Privacy at a Glance
- •FARENIO is a marketplace, not a cleaning company
- •We collect only data needed to run bookings, payments, and legal obligations
- •Payments are handled securely by regulated providers
- •Service Providers' income must be reported under EU law (DAC7)
- •We never sell your personal data
- •You can access, correct, or delete your data at any time
I. FULL PRIVACY POLICY
FARENIO MARKETPLACE – GDPR COMPLIANT (EU STANDARD)
1. Data Controller
The data controller is:
FARENIO Home & Office Cleaning
Operating a digital marketplace under the name FARENIO Marketplace
(Hereinafter "FARENIO")
FARENIO acts as Data Controller within the meaning of Article 4(7) GDPR for all personal data processed through the platform.
2. Scope of This Policy
This Privacy Policy applies to:
- Website visitors
- Registered Clients
- Service Providers (cleaners, companies)
- Corporate and short-stay users (Airbnb / professional hosts)
It governs all personal data processed via:
- Website
- Booking system
- Payment flows
- Customer support
- Legal and tax compliance processes
This policy is legally binding and forms an integral part of the CGU and CGV.
3. Categories of Personal Data Processed
3.1 Identification Data
- Full name
- Date of birth (where required)
- Identity documents (where legally required)
3.2 Contact Data
- Email address
- Telephone number
- Postal address
3.3 Account & Booking Data
- User account credentials
- Booking history
- Service addresses
- Preferences and instructions
3.4 Financial & Payment Data
- IBAN (Service Providers)
- Payment transaction references
- Invoices and amounts
⚠️ FARENIO never stores full card details
3.5 Tax & Regulatory Data
- Tax residence
- SIREN / SIRET or EU equivalent
- DAC7-reportable income data
3.6 Technical Data
- IP address
- Device and browser data
- Logs and security events
4. Purposes of Processing (Article 6 GDPR)
| Purpose | Legal Basis |
|---|
| Account creation & management | Art. 6(1)(b) – Contract |
| Booking & service execution | Art. 6(1)(b) – Contract |
| Payments & invoicing | Art. 6(1)(b) + legal obligation |
| DAC7 reporting | Art. 6(1)(c) – Legal obligation |
| Fraud prevention & security | Art. 6(1)(f) – Legitimate interest |
| Customer support | Art. 6(1)(b) |
| Legal compliance (tax, accounting) | Art. 6(1)(c) |
5. DAC7 & Mandatory Tax Disclosure
In accordance with EU Directive 2021/514 (DAC7), FARENIO is legally required to:
- collect identity and tax data of Service Providers,
- report annual income to tax authorities,
- transmit data to the competent Member State.
This processing is mandatory and cannot be opposed.
6. Payment Processing & Third Parties
Payments are processed by regulated Payment Service Providers (e.g. Stripe) in compliance with:
- GDPR
- PSD2
- Strong Customer Authentication (SCA)
FARENIO acts outside the payment data flow and does not access card numbers.
7. Data Recipients
Personal data may be disclosed to:
- Payment service providers
- Accounting and audit partners
- Tax authorities (DAC7)
- IT and hosting providers (EU-based or GDPR-compliant)
No data is sold or transferred for advertising purposes.
8. International Transfers
Where data is transferred outside the EU:
- Standard Contractual Clauses (SCCs) are applied
- GDPR Chapter V safeguards are enforced
9. Data Retention Periods
| Data Category | Retention |
|---|
| Account data | Duration of account + 3 years |
| Invoices & payments | 10 years (legal obligation) |
| DAC7 records | 10 years |
| Technical logs | 12 months |
| Support communications | 3 years |
10. Data Security
FARENIO implements:
- Access control
- Encryption
- Secure hosting (EU)
- Incident monitoring
- Confidentiality obligations
11. Data Subject Rights
In accordance with Articles 15–22 GDPR, users have the right to:
- Access
- Rectification
- Erasure
- Restriction
- Portability
- Objection (where applicable)
Requests may be submitted via the platform contact form.
12. Complaints
Users may lodge a complaint with the competent supervisory authority (CNIL or EU equivalent).
13. Amendments
FARENIO may update this policy to reflect:
- Legal changes
- Regulatory requirements
- Platform evolution
Users will be informed of material changes.
II. DATA PROCESSING REGISTER
Article 30 GDPR – Controller Record
Controller
FARENIO Home & Office Cleaning
Processing Activity 1: User Accounts
- Purpose: Account management, booking
- Data Subjects: Clients, Providers
- Data: Identity, contact, account data
- Legal Basis: Art. 6(1)(b)
- Recipients: Internal teams
- Retention: Account life + 3 years
- Security: Access control, encryption
Processing Activity 2: Payments & Invoicing
- Purpose: Payment execution, accounting
- Data: Transaction IDs, invoices, IBAN
- Legal Basis: Art. 6(1)(b) & (c)
- Recipients: PSP, accountants
- Retention: 10 years
- Security: PSP-secured systems
Processing Activity 3: DAC7 Compliance
- Purpose: Tax reporting
- Data: Identity, tax residence, income
- Legal Basis: Art. 6(1)(c)
- Recipients: Tax authorities
- Retention: 10 years
- Security: Restricted access
Processing Activity 4: Security & Fraud
- Purpose: Platform integrity
- Data: Logs, IPs
- Legal Basis: Art. 6(1)(f)
- Retention: 12 months
III. ALIGNMENT WITH CGU / CGV (LEGAL COHERENCE)
✔ Same definition of roles (intermediary, not employer)
✔ Same DAC7 wording and mandatory disclosure clause
✔ Same payment and PSP responsibility split
✔ Same liability allocation
✔ Same governing law (France / EU law)
This Privacy Policy is fully consistent and non-contradictory with the CGU and CGV previously drafted.
By using our platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and use of your information as described herein.