Privacy Policy

Last updated: December 2025

1. Data Controller

1.1 Data Protection Officer (DPO) Status

In accordance with Article 37 of the GDPR, the appointment of a Data Protection Officer is required only for organizations that:

• Are public authorities or bodies
• Carry out large-scale systematic monitoring of individuals
• Carry out large-scale processing of special categories of data

DPO Status: As a small business operating a directory service that does not engage in large-scale systematic monitoring or process special categories of personal data, Botzen.lu is not legally required to appoint a DPO under GDPR Article 37.

However, we take data protection seriously. For all privacy-related inquiries, please contact our designated data protection contact at privacy@botzen.lu.

2. Introduction

Botzen.lu ("we", "us", or "our") respects your privacy and is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR - EU 2016/679) and Luxembourg data protection laws.

This privacy policy explains how we collect, use, store, and protect your personal information when you use our website and services.

3. Data We Collect

We collect and process the following categories of personal data:

3.1 Information You Provide

• Smart Match Service: Property type, location preferences, room/service selections, cleaning frequency preferences
• Contact Requests: Name, email address, phone number when contacting companies through our platform

3.2 Automatically Collected Data

• Technical Data: IP address, browser type and version, device information, operating system
• Usage Data: Pages visited, time spent on pages, navigation patterns
• Location Data: Approximate location based on IP address (for providing relevant local results)
• Cookie Data: See our Cookie Policy for details

4. Legal Basis for Processing

We process your personal data based on the following legal grounds (Article 6 GDPR):

• Consent (Art. 6(1)(a)): For analytics cookies and marketing communications
• Contract Performance (Art. 6(1)(b)): To provide our matching and directory services
• Legitimate Interests (Art. 6(1)(f)): To improve our services, ensure security, and prevent fraud
• Legal Obligation (Art. 6(1)(c)): To comply with applicable laws and regulations

5. How We Use Your Data

We use your personal data to:

• Provide personalized cleaning company recommendations through Smart Match
• Facilitate contact between you and cleaning service providers
• Improve and optimize our website and services
• Analyze website usage and performance (via Google Analytics)
• Ensure website security and prevent abuse
• Comply with legal obligations

6. Data Sharing

We do not sell your personal data. We may share data with:

• Cleaning Companies: Contact information when you explicitly choose to contact a company
• Service Providers: Hosting providers, analytics services (Google Analytics) operating under data processing agreements
• Legal Authorities: When required by Luxembourg or EU law, or to protect our legal rights

6.1 Third-Party Services

We use the following third-party services:

• Google Analytics: For website analytics (with IP anonymization enabled). Privacy policy: Google Privacy Policy
• Google Maps/Places API: For location services. Privacy policy: Google Privacy Policy

7. International Data Transfers

Some of our service providers (e.g., Google) may transfer data outside the European Economic Area (EEA). Such transfers are protected by:

• EU-US Data Privacy Framework certification
• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions by the European Commission

8. Data Retention

We retain personal data only as long as necessary:

• Smart Match Data: Session-based, not stored permanently
• Analytics Data: 26 months (Google Analytics default)
• Contact Requests: Up to 2 years after last interaction
• Legal Records: As required by Luxembourg law (typically 10 years for commercial records)

9. Your Rights Under GDPR

Under the GDPR, you have the following rights:

To exercise these rights, contact us at info@botzen.lu. We will respond within 30 days.

10. Cookies

We use cookies and similar technologies. You can manage your cookie preferences through our cookie consent banner. For detailed information, see our Cookie Policy.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

• HTTPS encryption for all data transmission
• Regular security assessments
• Access controls and authentication
• Secure hosting infrastructure

11.1 Data Breach Notification

In compliance with GDPR Articles 33 and 34, we have implemented data breach response procedures:

How to Report a Suspected Breach: If you believe your personal data has been compromised, please contact us immediately at security@botzen.lu.

12. Children's Privacy

Our services are not directed at children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

13. Changes to This Policy

We may update this privacy policy periodically. Material changes will be notified via a prominent notice on our website. We encourage you to review this policy regularly.

14. Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with:

15. Contact Us

For any privacy-related questions or to exercise your rights: