Nester and Finn Hospitality Terms of Service & Privacy Policy

17.1 General Governing Law

Except as otherwise required by applicable law:

These Terms are governed by and construed in accordance with:

• The laws of the Province of Ontario and the federal laws of Canada, for users accessing the Site from Canada or other jurisdictions outside the United States; and
• The laws of the State of Delaware, for users accessing the Site from the United States.

Conflict-of-law principles that would result in the application of another jurisdiction's laws are excluded to the extent permitted by law.

17.2 Mandatory Consumer Rights (EU and UK Residents)

If you are a resident of the European Union or the United Kingdom, nothing in these Terms is intended to deprive you of the protections afforded to you by mandatory consumer protection or data protection laws of your country of residence, including rights provided under the GDPR or UK GDPR.

Where applicable law requires that certain disputes be governed by, or resolved under, the laws or courts of your country of residence, those requirements will apply notwithstanding Section 17.1.

17.3 Venue

Subject to Section 17.2 and applicable mandatory laws:

• Canadian-related disputes shall be brought exclusively in the courts located in Ontario, Canada.
• U.S.-related disputes shall be brought exclusively in the courts located in Delaware, USA.

20.1 Booking Requirements

A booking is confirmed only when:

• You provide valid identification and payment;
• We accept the booking and send confirmation.

Bookings are non-transferable unless permitted in writing.

20.2 Guest Verification

To protect guests and operations, we may require:

• identity verification;
• payment method validation;
• background checks using third-party ID services;
• security deposit holds.

Failure to complete verification may result in cancellation.

20.3 Pricing and Fees

Pricing may include:

• nightly rate,
• cleaning fee,
• security deposit or pre-authorization,
• taxes (local, state/provincial, federal),
• service or management fees.

You are responsible for:

• additional charges incurred during your stay,
• damages,
• unauthorized late checkout,
• lost keys or access devices,
• violation of property rules.

20.4 Payment Terms

You authorize Nester or its payment processor to:

• charge the full booking cost at time of reservation or check-in (depending on location),
• place and release security deposit holds,
• charge additional amounts for damages or rule violations.

20.5 Check-In and Check-Out

Standard times:

• Check-in: 4:00 PM
• Check-out: 11:00 AM

Unauthorized late checkout may incur additional fees.

Guests must follow check-in procedures provided in the confirmation email or digital guidebook.

20.6 House Rules

Guests must comply with:

• occupancy limits,
• noise restrictions,
• smoking/vaping bans,
• pet policies,
• waste disposal procedures,
• building rules (if applicable).

Violation may result in eviction without refund.

20.7 Cancellations, Modifications & Refunds

Cancellations are governed by the cancellation policy shown at booking.

Flexible rate booking - the guest may cancel their booking for a full refund up to 72 hours before their arrival time.

Pre-paid fully refundable rate booking - the guest may cancel their booking within 24 hours following time of booking for a full refund. Any cancellations after this time has elapsed are ineligible for a refund.

Nester reserves the right to:

• cancel reservations for safety, maintenance, fraud, or property issues;
• rebook guests into an equivalent property or provide a refund.

Refunds are issued only in accordance with the stated policy.

20.8 Maintenance, Damage & Security Deposits

Guests must:

• report property issues promptly,
• keep the property reasonably clean,
• avoid damaging furnishings or equipment.

We may charge for:

• excessive cleaning,
• smoke or pet remediation,
• repair or replacement of damaged items,
• violation of occupancy or noise rules.

20.9 Safety & Security

Guests must comply with:

• fire safety procedures,
• emergency instructions,
• lock and key protocols.

We may use noise-monitoring devices (not recording audio) to enforce house rules.

20.10 Prohibited Uses of Properties

You may not use a Nester property for:

• parties or events,
• commercial filming unless approved,
• illegal activity,
• dangerous materials or weapons,
• subletting or short-term re-rental.

20.11 Property Access

Nester staff or authorized contractors may enter the unit for:

• maintenance,
• repairs,
• safety checks,
• emergencies.

We provide notice whenever practical, except for emergencies.

20.12 Consequences of Rule Violations

Violations may result in:

• immediate removal from the property,
• cancellation without refund,
• charges to your payment method,
• reporting to authorities where appropriate.

2.1 Information You Provide

This includes:

Account & Profile Information

• Name
• Email address
• Phone number
• Mailing address
• Passwords or authentication credentials
• Government-issued ID (for verification)
• Date of birth (for age verification)

Booking & Stay Information

• Reservation details
• Payment information (collected by our payment processor)
• Guest preferences
• Special requests
• Communication history with Nester
• Incident reports or complaints

Verification Information

When required for safety, fraud prevention, or local regulations:

• ID photos
• Biometric match results (from third-party ID verification tools; Nester does not store biometric templates)
• Third-party identity validation response

Communications

• Emails
• Messages sent through the Site
• Call recordings (where permitted by law)
• Property or guest support inquiries

2.2 Information Collected Automatically

When you use our website or digital services, we collect:

Device & Technical Data

• IP address
• Browser type
• Operating system
• Device identifiers
• Wi-Fi strength or connectivity information

Usage Data

• Pages visited
• Time on site
• Clicks and interactions
• Error logs and crash data

Location Information

• Approximate location based on IP address
• Precise location if enabled by your device permissions

Property Safety Technology

Some properties may use:

• Noise monitoring sensors (non-audio recording)
• Wi-Fi network logs (device MAC addresses anonymized where possible)
• Access control systems (entry timestamps)
• Security cameras in common areas only

We never place cameras or recording devices inside units, bathrooms, bedrooms, or private spaces.

2.3 Information From Third Parties

We may receive information from:

Identity Verification Providers

• ID authenticity checks
• Fraud prevention signals

Payment Processors

• Payment confirmation
• Chargeback notices

Marketing Partners

• Advertiser data
• Analytics results

Travel Platforms & Booking Partners

If you book via a partner (e.g., Expedia, Airbnb), they may provide:

• Reservation data
• Guest details

Government Authorities

Only where required by law or for safety incidents.

3.1 To Provide the Services

• Create and manage your account
• Process bookings and payments
• Verify your identity
• Communicate booking confirmations and stay details
• Provide check-in/check-out instructions
• Deliver customer support

Communications preferences and consents are managed in accordance with applicable laws, including the Telephone Consumer Protection Act (TCPA).

3.2 To Maintain Safety and Security

• Prevent fraud and unauthorized access
• Determine compliance with property rules
• Investigate safety-related incidents
• Protect guests, staff, and property

3.3 To Improve and Personalize the Experience

• Enhance website performance
• Tailor recommendations
• Understand usage trends
• Improve our operations and property design

3.4 For Legal and Regulatory Compliance

• Tax and regulatory reporting
• Responding to lawful requests
• Recordkeeping
• Ensuring compliance with hospitality and rental laws

3.5 For Marketing (with your choices/respect to opt-out requirements)

• Email communications
• Promotions and special offers
• Advertising campaigns

You may opt out of marketing communications at any time via email unsubscribe links or account settings.

4.1 Service Providers & Contractors

We use trusted partners for:

• payment processing
• identity verification
• analytics and reporting
• customer service tools
• property maintenance
• IT hosting and security

These partners are contractually required to:

• protect your data
• use it only for permitted purposes
• comply with privacy laws

4.2 Business Operations

We may share data within the Nester corporate group including our U.S. subsidiary for purposes of:

• reservation processing
• customer service
• analytics
• operational management

4.3 Compliance and Legal

We may disclose information:

• to meet legal obligations
• in response to court orders, warrants, or regulatory requests
• to protect safety and security
• to prevent, detect, or investigate fraud or illegal activity

4.4 Business Transfers

If Nester undergoes a merger, acquisition, corporate restructuring, or sale of assets, personal information may be transferred as part of the transaction.

4.5 With Your Consent

We share information when you specifically authorize it.

8.1 Rights for EU and UK Residents (GDPR / UK GDPR)

If you are located in the European Union or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR) or UK GDPR, subject to applicable legal limitations:

• Right of Access – to request confirmation of whether we process your personal data and obtain a copy of that data
• Right to Rectification – to request correction of inaccurate or incomplete personal data
• Right to Erasure ("Right to be Forgotten") – to request deletion of your personal data where legally permitted
• Right to Restrict Processing – to request that we limit processing of your personal data in certain circumstances
• Right to Data Portability – to receive your personal data in a structured, commonly used, and machine-readable format
• Right to Object – to object to processing based on legitimate interests or for direct marketing purposes
• Right to Withdraw Consent – where processing is based on consent, you may withdraw it at any time (without affecting the lawfulness of processing prior to withdrawal)

Where we process biometric data or other special categories of data, we do so only where permitted by law and subject to appropriate safeguards.

You also have the right to lodge a complaint with your local data protection authority:

• EU: the supervisory authority in your country of residence
• UK: the Information Commissioner's Office (ICO)

8.2 Rights for U.S. Residents

Depending on your state of residence (including California, Virginia, Colorado, Connecticut, Utah, Texas, and others), you may have rights under applicable U.S. privacy laws, which may include:

• The right to know what personal information we collect, use, and disclose
• The right to access or receive a copy of your personal information
• The right to request deletion of personal information
• The right to correct inaccurate personal information
• The right to opt out of certain data uses (such as targeted advertising, where applicable)
• The right not to be discriminated against for exercising privacy rights

Where biometric data is collected, additional rights may apply under applicable state biometric privacy laws.

8.3 Rights for Canadian Residents

If you are located in Canada, you have rights under applicable federal and provincial privacy laws, including PIPEDA and provincial statutes, which may include:

• The right to access your personal information
• The right to request correction of inaccurate information
• The right to withdraw consent, subject to legal or contractual restrictions

Residents of Quebec have additional rights under Law 25, including enhanced transparency and portability rights.

8.4 Rights for Californian Residents

This section applies solely to residents of the State of California, pursuant to the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

Categories of Personal Information Collected

In the preceding 12 months, we may have collected the following categories of personal information:

• Identifiers (such as name, email address, phone number, government ID)
• Commercial information (booking history, payment details)
• Internet or electronic activity information
• Geolocation data (general location)
• Biometric information (where required for identity verification)
• Inferences drawn from the above information

Use and Disclosure

We collect and use personal information for business and commercial purposes described in this Privacy Policy, including providing services, processing bookings, identity verification, security, fraud prevention, customer support, and legal compliance.

We may disclose personal information to service providers and contractors for these purposes. We do not sell personal information as defined under the CCPA.

Sensitive Personal Information

Where we collect sensitive personal information, including biometric data, we do so only for permitted business purposes and do not use such information to infer characteristics about individuals.

Your California Rights

California residents have the right to:

• Know what personal information we collect, use, and disclose
• Request access to or deletion of personal information
• Request correction of inaccurate personal information
• Limit the use of sensitive personal information (where applicable)
• Not be discriminated against for exercising privacy rights

Requests may be submitted as described in 8.4 Exercising Your Rights.

8.4 Exercising Your Rights

You may exercise your privacy rights by contacting us at:

• 📧 privacy@nesterandfinn.com
• 📮 28 Notre-Dame St East, Suite 20, Montréal, QC H1N 3P2

We may require verification of your identity before responding to requests. Authorized agents may submit requests on your behalf where permitted by law.

We will respond within the timeframes required by applicable law.

Nester does not sell personal information.