Skip to main content
Andrea: +356 7906 9353
Legal

Privacy Policy

Last updated: 1 May 2026

This Privacy Policy explains how CleanerPlace Ltd. (“CleanerPlace”, “we”, “our”, “us”) collects, uses, and protects your personal data when you visit cleanerplacemalta.com or contact us about our cleaning, linen rental, and property management services in Malta and Gozo.

We process personal data in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”) and the Maltese Data Protection Act (CAP. 586).

1. Who we are (the data controller)

  • Legal name: CleanerPlace Ltd.
  • Registered address: PH 9 Heaven's View, Triq San Mark, Naxxar NXR 4200, Malta
  • VAT number: MT32425818
  • Contact for data queries: [email protected]

We have not appointed a Data Protection Officer because Article 37 GDPR does not require one for our scale and type of processing. All data protection queries should be directed to the email address above.

2. What personal data we collect

We collect the following categories of personal data:

  • Contact details you provide when you message us by WhatsApp, email, or phone, or when you supply property information for a quote: name, email address, telephone number, property address, and any details you choose to share about the work required.
  • Service delivery data generated while we deliver a service: cleaning schedules, condition reports, and damage records linked to a property and a customer account.
  • Website usage data automatically collected when you visit the site: IP address, browser and device information, referring URL, pages viewed, and approximate location derived from IP. This is collected via Cloudflare Web Analytics and (where consented to) Google Analytics 4 via Google Tag Manager. See section 9 for cookies.

We do not knowingly collect special category data (such as health data) and we do not collect data from children under the age of 16.

3. Why we use your data and our lawful basis

We only process personal data where we have a lawful basis under Article 6 GDPR:

  • To respond to your enquiry and prepare a quote, on the basis of taking steps at your request prior to entering into a contract (Article 6(1)(b) GDPR).
  • To deliver the services you have booked, on the basis of the contract between us (Article 6(1)(b) GDPR).
  • To issue invoices and meet our tax, VAT, and accounting obligations as a Maltese company, on the basis of legal obligation (Article 6(1)(c) GDPR).
  • To run aggregated, privacy-respecting site analytics (page views, referrers, performance), on the basis of our legitimate interest in understanding how the site is used and improving it (Article 6(1)(f) GDPR). Where analytics rely on cookies that are not strictly necessary, we ask for your consent (Article 6(1)(a) GDPR).
  • To respond to enforceable requests from authorities and to protect our legal rights, on the basis of legal obligation or legitimate interest as applicable.

4. Who we share your data with

We share personal data only with the parties below, and only to the extent necessary:

  • Cloudflare, Inc. hosts the website and provides Web Analytics. Cloudflare's privacy policy.
  • Google Ireland Limited / Google LLC provides Google Tag Manager and Google Analytics 4 where you have consented. Google's privacy policy.
  • Our accountants and tax advisers in Malta, for invoicing, VAT, and statutory reporting.
  • Our cleaning, linen, and maintenance team members, who receive only the property and scheduling information needed to perform the booking.
  • Maltese tax, regulatory, or law enforcement authorities, where required by law.

We do not sell personal data and we do not share it with third parties for their own marketing purposes.

5. International transfers

Some of our processors (notably Google and Cloudflare) operate globally and may transfer personal data outside the European Economic Area, including to the United States. Where this occurs, the transfer is protected by appropriate safeguards under Chapter V GDPR, typically the European Commission's Standard Contractual Clauses or, for the United States, the EU–U.S. Data Privacy Framework where the recipient is certified under it.

6. How long we keep your data

  • Enquiry and quote correspondence that does not become a booking: up to 24 months from last contact, then deleted.
  • Customer account and service delivery records: for the duration of the relationship and afterwards as required by Maltese tax and accounting law (currently up to 10 years).
  • Invoices and accounting records: retained for the period required by Maltese tax law (currently up to 10 years).
  • Analytics data: retained at the level of aggregation set in our analytics tools (typically 14 to 26 months for event-level data, longer for aggregates).

7. Your rights under the GDPR

You have the following rights, subject to the conditions and exceptions set out in Articles 15 to 22 GDPR:

  • Right of access to a copy of your personal data.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”) where the conditions of Article 17 are met.
  • Right to restrict processing in the circumstances of Article 18.
  • Right to data portability for data you have provided to us where processing is based on consent or contract and is carried out by automated means.
  • Right to object to processing based on legitimate interest.
  • Right to withdraw consent at any time, where processing is based on consent. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, email [email protected]. We will respond within one month, with a possible extension of up to two further months for complex requests, in line with Article 12(3) GDPR.

8. Right to complain

If you believe our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the Maltese supervisory authority:

  • Information and Data Protection Commissioner (IDPC)
  • Floor 2, Airways House, High Street, Sliema SLM 1549, Malta
  • Web: idpc.org.mt

9. Cookies and similar technologies

A cookie is a small text file stored on your device when you visit a website. We use cookies and equivalent technologies for the purposes set out below. We rely on consent for any cookie that is not strictly necessary, in line with the EU ePrivacy Directive and Maltese law.

Strictly necessary

  • Cookies used to remember your cookie preferences and to keep the site functioning. These are set on the basis of legitimate interest and do not require consent.

Analytics

  • Cloudflare Web Analytics is cookieless and runs without consent. It collects aggregated, privacy-respecting usage data.
  • Google Analytics 4 via Google Tag Manager sets cookies (typically _ga, _ga_<property-id>, and similar) to measure how the site is used. These are loaded only after you accept analytics cookies.

You can change your preferences at any time using the cookie banner, or by clearing site cookies in your browser. Most browsers also let you block or delete cookies; doing so may affect site functionality.

10. Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or alteration. The site is served over HTTPS, sensitive credentials are stored only in encrypted environment variables on our hosting platform, and access to customer records is limited to staff who need it to deliver services.

11. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top of this page indicates when the policy was last revised. Significant changes will be communicated where we have your contact details and a lawful basis to do so.

12. Contact us

For any question about this Privacy Policy or our processing of your personal data, contact us at [email protected] or by post at the registered address above.