Privacy Policy

Scrubster Cleaning is a trading name of Vernora Digital Limited, a company registered in England and Wales. We are the data controller for the personal information we collect through our website at scrubster.co.uk and our booking platform.

Data Protection Contact: [email protected]

We collect the following categories of personal data:

Information you provide directly:

• Name, email address, and phone number
• Postal address and postcode (to deliver cleaning services)
• Payment card details (processed securely via our PCI-compliant payment provider — never stored on our servers)
• Booking preferences, service selections, and scheduling choices
• Messages, complaints, and correspondence you send us
• Promotional/coupon codes you apply
• Property details relevant to your booking (e.g., number of rooms, pet information, access instructions)

Information collected automatically:

• Device type, operating system, and browser information
• IP address and approximate geographic location
• Pages visited, click paths, and interactions on our website
• Referral source (how you found us)
• Cookies and similar tracking technologies (see our Cookie Policy)

Information from service delivery:

• Completion photos taken by Cleaners as part of our quality assurance process
• Check-in/check-out timestamps
• Service feedback and review content

We use your personal data for the following purposes:

• Service delivery: Processing and managing your cleaning bookings, matching you with vetted Cleaners in your area
• Payment processing: Taking payments, issuing receipts, managing refunds and deposits
• Communication: Sending booking confirmations, reminders, and service-related updates
• Quality assurance: Monitoring service quality through completion photos, feedback, and reviews
• Safety and security: Verifying identities, preventing fraud, and maintaining platform integrity
• Service improvement: Analysing usage patterns to improve our website and services
• Marketing: Sending promotional communications (only with your explicit consent)
• Claims handling: Investigating and resolving damage or theft claims
• Legal compliance: Meeting tax, accounting, and regulatory obligations

We process your data under the following legal bases (UK GDPR Article 6):

• Contract performance (Article 6(1)(b)): Processing necessary to fulfil our service agreement — e.g., managing bookings, processing payments, sharing your address with your assigned Cleaner
• Legitimate interests (Article 6(1)(f)): Improving our services, preventing fraud, ensuring platform security, and internal analytics. We balance these against your rights and only process where the impact on you is minimal
• Consent (Article 6(1)(a)): Marketing communications, non-essential cookies, and any processing where we specifically ask for your agreement. You can withdraw consent at any time
• Legal obligation (Article 6(1)(c)): Tax records, anti-money-laundering checks, and responding to lawful requests from authorities

We share your information only when necessary and with appropriate safeguards:

• Self-employed Cleaners: Your name, address, access instructions, and booking details so they can deliver the service. Cleaners are bound by confidentiality obligations
• Payment processor (Stripe): To securely process card payments. Stripe is PCI DSS Level 1 certified
• Analytics providers (Google Analytics, Microsoft Clarity): Anonymised and pseudonymised usage data to help us improve our website. These services may set cookies (see Cookie Policy)
• Communication platforms: Email service providers for transactional and marketing emails
• Insurance providers: In the event of a damage or theft claim, relevant booking and incident details may be shared with our insurers
• Legal authorities: When required by law, court order, or to protect our legal rights

We never sell your personal data to third parties. We do not transfer data outside the UK/EEA unless the recipient provides adequate protection (e.g., Standard Contractual Clauses or UK adequacy decisions).

We retain your data only for as long as necessary:

• Active account data: Retained while your account is active and for 12 months after your last booking
• Booking and transaction records: 6 years after the service date (HMRC tax requirements)
• Completion photos: 90 days after the service, unless required for an open claim
• Claims and complaints files: 6 years after resolution (limitation period for civil claims)
• Marketing consent records: Retained for as long as consent is active, plus 12 months after withdrawal
• Website analytics data: Anonymised and aggregated — retained indefinitely

When data reaches the end of its retention period, it is securely deleted or anonymised.

Under UK GDPR, you have the following rights:

• Right of access: Request a copy of the personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your data (subject to legal retention requirements)
• Right to restrict processing: Request that we limit how we use your data
• Right to object: Object to processing based on legitimate interests or for direct marketing
• Right to data portability: Receive your data in a structured, machine-readable format
• Right to withdraw consent: Where processing is based on consent, withdraw it at any time without affecting prior processing

To exercise any of these rights, email us at [email protected]. We will respond within one calendar month. There is no fee for making a request, unless it is manifestly unfounded or excessive.

If you are not satisfied with how we handle your request, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

We implement appropriate technical and organisational measures to protect your personal data, including:

• SSL/TLS encryption for all data in transit
• Encrypted storage for sensitive data at rest
• Payment data processed by PCI DSS-compliant providers (never stored on our servers)
• Access controls limiting data access to authorised personnel only
• Regular security reviews and updates
• Cleaner confidentiality agreements covering customer data

In the event of a personal data breach that poses a high risk to your rights and freedoms, we will notify you without undue delay, and in any event within 72 hours of becoming aware of the breach. We will also notify the ICO where required by law. Our notification will describe the nature of the breach, the likely consequences, and the measures taken or proposed to address it.

Our services are not directed at individuals under 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at [email protected] and we will delete it promptly.

We may update this privacy policy from time to time. When we make significant changes:

• We will update the "last updated" date at the top of this page
• We will notify you by email or through a notice on our website

Continued use of our services after changes constitutes acceptance of the updated policy. We encourage you to review this page periodically.

For privacy-related enquiries or to exercise your data rights:

• Email: [email protected]
• Website: scrubster.co.uk/contact

Scrubster Cleaning is a trading name of Vernora Digital Limited, registered in England and Wales.