Last updated: March 5, 2026
Mjölnix LLC ("I," "me," or "my") operates mjolnix.com and provides direct booking ecosystem services for short-term rental property owners ("Clients"). This Privacy Policy explains how I collect, use, store, and protect personal information from visitors to my website, my Clients, and guests of my Clients' properties ("Guests").
Website Visitors: Anyone who visits mjolnix.com. Clients: STR property owners or managers who use my services. Guests: Individuals who stay at my Clients' properties and interact with systems I manage on the Client's behalf (WiFi splash pages, direct booking websites, email communications).
From Website Visitors: Anonymized analytics via Plausible Analytics (no cookies, no personal data). Information you provide via contact forms or Calendly (name, email, phone).
From Clients: Contact and business information, property details, PMS credentials, branding preferences, and payment information processed via Stripe (I do not store credit card numbers).
From Guests (on behalf of Clients):
| Data Type | How Collected | Purpose |
|---|---|---|
| Email address | WiFi splash page, booking form | Marketing emails on Client's behalf |
| Name | WiFi splash page, booking form | Email personalization |
| Stay dates | PMS integration | Email lifecycle timing |
| Property stayed at | PMS integration | Content personalization |
| Email engagement | Email delivery system | Open/click tracking, unsubscribe status |
| IP address | WiFi splash page | Consent logging only; not stored long-term |
Important: Guest data is collected on behalf of and owned by the Client (the data controller). I process this data as a data processor under my Service Agreement (Section 8).
To respond to inquiries and schedule consultations. To provide services described in the Service Agreement. To send marketing emails from the Client's brand (with Guest consent). To manage the 12-email lifecycle sequence. To track engagement for performance reporting. To honor unsubscribe requests immediately. To process payments via Stripe. To analyze anonymized website performance.
Consent: Guest email collection includes opt-in. Guests may withdraw at any time. Contractual necessity: Client data processed to fulfill Service Agreements. Legitimate interest: Anonymized analytics to improve services.
I do not sell, rent, or trade personal information. I share data only with these service providers:
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Database hosting | Client & Guest data |
| Amazon SES | Email delivery | Guest emails, email content |
| Hetzner | Server hosting | All data in transit/at rest |
| Cloudflare | CDN & security | IP addresses, traffic data |
| Stripe | Payment processing | Client billing only |
| Plausible Analytics | Website analytics | Anonymized pageviews only |
| PriceLabs (Growth+) | Revenue optimization | Property performance data |
Client data: Duration of service + 2 years (tax/legal compliance). Deleted within 30 days upon request. Guest data: Duration of service relationship. Exported to Client and deleted within 30 days of termination confirmation. Visitor data: Contact form submissions retained 1 year. Plausible data is anonymized. Aggregated data: Anonymized, non-identifiable data may be retained for analytics.
I implement appropriate technical and organizational measures: SSH key-only authentication with custom port, UFW firewall, fail2ban brute-force protection, Cloudflare WAF and DDoS protection, HTTPS/SSL on all websites, Supabase Row Level Security isolating each Client's data, API keys stored as environment variables, daily automated backups, and encryption at rest. No method of storage is 100% secure, and I cannot guarantee absolute security.
All Users: Access, correction, deletion (subject to legal retention), and objection to marketing processing.
Guests: Unsubscribe via link in every email (honored immediately). Data portability (CSV). Right to be forgotten — contact the property owner or me directly.
California Residents (CCPA): Right to know what is collected, used, and shared. Right to delete. Right to opt-out of sale (I do not sell personal information). Right to non-discrimination.
To exercise any right: nickceo@mjolnix.com. I respond within 30 days.
All marketing emails comply with CAN-SPAM: clear sender identification, truthful subject lines, physical mailing address in every email, functional unsubscribe in every email, unsubscribes honored within 10 business days. I maintain consent records (timestamp, source) for all addresses collected.
mjolnix.com uses Plausible Analytics — no cookies, no individual tracking, no personal data. I do not use Google Analytics, Facebook Pixel, or any other tracking technologies. Client websites also use Plausible. Third-party booking widgets may set their own cookies per their own policies.
My services are not directed to individuals under 18. I do not knowingly collect information from children.
Changes posted here with an updated date. Material changes communicated to Clients via email. Continued use constitutes acceptance.
Mjölnix LLC · North Myrtle Beach, SC · nickceo@mjolnix.com · mjolnix.com
I respond to all privacy inquiries within 30 days.