Privacy Policy

ShineHub ("we", "us", "our") is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and the Irish Data Protection Acts 1988–2018. This policy explains what data we collect, how we use it, and your rights.

1. Who we are

ShineHub is a home services platform based in Dublin, Ireland. We connect customers with independent cleaning and repair professionals. For data protection purposes, ShineHub acts as the data controller for customer and booking data.

If you have any questions about this policy or wish to exercise your rights, contact us at: jsczlxl2001@gmail.com

2. What data we collect

We collect the following personal data when you make a booking:

• Full name
• Email address
• Home or office address
• Booking details (service type, date, time, property information)
• Payment confirmation reference (we do not store card details — payments are processed by Stripe)
• Any notes or special instructions you provide

We do not collect data from visitors who browse the site without making a booking. We do not use tracking cookies, advertising pixels, or third-party analytics tools.

3. How we use your data

We use your personal data solely to:

• Process and confirm your booking
• Send booking confirmation and service updates by email
• Share relevant booking details with your assigned service professional
• Respond to enquiries or complaints
• Comply with legal obligations

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Legal basis for processing

We process your personal data on the following legal bases under GDPR Article 6:

• Contract performance — processing is necessary to fulfil your booking
• Legal obligation — where required by Irish or EU law
• Legitimate interests — for example, to improve our service and prevent fraud

5. Data retention

We retain your booking data for a maximum of 24 months from the date of your last booking. After this period, your personal data is permanently deleted from our systems.

If you request deletion of your data before this period, we will complete the deletion within 30 days (see Section 7).

6. Cookies

ShineHub uses only essential cookies necessary for the website to function. We do not use tracking, advertising, or analytics cookies. Essential cookies do not require consent under Irish data protection law, but we inform you of their use via our cookie notice.

7. Your rights

Under GDPR, you have the following rights regarding your personal data:

• Right of access — request a copy of the data we hold about you
• Right to rectification — request correction of inaccurate data
• Right to erasure — request deletion of your data ("right to be forgotten")
• Right to restriction — request that we limit how we use your data
• Right to data portability — request your data in a portable format
• Right to object — object to processing based on legitimate interests

To exercise any of these rights, email us at jsczlxl2001@gmail.com. We will respond within 30 days.

8. Third-party services

We use the following third-party services which may process your data:

• Stripe — payment processing. Stripe processes payment card data on our behalf. Stripe is PCI-DSS compliant. See Stripe's Privacy Policy.
• Amazon Web Services (AWS) — our website and database are hosted on AWS infrastructure in the EU (Ireland, eu-west-1 region). Your data does not leave the EU.
• Gmail (Google) — used to send booking confirmation emails. Only your name and email address are shared with Google's mail servers for this purpose.

9. Data security

We implement appropriate technical measures to protect your personal data, including encrypted connections (HTTPS), access controls, and regular security reviews. In the event of a data breach that affects your rights, we will notify you and the Irish Data Protection Commission (DPC) within 72 hours as required by GDPR.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email if you have an active booking, and will update the "Last updated" date at the top of this page.

11. Complaints

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the Irish Data Protection Commission (DPC):