and generate content, send service-related notifications, process payments through Dodo Payments, improve our platform, and comply with legal obligations.
5. Data Sharing
We share data with: Dodo Payments (payment processing — as Merchant of Record), hosting providers (for website hosting), and Cloudflare (CDN and DNS services). We do NOT sell your personal data to third parties. We do NOT share guest inquiry data with anyone except the property owner who received the inquiry.
6. Guest Data
When guests submit inquiries through your Aparto website, their data (name, email, phone, message) is stored on our platform and made available to you, the property owner. As a property owner, you are responsible for handling guest data in compliance with applicable privacy laws. We do not use guest data for marketing purposes.
7. Data Retention
Account data is retained for the lifetime of your account plus 90 days after cancellation. Property and booking history data is retained for as long as your account is active. Guest inquiry data is retained for as long as the property owner's account is active. You can request deletion of specific data at any time by contacting us.
8. Data Security
We implement appropriate technical and organizational measures to protect your data, including: encrypted connections (HTTPS/TLS), secure password hashing, access controls and authentication, and regular security reviews. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.
9. Cookies
We use essential cookies for: authentication and session management, language preferences, and security (CSRF protection). We do not use advertising or tracking cookies. Third-party services (Dodo Payments, Cloudflare) may set their own cookies as described in their respective privacy policies.
10. Your Rights
You have the right to: access your personal data, correct inaccurate data, request deletion of your data, export your data in a portable format, object to processing of your data, and withdraw consent at any time. To exercise these rights, contact us at [email protected].
11. International Transfers
Your data may be processed in countries outside Bosnia and Herzegovina. We ensure appropriate safeguards are in place for any international data transfers in accordance with applicable data protection laws.
12. Children's Privacy
Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we learn that we have collected data from a child, we will delete it promptly.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify registered users of significant changes via email. The latest version will always be available at aparto.io/privacy.
14. Contact
For privacy-related questions or to exercise your rights, contact us at: [email protected]