← Back to SecuredStays
Legal

Privacy Policy

Last Updated: April 13, 2026

SecuredStays LLC (a Grimaxca Enterprises LLC Company) · Last updated: March 2026

Plain language summary: SecuredStays collects only the information needed to run a verified housing platform — your identity, professional credentials, and payment data. We do not sell your data, use advertising networks, or share your screening results with property owners. Owners see only whether you are "Verified." Nothing more.

Contents
OverviewData We CollectHow We Use ItThird PartiesFCRA RightsCalifornia RightsGDPR RightsData RetentionSecurityMinorsChangesContact

1. Overview & Scope

This Privacy Policy applies to all services operated by SecuredStays LLC, including the securedstays.com website, mobile applications, and all platform features. It describes how we collect, use, store, and protect your personal information and the rights you have over that information.

SecuredStays operates as a verified housing network for traveling healthcare professionals and verified property owners. Because both sides of the platform undergo identity and background screening, we collect more personal information than a typical marketplace. We take that responsibility seriously.

By creating an account or using SecuredStays services, you acknowledge this Privacy Policy. If you do not agree, do not use the platform.

2. Information We Collect

CategorySpecific DataWho It Applies ToHow Collected
Account InformationName, email address, username, password (hashed), role (traveler or owner), account creation dateAll usersYou provide at signup
Identity VerificationGovernment-issued ID document, facial image for biometric matching. Processed by Stripe Identity — SecuredStays does not store biometric data.All usersStripe Identity verification flow
Professional CredentialsNursing license number, license state, license status (via Nursys e-Notify), professional role, agency assignment detailsTravelersYou provide; verified via Nursys API and recruiter contact
Background ScreeningCriminal background check results, eviction history, credit evaluation. Processed by a licensed Consumer Reporting Agency (CRA). Results communicated to SecuredStays only as eligibility determination.All usersCRA screening — governed separately by FCRA
Property InformationProperty address, listing details, ownership documentation, ZIP code, geocoordinatesProperty ownersYou provide at listing creation; verified via ATTOM Data
Contact & ProfilePhone number, home address, profile preferencesAll usersYou provide in profile settings
Platform ActivityMessages sent and received (stored for dispute resolution), listings saved, housing requests submitted, connection historyAll usersGenerated by platform use
Payment DataMembership payment records, escrow transaction records. Card numbers and banking details are never stored by SecuredStays — processed entirely by Stripe and Escrow.com.All usersStripe / Escrow.com
Technical DataIP address, browser type, device type, session data (via Supabase authentication)All usersAutomatically collected on platform access

3. How We Use Your Information

SecuredStays uses personal information only for the following purposes:

  • Platform operation — Creating and maintaining your account, verifying your identity, processing membership payments, enabling messaging between verified parties
  • Verification and screening — Confirming professional credentials via Nursys, conducting background screening via our CRA, verifying property ownership via ATTOM Data
  • Eligibility determination — Determining which membership pathway (Standard or Enhanced Assurance) you qualify for based on screening results
  • Safety and fraud prevention — Detecting unauthorized access, preventing fraudulent listings, investigating reported misconduct
  • Legal compliance — Meeting FCRA requirements, responding to lawful government requests, maintaining records required by law
  • Platform communications — Sending account notifications, verification updates, screening result notices, and material policy changes
  • Dispute resolution — Using message history and transaction records to resolve escrow disputes or conduct violations

We do not use your information for advertising, profiling for marketing purposes, or any purpose not listed above.

4. Third-Party Services & Data Sharing

SecuredStays shares personal information with third parties only when necessary to operate the platform. We do not sell personal information. We do not share data with advertising networks.

ProviderPurposeData SharedTheir Privacy Policy
StripeIdentity verification, payment processingGovernment ID, facial image (for identity), payment method detailsstripe.com/privacy
SupabaseDatabase and authentication infrastructureAll account and platform data (stored securely in our database)supabase.com/privacy
Licensed CRABackground, eviction, and credit screeningName, address, date of birth, SSN (for screening only)Disclosed in FCRA Authorization form at screening
Nursys / NCSBNNursing license verificationLicense number, license statenursys.com/Privacy.aspx
ATTOM DataProperty ownership verificationProperty address (cross-referenced against public deed records)attomdata.com/privacy-policy
MapboxListing map displayListing geocoordinates (not your personal location)mapbox.com/legal/privacy
Escrow.comPlacement escrow transactionsName, payment details for escrow fundingescrow.com/privacy

What property owners see: Owners never see your credit score, criminal record, eviction history, or which membership pathway you are on. They see only that you are "Verified" or "Verified — Enhanced Assurance." No photos. No full legal name. Username only.

Legal disclosures: We may disclose personal information if required by law, court order, or to protect the safety of users or the public.

5. Your FCRA Rights (Background Screening)

Background, credit, and eviction screening is conducted by a licensed Consumer Reporting Agency (CRA) under the Fair Credit Reporting Act (FCRA). Before screening, you will receive and must sign a separate FCRA Disclosure & Authorization form. Your rights under the FCRA include:

  • The right to know if a consumer report was used against you in an adverse action
  • The right to know the name, address, and phone number of the CRA that provided the report
  • The right to a free copy of your consumer report from the CRA within 60 days of an adverse action
  • The right to dispute inaccurate or incomplete information directly with the CRA
  • The right to add a consumer statement to your file
  • The right to opt out of certain uses of your consumer report

SecuredStays cannot modify screening results. All disputes must be directed to the CRA identified in your adverse action notice. Contact support@securedstays.com to obtain the CRA's contact information.

6. California Resident Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Right to Know — Request disclosure of the categories and specific pieces of personal information we have collected about you
  • Right to Delete — Request deletion of your personal information, subject to certain exceptions (e.g., legal obligations, active escrow transactions)
  • Right to Correct — Request correction of inaccurate personal information
  • Right to Opt Out of Sale — SecuredStays does not sell personal information. This right is automatically satisfied.
  • Right to Non-Discrimination — Exercising your privacy rights will not result in denial of service or different pricing

To exercise these rights, contact us at privacy@securedstays.com. We will respond within 45 days. We may need to verify your identity before processing the request.

7. European & UK Residents (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have rights under the General Data Protection Regulation (GDPR) or UK GDPR including:

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten"), subject to legal obligations
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing based on legitimate interests

Our lawful basis for processing personal data is: contractual necessity (to provide the platform service), legal obligation (FCRA compliance, fraud prevention), and legitimate interests (platform safety and security). We do not process personal data based on consent where another lawful basis applies.

To exercise GDPR rights, contact privacy@securedstays.com. You also have the right to lodge a complaint with your local data protection authority.

8. Data Retention

We retain personal information for as long as your account is active or as needed to provide services, comply with legal obligations, resolve disputes, and enforce agreements.

  • Account data — Retained while your account is active. Deleted within 90 days of a verified account closure request, subject to the exceptions below.
  • Screening results — Retained for the duration required by the FCRA (minimum 7 years for criminal records used in adverse actions) and applicable state law.
  • Messages and transaction records — Retained for 3 years after the relevant placement concludes, for dispute resolution purposes.
  • Financial records — Retained for 7 years as required by tax and financial regulations.
  • Biometric data — Not retained by SecuredStays. Stripe Identity retains biometric data per their own retention schedule.

9. Security

SecuredStays implements industry-standard security practices to protect your personal information:

  • All data transmitted between your browser and our servers is encrypted via TLS/HTTPS
  • Passwords are hashed and never stored in plaintext
  • Database access is restricted via Row Level Security (RLS) policies — users can only access their own data
  • Authentication is managed through Supabase with JWT tokens and session expiry
  • Payment data is never stored on SecuredStays servers — handled entirely by Stripe's PCI-compliant infrastructure

No method of electronic transmission or storage is 100% secure. If you believe your account has been compromised, contact us immediately at support@securedstays.com.

10. Minors

SecuredStays is not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If we become aware that a minor has created an account, we will terminate the account and delete associated data promptly. If you believe a minor has registered, contact support@securedstays.com.

11. Changes to This Policy

We may update this Privacy Policy as the platform evolves or as legal requirements change. Material changes will be communicated to active users via email at least 14 days before taking effect. The "Last updated" date at the top of this page will always reflect the most recent revision. Continued use of the platform after the effective date constitutes acceptance of the updated policy.

12. Contact & Data Requests

For privacy-related inquiries, data access requests, or to exercise any of the rights described in this policy:

SecuredStays LLC

A Grimaxca Enterprises LLC Company

Tampa, Florida

General: support@securedstays.com

Privacy requests: privacy@securedstays.com

We will acknowledge all privacy requests within 5 business days and respond fully within 45 days. Complex requests may require up to 90 days with notice.

13. Account Termination and Data

Upon account termination — whether initiated by you or by SecuredStays — your personal data will be retained as required by applicable law and our data retention obligations. SecuredStays reserves the right to terminate accounts at its sole discretion. For data deletion requests following termination, contact support@securedstays.com.

Terms of ServiceCookie PolicyTraveler PolicyOwner PolicyPlatform Verification