Legal
Privacy Policy
We take your privacy seriously. This policy explains what data we collect, how we use it, and the rights you have over it.
Last updated: April 2026
1.Who We Are
Hisland Reserve is a SaaS platform for co-working spaces and managed workplaces. The platform is operated by Hisland AB, a Swedish company. When this policy refers to “we”, “us”, or “Reserve”, it means Hisland AB. For data protection enquiries, contact us at privacy@hisland.com.
2.What Data We Collect
We collect data in three categories:
Account information
Name, email address, password (hashed), company name, and profile photo if provided. Space owners additionally supply billing address and VAT number.
Booking and usage data
Resources booked, booking timestamps, cancellations, payment amounts, and calendar preferences (iCal sync tokens). Guest bookings additionally store a hashed cancellation token tied to an email address.
Usage analytics
Aggregated, anonymised page views and feature-usage events to help us improve the product. We do not track individual browsing behaviour across third-party sites.
3.How We Use Your Data
- —Delivering the Reserve service — account management, booking processing, notifications.
- —Transactional email — booking confirmations, cancellation links, invoices.
- —Fraud prevention and security — detecting unusual login patterns or abuse.
- —Product improvement — anonymised analytics to understand which features are used.
- —Legal obligations — retaining records required under Swedish accounting law (Bokföringslagen).
4.Data Sharing
We do not sell your personal data. We share data only with the following sub-processors, under contractual data-processing agreements:
| Processor | Purpose | Location |
|---|---|---|
| Polar | Subscription billing and invoicing | EU |
| Klarna | Guest payment processing | EU (Sweden) |
| Supabase | Database and file storage | EU |
| Vercel | Application hosting and edge delivery | EU/US (SCCs) |
Space owners (your employer or workspace operator) can access booking data for resources they manage. They are independent data controllers for their tenant and member data.
5.Cookies
Reserve uses a minimal cookie footprint. We do not use advertising or cross-site tracking cookies.
Keeps you signed in during your browsing session. Deleted when you close the browser.
Remembers your theme (light/dark) preference.
Prevents cross-site request forgery. Required for form submissions.
6.Data Retention
We retain personal data for as long as your account is active or as needed to provide the service.
- —Account data is deleted within 30 days of account closure upon request.
- —Booking records are retained for 7 years to comply with Swedish accounting law.
- —Guest booking data (email + cancellation token) is deleted 90 days after the booking end date.
- —Analytics data is anonymised after 12 months.
7.Your Rights (GDPR)
If you are in the European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):
Access
Request a copy of the data we hold about you.
Rectification
Correct inaccurate or incomplete data.
Erasure
Request deletion of your data (“right to be forgotten”).
Portability
Receive your data in a machine-readable format.
Restriction
Request that we restrict processing of your data.
Objection
Object to processing based on legitimate interests.
To exercise any of these rights, email privacy@hisland.com. We will respond within 30 days. If you are unsatisfied with our response, you have the right to lodge a complaint with Integritetsskyddsmyndigheten (IMY), the Swedish supervisory authority.
8.Security
We implement industry-standard technical and organisational measures to protect your data: TLS encryption in transit, AES-256 encryption at rest for sensitive fields, row-level security on the database, and regular access reviews. Passwords are hashed with bcrypt and never stored in plain text.
9.Changes to This Policy
We may update this policy from time to time. When we make material changes, we will notify registered users via email at least 14 days before the changes take effect. Continued use of Reserve after that date constitutes acceptance of the updated policy.
10.Contact
For any privacy-related questions, contact our data protection team at privacy@hisland.com. Our postal address is Hisland AB, Kungsgatan 12, 111 35 Stockholm, Sweden.