Privacy Policy

Who we are

Operatorzz is a global services marketplace (the "Platform"), operated by CloudOpsWorld SRL, a company registered in Romania. CloudOpsWorld SRL acts as the data controller for personal data collected through this website. Our privacy contact address is [email protected].

What data we collect

• Account credentials: email address, password (hashed), optional name
• Profile data: phone number, avatar, business name and description (operators)
• Booking data: scheduled date, service address, latitude/longitude, notes
• Payment metadata: Stripe transaction and transfer IDs (card data handled exclusively by Stripe)
• Communications: message content exchanged between clients and operators
• Reviews and ratings you leave on the platform
• Session and CSRF tokens (see Cookie Policy)
• Server access logs including IP addresses and user-agent strings

Legal basis (Article 6 GDPR)

• Contract (Art. 6(1)(b)): account credentials, booking data, transactional emails, payment processing
• Legal obligation (Art. 6(1)(c)): payment and tax records retained for statutory periods; KYC documents for anti-money-laundering compliance
• Legitimate interests (Art. 6(1)(f)): search ranking, fraud prevention, security audit logs
• Consent (Art. 6(1)(a)): marketing emails (opt-in only); optional public profile fields

Sub-processors

We share data with the following processors who act on our behalf under Data Processing Agreements:

• Stripe Payments Europe Ltd. — payment processing and operator KYC (Ireland / US)
• Cloudflare R2 / MinIO object storage — file storage for avatars, service photos, and KYC document scans (self-hosted or Cloudflare)
• Resend, Inc. — transactional and marketing email delivery (US)
• EU-based managed database and application hosting — PostgreSQL database and application servers hosted within the European Union

US-based processors are covered by EU Standard Contractual Clauses and, where applicable, EU-US Data Privacy Framework certification.

Your rights (Articles 15-22 GDPR)

• Access (Art. 15): request a copy of all data we hold about you
• Rectification (Art. 16): correct inaccurate personal data via your account settings
• Erasure (Art. 17): request account deletion; certain financial records are retained under statutory retention obligations
• Restriction (Art. 18): ask us to pause processing while a dispute is resolved
• Portability (Art. 20): export your data in a machine-readable format
• Object (Art. 21): opt out of processing for marketing or legitimate-interest purposes

To exercise any of these rights, email [email protected]. We respond to routine requests within 7 days and complex requests within 30 days (GDPR Art. 12(3) one-month deadline).

Data retention

• Account data: while active + 30 days after closure
• Booking and payment records: 6 years (statutory minimum; longer in DE/FR)
• KYC documents: 5 years from end of operator relationship (AMLD5/6)
• Messages: 2 years from last activity
• Audit logs: 2 years
• Session cookies: up to 30 days

Cookies

We set strictly-necessary and functional cookies, and — only with your consent — analytics cookies. You can grant or withdraw consent at any time. See our Cookie Policy for details.