Privacy Policy

HyRize Solutions ('HyRize', 'we', 'us', 'our') is a property management company based in Malta, providing short-let management and related services to property owners across the Maltese islands.

HyRize Solutions acts as the data controller for personal information collected through this website and through the provision of our services. If you have any questions about how we handle your data, please contact us at info@hyrizesolutions.com.

We may collect the following categories of personal information:

Contact and enquiry data — when you submit a form on our website, we collect your name, email address, and the content of your message.

Client data — when you engage HyRize for property management, we collect information necessary to deliver the service, including your name, contact details, property address, financial information for invoicing, and identity documents where required by law or regulation.

Guest data — for the purpose of short-let management, we may process basic information about guests staying at properties we manage, including names and contact details provided through booking platforms.

Usage data — like most websites, we may automatically collect technical information such as IP addresses, browser type, and pages visited. This data is used in aggregated form and does not personally identify you.

We collect personal information through: (a) enquiry and contact forms on our website; (b) direct communication by email, phone, or in person; (c) signed Management Agreements and onboarding documentation; (d) booking platforms and channel management systems through which guest reservations are made; and (e) third-party service providers involved in property management operations.

We process your personal data on the following legal bases under the General Data Protection Regulation (GDPR):

Contractual necessity — processing required to fulfil or enter into a contract with you, such as managing your property or responding to a service enquiry.

Legitimate interests — processing carried out for our legitimate business interests, including maintaining client relationships, improving our services, and ensuring the security of managed properties.

Legal obligation — processing required to comply with applicable laws, including tax obligations, anti-money laundering requirements, and regulations imposed by the Malta Tourism Authority.

Consent — where we request your consent for a specific processing activity (such as direct marketing), you may withdraw that consent at any time without affecting the lawfulness of processing already carried out.

We use the information we collect to: (a) respond to enquiries and provide the services requested; (b) manage the day-to-day operations of properties under our management; (c) coordinate maintenance, cleaning, and other service providers on your behalf; (d) handle bookings, guest check-ins, and communications through approved booking platforms; (e) issue invoices and manage payment; (f) comply with legal and regulatory obligations in Malta; (g) communicate service updates, changes to terms, or important operational matters; and (h) improve our internal processes and service quality.

We do not sell personal data to third parties and do not use your data for unsolicited direct marketing without your consent.

We may share personal data with the following categories of recipients, strictly for the purposes outlined in this policy:

Service providers — including cleaning companies, maintenance contractors, and other operational partners involved in the management of your property. These parties process data only on our instruction.

Booking platforms — short-let platforms such as Airbnb, Booking.com, and similar services, through which guest reservations are managed. These platforms operate their own privacy policies.

Professional advisors — including accountants, legal advisors, and insurance providers, where necessary for the operation of our business.

Regulatory and government authorities — including the Malta Tourism Authority, the Commissioner for Revenue, or other bodies as required by law.

We require all third parties to maintain appropriate security standards and to use personal data only for the purpose for which it was shared.

Some of the third-party services we use (including booking platforms and communication tools) may store or process data outside Malta or the European Economic Area (EEA). Where this occurs, we ensure that appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission or adequacy decisions, to ensure your data remains protected to EU standards.

We retain personal data only for as long as necessary for the purposes set out in this policy, or as required by law.

Enquiry data submitted via our contact form is retained for up to twelve (12) months unless an ongoing client relationship is established.

Client and contractual data is retained for a minimum of seven (7) years following the end of the Management Agreement, in line with Maltese tax and record-keeping requirements.

Guest data is retained for the period required by the relevant booking platform and applicable Maltese regulations governing short-let accommodation.

When data is no longer required, it is securely deleted or anonymised.

As a data subject, you have the following rights under the GDPR:

Right of access — you may request a copy of the personal data we hold about you.

Right to rectification — you may ask us to correct any inaccurate or incomplete data.

Right to erasure — in certain circumstances, you may request that we delete your personal data.

Right to restriction — you may ask us to restrict how we process your data in certain situations.

Right to data portability — you may request that we provide your data in a structured, commonly used, machine-readable format.

Right to object — you may object to processing based on legitimate interests or for direct marketing purposes.

Right to withdraw consent — where processing is based on your consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at info@hyrizesolutions.com. We will respond within one month of receiving your request. If you are dissatisfied with how we handle your data, you have the right to lodge a complaint with the Information and Data Protection Commissioner (IDPC) of Malta at idpc.org.mt.

Our website uses cookies to provide core functionality, remember your preferences, and analyse how the site is used. A cookie is a small text file placed on your device when you visit our site.

We use a cookie consent mechanism to obtain your agreement before placing non-essential cookies. You may adjust your cookie preferences at any time through the banner displayed on your first visit.

Essential cookies are required for the website to function and cannot be disabled. Analytics and preference cookies are only used with your consent.

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, or disclosure. However, no data transmission over the internet can be guaranteed to be completely secure, and we cannot accept responsibility for unauthorised access beyond our reasonable control.

Access to personal data within HyRize is restricted to those who need it to fulfil their role.

Our website may contain links to third-party websites, including booking platforms and other services. We are not responsible for the privacy practices of those websites and encourage you to review their privacy policies independently.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The most recent version will always be published at hyrizesolutions.com/privacy-policy with the date of last update noted at the top of the page.

Where changes are material, we will notify active clients directly.

For any questions, concerns, or requests relating to this Privacy Policy or the way we handle your personal data, please contact us:

HyRize Solutions Email: info@hyrizesolutions.com Phone: +356 99006011/9

If you are not satisfied with our response, you may contact the Information and Data Protection Commissioner (IDPC) of Malta, the relevant supervisory authority in Malta under the GDPR.