CleanTrack

CleanTrack Privacy Policy

Last updated: May 30, 2026

Controller: CLEAN TRACK TECHNOLOGIES LLC, New Jersey, United States

Privacy contact: info@cleantrack-app.com

1. Who we are and scope of this policy

CleanTrack is a software-as-a-service (SaaS) platform operated by CLEAN TRACK TECHNOLOGIES LLC, a company registered in New Jersey, United States. CleanTrack allows cleaning companies to record, verify, and document cleaning tasks through QR codes, PINs, and photographs, and to generate downloadable reports for their own clients.

QR codes identify the corresponding building and area. CleanTrack does not use GPS and does not collect precise geolocation data to track the physical location of workers.

This Privacy Policy explains how we handle information relating to our customers, their authorized users, and, where applicable, the cleaning staff whose data is managed by our customers through the platform.

2. Our role regarding the data

CleanTrack may act in different capacities depending on the type of information:

The customer company is responsible for providing the necessary notices to its workers and for ensuring it has the authorizations, legal bases, and internal policies required by applicable law. This Privacy Policy does not replace the SaaS agreement or any applicable data processing agreement.

3. Information we collect

The information processed depends on how each customer uses CleanTrack.

3.1. Customer information

3.2. Cleaning staff information managed by our customers

3.3. Photographs

The customer company's users/employees may upload photographs of the cleaned area to document the completion of a task. Although photographs should focus on the relevant area, they may accidentally include people, residents, documents, apartment numbers, or other visible information.

We ask our customers and users to avoid photographing people, documents, correspondence, personal identifiers, or other unnecessary information. When a photograph includes personal information, the customer must ensure that its collection and use are lawful and reasonably necessary for the intended purpose.

3.4. Technical and security information

To operate and protect the service, CleanTrack and its providers may receive limited technical information, such as session data, access logs, IP address, browser or device type, security events, error logs, and technologies strictly necessary to keep the session active and prevent unauthorized access. This technical information is stored temporarily in the user's browser (local storage) and in our providers' security logs, and is not combined with advertising profiles or used for cross-site tracking.

3.5. Communications

We may retain communications sent manually through our corporate email, including support requests, commercial inquiries, and messages related to the provision of the service.

4. Information we do not currently collect

CleanTrack currently:

If these practices change, we will update this Privacy Policy before implementing the change where necessary.

5. How we obtain information

We may obtain information:

6. How we use information

We use information solely for legitimate purposes related to providing and protecting the service, including:

We do not use cleaning staff data or photographs for advertising, sale of information, profiling with legal effects, or purposes unrelated to providing the service requested by the customer.

7. Service providers and disclosure of information

We may share information only when necessary to provide the service, protect the platform, comply with the law, or complete a legitimate corporate transaction. Our current providers include:

We may also disclose information when required by a competent authority under the law, when necessary to protect rights and safety, or as part of a merger, acquisition, reorganization, or legitimate transfer of assets, subject to applicable safeguards.

We do not sell personal information to third parties.

8. Where data is stored and processed

The primary Supabase infrastructure currently used by CleanTrack is configured in the AWS us-east-1 region (North Virginia, United States). Private file backups on Amazon S3 are configured in the AWS us-east-2 region (Ohio, United States).

Vercel operates a global infrastructure and content delivery network. As a result, certain technical information may be processed or transferred within the United States and other locations where Vercel or its providers maintain processing operations. Zoho Mail also processes information according to its own infrastructure and applicable documentation.

Our providers may modify their infrastructure or use subprocessors. When a material change affects our practices, we will update this Privacy Policy and apply the corresponding contractual and security measures.

9. Security

We apply reasonable administrative, technical, and organizational measures to protect information against loss, misuse, unauthorized access, alteration, or disclosure. These measures include session- and role-based access controls, logical segregation between customers, restricted credential management, recovery backups, and periodic review of security configurations.

Access to photographs is restricted through unique, non-predictable identifiers and application-level controls. Photograph links are made available only to the authorized users of the relevant customer through the platform and the generated reports.

No system can guarantee absolute security. If we identify an incident that must be reported, we will act in accordance with applicable law and the corresponding contractual commitments.

10. Data retention and deletion

We retain operational data while the customer's account remains active and for as long as reasonably necessary to provide the service.

Following the termination of the contract, operational data stored in the production environment will be retained for a maximum of 90 days and subsequently deleted, unless the customer requests earlier deletion, the contract establishes a different period, or a legal, accounting, tax, security, or litigation-hold obligation requires retaining it for a longer period.

Backups are generated automatically and retained under a retention schedule independent of the production environment. File backups are automatically deleted within approximately 90 days, and prior non-current versions are deleted within the following 30 days. When a file is deleted from the production environment, it is no longer included in subsequent backups, and its existing copy is deleted in accordance with this schedule. While a copy remains in backup, it is protected against ordinary access and is not used for purposes other than recovery, security, or legal compliance.

Contracts, invoices, and accounting records belonging to CLEAN TRACK TECHNOLOGIES LLC may be retained for different periods when necessary to comply with tax, accounting, or legal obligations.

Before canceling the service, the customer must download any reports it needs to keep. The customer company is responsible for determining its own retention periods for labor, contractual, or regulatory documentation.

11. Privacy rights and requests

Depending on the applicable jurisdiction, an individual may have the right to request access, correction, deletion, or a portable copy of certain personal data, as well as to appeal when a request is denied.

When a request relates to worker information managed by a customer company, the individual should first contact their employer or the company using CleanTrack. They may also write to us at info@cleantrack-app.com, and we will reasonably cooperate to route the request to the relevant customer.

We may request reasonable information to verify the individual's identity and prevent improper access. We will respond in accordance with the timeframes and requirements established by applicable law. We will not discriminate against an individual for exercising the rights to which they are legally entitled.

12. Responsibilities of our customers

Each customer company is responsible for:

13. Children

CleanTrack is not directed to children under 13 years of age. Our customers must not provide personal information of children under 13 through the service. If we discover that we have received such information without an adequate legal basis, we will take reasonable steps to delete it.

When a customer uses CleanTrack in connection with a minor worker legally authorized to work, the customer is responsible for complying with applicable labor and privacy regulations.

14. Cookies and similar technologies

CleanTrack does not use advertising cookies, marketing pixels, or third-party analytics tools. The application does not track users for advertising purposes.

To function, CleanTrack uses strictly necessary browser local storage technologies, limited to: (i) keeping authorized users' sessions active while they use the platform, and (ii) remembering the selected language preference. These technologies are essential to provide the service and are not used to track browsing activity outside the application.

15. Changes to this policy

We may update this Privacy Policy when our practices, providers, features, or legal requirements change. We will post the current version with its update date and, where appropriate, notify material changes through reasonable notice within the application, by email, or by another appropriate means.

16. Contact

For privacy-related inquiries or requests, you may write to: info@cleantrack-app.com

CLEAN TRACK TECHNOLOGIES LLC — New Jersey, United States