Tidize
Legal

Privacy Policy

Effective: May 25, 2026

Placeholder — do not launch without replacement. This page renders Tidize's policy. Final text must be generated by Termly or Iubenda (or reviewed by counsel) and pasted into this route before public launch. See SETUP-LEGAL.md for instructions.

This Privacy Policy explains how Tidize (“Tidize”, “we”, “us”) collects, uses, and shares information about you when you use our website, booking platform, and related services (the “Service”).

1. Information we collect

We collect:

  • Account data: name, email address, password (hashed by Firebase Authentication), and role (customer or cleaner).
  • Booking data: service address, ZIP code, apartment / unit, phone number, gate or building code, parking notes, pet information, access instructions, scheduled date and time, home size (bedrooms, bathrooms, square footage), and the price you were quoted.
  • Cleaner application data: phone, city, service preferences, years of experience, availability, and (when implemented) identity verification documents.
  • Payment data: processed by Stripe. Tidize does not store full card numbers. We receive and store a payment intent ID, payment status, and the last four digits of the card for receipt purposes.
  • Usage data: standard server logs (IP address, user-agent, request path, timestamp) retained for up to 90 days for security and abuse-prevention purposes.

2. How we use information

  • To match customers with cleaners and fulfill bookings.
  • To process payments and pay cleaners through Stripe Connect.
  • To send transactional emails (booking confirmation, cleaner assignment, account notifications) via Resend.
  • To prevent fraud, abuse, and unauthorized access.
  • To comply with legal obligations.

3. Sharing

We share information only with:

  • The assigned cleaner on a booking — they see your address, phone, and access instructions once they accept the job.
  • Service providers who process data on our behalf: Google Firebase (authentication, database, hosting), Stripe (payments), Resend (email), and Vercel (hosting). Each is contractually bound to confidentiality.
  • Law enforcement when required by valid legal process.

We do not sell personal information.

4. Your rights

Depending on where you live, you may have the right to access, correct, delete, or export your personal information, and to object to or restrict certain processing. To exercise these rights, email support@tidize.com.

5. Data retention

Account data is retained while your account is active and for a reasonable period after deletion to satisfy legal and accounting obligations. Booking records are retained for seven years (US tax-record norm). Server logs are retained for up to 90 days.

6. Security

All data is transmitted over HTTPS. Firestore documents are protected by per-user security rules, and our payment provider (Stripe) is PCI-DSS Level 1 certified. No system is perfectly secure; report suspected vulnerabilities to support@tidize.com.

7. Children

The Service is not directed to children under 16, and we do not knowingly collect their information.

8. Changes

If we make material changes to this Policy, we will notify you by email or by posting a notice on the Service before the changes take effect.

9. Contact

Tidize — support@tidize.com.