Privacy Policy

CleanerFlow Pro is operated by Luciano & Maria Luiza Rezende, based in San Diego, California. CleanerFlow is a software platform — not a cleaning company. We provide operational tools for cleaning businesses and professionals to run their operations.

This policy applies to: • Visitors to cleanerflow.com • Subscribers (cleaning business owners and solo professionals) • Managers and administrators added by subscribers • Cleaning professionals (cleaners) who use the app • End clients who receive quotes, confirmations, receipts, and communications via SMS or the app

For subscribers and managers: name, email, phone, business address, payment data (processed by Stripe), operational data (schedules, visits, clients, payments). For cleaning professionals: name, phone, preferred language, location data (when the app is in active use), visit history, work notes and photos. For end clients: name, phone, email, property address, service preferences, visit and payment history. For site visitors: basic browsing data (Supabase Auth functional cookies and language preference cookie). Analytics and advertising cookies may be loaded with your consent (see "Cookies and tracking" section).

We use personal data to: • Operate the platform (scheduling, visits, payments, communication) • Send transactional SMS (confirmations, reminders, receipts) • Process payments (via Stripe, Zelle, Venmo — recorded in the system) • Let each role (owner, manager, cleaner, client) see what is relevant to them • Support data migration from other platforms • Improve the product based on aggregated and anonymized usage • Comply with legal obligations

We process data based on: • Contractual necessity: required to deliver the service contracted by the subscriber • Consent: when the user opts into additional features • Legitimate interest: for security, fraud prevention, and product improvement • Legal obligation: when required by applicable law

We share personal data only with: • Supabase (database infrastructure and authentication — hosted in the US) • Stripe (payment processing) • Telnyx (transactional SMS) • Cloud storage providers for work photos With your consent, aggregated and anonymized usage data may be shared with Google Analytics, Google Ads, and Meta for campaign measurement. We do not sell personal data. We do not use one subscriber's data to benefit another.

Data is stored in the United States (AWS us-east-2 via Supabase). If you are outside the US, your data is transferred to the US for processing. We ensure appropriate protections under applicable laws.

Active account data: retained while the account is active. Data after cancellation: retained for 90 days for possible reactivation, then deleted or anonymized. Payment data: retained as required by tax and accounting obligations (typically 7 years). SMS logs: retained for 12 months. Site visitor data: session cookies expire when the browser closes; language cookie expires in 1 year.

You have the right to: • Access your personal data • Correct inaccurate data • Request data deletion • Request data portability • Withdraw consent where applicable • Opt out of non-essential communications To exercise any of these rights, email hello@cleanerflow.com. We respond within 30 days.

Essential cookies (always active): • Supabase Auth cookie (functional, required for login) • Language preference cookie (functional, 1 year) • Consent preference cookie (functional, 1 year) Analytics and advertising cookies (only with consent): • Google Analytics 4 — aggregated usage metrics with anonymized IP • Google Ads — campaign conversion measurement • Meta Pixel — campaign conversion measurement These cookies are only loaded if you click "OK" on the cookie banner. If you click "Decline", no third-party cookies are loaded. You can revoke your consent at any time by clearing site data in your browser.

We implement security measures including: • Encryption in transit (TLS/HTTPS on all connections) • Row Level Security (RLS) in the database by role • Token-based authentication with expiration • Security headers (CSP, HSTS, X-Frame-Options) • Role-restricted access (owner, manager, cleaner, client) • Audit logs for administrative actions

CleanerFlow is not directed at anyone under 18. We do not knowingly collect data from minors.

Operational data entered by the subscriber (clients, properties, schedules, notes, payments) belongs to the subscriber. CleanerFlow is the processor, not the owner of that data. Upon cancellation, the subscriber may request a full data export before deletion.

We may update this policy from time to time. Significant changes will be communicated via email or in-app notification. Continued use after notification constitutes acceptance.