Privacy Policy

1. Introduction

CleanBee ApS ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your data in compliance with GDPR (General Data Protection Regulation) and Danish data protection law.

2. Data Controller

CleanBee ApS is the data controller for your personal data. Contact details:

3. What Data Do We Collect?

3.1 Personal Data You Provide

• Name (first and last name)
• Email address
• Phone number
• Address (where cleaning will be performed)
• CVR number (for business customers)

3.2 Payment Data

When you make a payment, your payment details (card number, expiry date, CVC) are collected directly by our payment provider Stripe. CleanBee never receives or stores your full card details. We only receive a confirmation of the transaction and the last four digits of your card for invoicing purposes.

3.3 Data We Collect Automatically

• IP address
• Browser and device information
• Cookies and similar technologies
• Usage data (page views, clicks)

3.4 Feedback Content

If you submit a review, we may collect your ratings, written comments, and any photos or videos you upload as part of your feedback.

4. Legal Basis for Processing

We process your data based on the following legal grounds:

• Contract: To provide our cleaning services and process payments
• Legitimate Interest: To improve our services, prevent fraud, and secure our platform
• Consent: For newsletters and marketing
• Legal Obligation: To comply with tax, accounting, and anti-money laundering regulations

5. How Do We Use Your Data?

• Process and confirm bookings
• Deliver and coordinate cleaning services
• Issue invoices and process payments via Stripe
• Communicate about your bookings via email and SMS (reminders, changes, invoice links)
• Collect and manage customer feedback and reviews
• Prevent fraud and abuse
• Send newsletters (only with consent)
• Improve our services and website
• Comply with legal obligations

6. Data Sharing with Third Parties

We share your data with the following trusted third parties, solely for the purposes described in this policy:

Payment Processing — Stripe

We use Stripe Payments Europe, Ltd. to process all payments. Stripe receives the personal data necessary to process your transaction, including your name, email address, billing address, and payment details. Stripe processes this data in accordance with their own privacy policy: stripe.com/privacy.

Stripe may use your data to fulfil legal obligations (including anti-money laundering and KYC compliance), prevent fraud, and improve their services.

SMS Communication — Twilio

We use Twilio to send service-related SMS messages (booking confirmations, reminders, review requests, and invoice links). Twilio receives your phone number and message content. Twilio processes this data in accordance with their privacy policy: twilio.com/legal/privacy.

Email & SMS Marketing — Omnisend

We use Omnisend to send marketing communications via email and SMS, including newsletters, campaigns, and offers. Omnisend receives your name, email address, and phone number when you subscribe to our marketing channels. You can unsubscribe at any time via the link in our emails or by contacting us. Omnisend processes your data in accordance with their privacy policy: omnisend.com/privacy.

Consent Management — Usercentrics

We use Usercentrics to manage your cookie consent. Usercentrics stores your consent preferences to ensure we only set cookies you have permitted. Usercentrics processes this data in accordance with their privacy policy: usercentrics.com/privacy-policy.

Other Data Sharing

• Our cleaning staff (only information necessary to perform the job: name, address, time)
• Email providers (for transactional communication)
• Public authorities (when required by law, e.g. SKAT)

We never sell your personal data to third parties.

7. Data Retention

We retain your data for the following periods:

• Customer data: 5 years after last booking
• Invoices and accounting data: 5 years (legal requirement under the Danish Bookkeeping Act)
• Payment transaction data: Stored by Stripe in accordance with their retention policy
• Feedback and review data (including uploaded media): Until deletion is requested
• Newsletter subscribers: Until unsubscription
• Cookies: See our Cookie Policy

8. Your Rights

Under GDPR, you have the following rights:

• Access: Right to obtain a copy of your data
• Rectification: Right to correct inaccurate data
• Erasure: Right to have your data deleted ("right to be forgotten")
• Restriction: Right to restrict processing
• Portability: Right to receive your data in a structured format
• Objection: Right to object to processing

To exercise your rights, contact us at hej@clean-bee.dk. We will respond to your request within 30 days.

For data held by Stripe, you may also contact Stripe directly via their privacy settings at stripe.com.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• SSL/TLS encryption on our website
• PCI DSS compliant payment processing via Stripe
• Encrypted storage of sensitive data
• Access controls and authentication
• Regular security monitoring

10. International Transfers

Some of our service providers (including Stripe and Twilio) may transfer and process data outside the EU/EEA. In such cases, we ensure appropriate safeguards are in place, such as EU Standard Contractual Clauses (SCCs) or approved certification frameworks.

11. Complaints

If you believe we are not processing your data correctly, you can complain to the Danish Data Protection Agency:

12. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be communicated via email or on our website. The latest version is always available on our website.