GDPR Policy

KOA Services is committed to complying with the General Data Protection Regulation (GDPR) and protecting your personal data rights. This policy outlines our GDPR compliance practices for all European Union and European Economic Area residents.

1. Our GDPR Commitment

We recognize that data protection is a fundamental right. KOA Services processes personal data transparently, lawfully, and only for specified purposes. We comply with all requirements of the GDPR (EU 2016/679).

2. Legal Basis for Processing

We process your personal data based on the following legal grounds:

Contract Fulfillment: To provide cleaning services and process bookings
Legitimate Interest: To improve services, communicate updates, and prevent fraud
Consent: For marketing communications (with your explicit opt-in)
Legal Obligation: To comply with tax and employment laws

3. Your GDPR Rights

Under the GDPR, you have the following rights regarding your personal data:

Right of Access: You have the right to request and obtain a copy of all personal data we hold about you in a structured, commonly-used, machine-readable format.

Right to Rectification: You can request corrections to inaccurate or incomplete personal data. We will update your information promptly.

Right to Erasure ("Right to be Forgotten"): You can request deletion of your personal data, except where we have legal obligations to retain it or if it's necessary for our legitimate interests.

Right to Restrict Processing: You may request that we limit the processing of your data in certain circumstances, such as while accuracy is being verified.

Right to Data Portability: You have the right to receive your personal data in a portable, machine-readable format and transmit it to another organization.

Right to Object: You can object to processing of your data for direct marketing, profiling, and other purposes at any time.

Rights Related to Automated Decision Making: You have the right not to be subject to decisions based solely on automated processing, including profiling.

4. Data Protection Officer

We have appointed a Data Protection Officer (DPO) to ensure compliance with GDPR requirements. For data protection inquiries, contact:

Data Protection Officer
Email: dpo@koaservices.com
Response Time: 30 days maximum

5. Personal Data We Collect

We collect the following categories of personal data:

Identification Data (name, email, phone number, address)
Booking Data (service preferences, dates, times, property details)
Payment Data (processed securely through third-party providers)
Communication Data (correspondence related to services)
Technical Data (IP address, browser type, device information)

6. Data Retention Policy

We retain personal data only as long as necessary for the purposes stated:

Booking Data: 3 years (for accounting and service records)
Customer Communications: 1 year after last contact
Payment Information: 7 years (tax compliance)
Website Analytics: 26 months

7. International Data Transfers

If we transfer personal data outside the EU/EEA, we ensure appropriate safeguards are in place, such as:

Standard Contractual Clauses (SCCs)
EU adequacy decisions
Your explicit consent for transfers

8. Data Subject Rights Requests

To exercise any of your GDPR rights, you can:

Send a written request to our DPO at dpo@koaservices.com
Include identification proof and specify your request clearly

We will respond within 30 calendar days. If your request is complex, we may extend by 60 additional days with notification.

9. Data Breach Notification

In the event of a personal data breach, we will:

Notify you within 72 hours if there is high risk to your rights
Inform relevant supervisory authorities
Take appropriate remedial measures
Document the incident thoroughly

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized processing, accidental loss, destruction, or damage. Our security measures include encryption, secure servers, and restricted access to personal data.

11. Children's Data Protection

Our services are not intended for children under 16 years old. If we learn that we have collected data from a child under 16 without parental consent, we will immediately delete it.

12. Cookies & Tracking Under GDPR

We obtain explicit consent before placing non-essential cookies on your device. You can manage cookie preferences at any time through your browser settings or our cookie preferences center.

13. Third-Party Data Processors

We have Data Processing Agreements (DPAs) in place with all third-party service providers who handle your personal data, ensuring GDPR compliance at every step.

14. Supervisory Authority

If you believe we have violated your GDPR rights, you have the right to lodge a complaint with your local supervisory authority:

Find your local authority at: https://edpb.ec.europa.eu
You can also contact your country's data protection authority

15. Changes to This Policy

We will update this GDPR Policy as needed to reflect legal changes or improvements to our practices. Updates will be posted on this page with a new "Last Updated" date.

16. Contact Information

KOA Services GDPR Compliance Team
Email: dpo@koaservices.com
Phone: +1-800-CLEAN-NOW
Address: 123 Clean Street, Service City, SC 12345
Website: www.koaservices.com

Last Updated: October 2025

Our Goal is to Wow You With Every Clean

Services

Legal

Contact Info

Email Info

Inactive