Privacy Policy

DORIXÉ — Eco-Friendly Home & Office Cleaning Marketplace

Effective date: 28 June 2026 Last reviewed: 28 June 2026 Version: 2.0

This Privacy Policy explains how DORIXÉ collects, uses, shares, and protects personal data, and the rights and choices available to you. It applies to everyone who uses the DORIXÉ platform — Clients who book cleaning services, independent Cleaners (also called Providers) who offer them, affiliates and referrers, and visitors to our website — whether you are located in the European Union / EEA, the United States, or anywhere else in the world.

DORIXÉ operates a two-sided marketplace. We connect Clients with independent cleaning professionals. DORIXÉ is not the employer of any Cleaner and does not itself perform cleaning services. This structure affects how data flows between you, the Cleaner you transact with, and us — and we describe that throughout this Policy.

If anything here is unclear, contact us at the addresses in the Contact section.


1. Who We Are (Data Controller)

DORIXÉ is the controller of the personal data described in this Policy, except where we act as a processor on behalf of a Cleaner (for example, a Cleaner's own business records) or where a third party is an independent controller (for example, Stripe for certain payment and identity functions).

  • Legal entity: DORIXÉ is operated by its founder. The business will complete its registration before the service begins operating to the public; the full registered entity name and legal form will be published here at that time.
  • Registered address: DORIXÉ's postal contact address will be published here as part of completing registration before public launch; in the meantime, the email addresses below are monitored and are the fastest way to reach us.
  • Commercial register / registration number: DORIXÉ's commercial-register entry and number will be published here once registration is completed, before the service begins operating.
  • VAT / tax identification number: DORIXÉ's commercial-register entry and number will be published here once registration is completed, before the service begins operating.
  • Data protection contact: privacy@dorixé.com
  • General legal contact: legal@dorixé.com

Data Protection Officer (DPO): Given the scale and nature of our processing (regular monitoring via analytics, precise geolocation, photographs of the interior of people's homes, and identity verification of Cleaners), a DPO may be required under GDPR Article 37. We have not appointed a Data Protection Officer and are not required to under Art. 37 GDPR, given the small scale of our operation. For privacy questions, contact privacy@dorixé.com.

EU/EEA Representative (GDPR Article 27): If the controlling entity is established outside the EU/EEA but offers services to people in the EU/EEA, we are required to designate an EU representative. Not applicable: our controlling entity is established in Germany (the EU), so no Art. 27 GDPR representative is required.

US legal identity: For US users, the operating entity and a US point of contact are: There is no separate US entity. DORIXÉ is operated from Germany and serves US users from there; US privacy and legal questions can be sent to privacy@dorixé.com and legal@dorixé.com.

We will state our full controller identity proactively here rather than "on request," and we will keep these details current.


2. Scope of This Policy and Which Sections Apply to You

This Policy is dual-regime:

  • Everyone: Sections 1–11 and 14–17 apply to all users.
  • EU/EEA (and UK where applicable): Section 12 (GDPR rights) and Section 9 (legal bases, international transfers) describe your specific protections.
  • United States: Section 13 (U.S. State Privacy Rights, including the California Notice at Collection) describes your specific rights and our notice-at-collection.

We make this Policy available in the languages in which we offer the service. Where a translated version conflicts with the English version, the English version governs, but this never reduces the mandatory protections available to you under the law of your country of residence.


3. The Personal Data We Collect

We collect the following categories of personal data. The sensitivity of some categories (geolocation, home photographs, identity documents) means we apply specific safeguards described in Sections 5, 6, and 8.

Account and profile data

  • Name, email address, phone number
  • Account role (Client, Cleaner, affiliate/referrer)
  • Authentication credentials and login metadata (handled by our auth provider, Clerk)
  • Cleaner profile data: business description, self-set rates, recurring-booking discounts, paid add-ons, service area, and self-declared attributes such as eco practices, qualifications, or insurance status (see Section 7 on what we do and do not independently verify)

Service and location data

  • Service address(es) where cleaning is performed
  • Precise geolocation of the service address (latitude/longitude), used to match Clients with nearby Cleaners and to display the job. Precise geolocation is sensitive data; we minimise its precision where exact coordinates are not needed.

Booking, transaction, and payment data

  • Booking details: date, time, scope, add-ons, recurring schedules, bids placed/received in the bidding marketplace
  • Pricing, currency (EUR or USD), commission, payout, and refund records
  • Optional carbon-offset contribution records
  • Payment card data is collected and processed directly by Stripe; DORIXÉ does not store full card numbers. We hold payment metadata (e.g. last four digits, payment status, Stripe identifiers).

Identity-verification data (Cleaners)

  • Government-issued ID images and, where used, a selfie for face-matching, processed by Stripe Identity to verify a Cleaner's identity. See Section 6.

User-generated content

  • Before/after photographs of the interior of Clients' homes, uploaded for job documentation and dispute evidence
  • Reviews and ratings (Clients and Cleaners rate each other — a two-way review system)
  • Messages exchanged between Clients and Cleaners, and dispute evidence

Affiliate / referral data

  • Referral codes, attribution data (which booking is credited to which referrer), and payout details for registered users and standalone influencer affiliates
  • Tax-identification data required to make affiliate and Cleaner payouts and to meet reporting obligations (see Section 9)

Marketing and consent data

  • Marketing opt-in status, the wording you were shown, and the timestamp of your choice (proof of consent)
  • Cookie/consent preferences and the version of the banner you responded to

Technical, usage, and analytics data

  • IP address, device and browser type, pages visited, and interactions
  • Privacy-respecting product analytics (via Umami)
  • Error and diagnostic data (via Sentry), which can incidentally include identifiers or request data

We do not intend to collect special-category data (GDPR Article 9), but photographs of home interiors can incidentally capture sensitive information (e.g. religious items, health aids, or identifiable people). Please see Section 5 and our content rules in our Terms before uploading photos.


4. How and Why We Use Your Data

We use your data to:

  • Create and manage your account, and authenticate you
  • Match Clients with Cleaners, including by location
  • Facilitate bookings, the bidding marketplace, recurring bookings, and communications between Clients and Cleaners
  • Process payments, payouts, commission, refunds, and optional carbon-offset contributions
  • Verify Cleaner identity (see Section 6)
  • Host and display reviews, ratings, and home photographs for the service (see Section 5)
  • Resolve disputes and provide customer support
  • Operate the affiliate/referral program and the Eco-store (see Section 7)
  • Prevent fraud and abuse, and keep the platform secure
  • Send service/transactional communications (e.g. booking confirmations, receipts, recurring-charge reminders, and the account-confirmation welcome message)
  • Send marketing communications only where you have opted in (see Section 11)
  • Understand and improve the platform through analytics
  • Comply with legal, tax, and regulatory obligations

We do not sell your personal data for money. Please read Section 13 carefully for how "sale" and "sharing" are defined under US law and what choices you have.


5. Home Photographs and Precise Geolocation (High-Sensitivity Data)

Because photographs of the inside of a home and the precise location of where a person lives are unusually sensitive (they can reveal who you are, how you live, and where to find you), we treat them with specific safeguards:

  • Purpose: Home photographs are used only for documenting the specific job they were uploaded to and as evidence in any dispute about that job. Precise geolocation is used only to match and route the booking.
  • Who can see them: Home photographs are visible to the Client and the assigned Cleaner for that booking, and to authorised DORIXÉ staff handling a dispute or safety issue. We do not use your home photographs in marketing without your separate, explicit consent.
  • Where they are stored: In a private file store hosted by Backblaze B2, access-controlled and served only through our authenticated file proxy. Files are stored in a private, access-controlled bucket and are encrypted at rest by the storage provider; they are served only through our authenticated file proxy.
  • Retention: Home photographs are deleted 90 days after the booking is completed, unless they are tied to an open dispute, in which case they are retained until the dispute is resolved and any appeal/limitation period has passed.
  • Minimisation: We reduce geolocation precision where exact coordinates are not required, and we ask uploaders not to capture more than the area being cleaned.

You must not upload photographs that capture identifiable third parties or children, and you must hold any consents necessary for the people or property shown. See our Terms for the full user-content rules and the takedown/objection process.


6. Identity Verification (Cleaners)

To help maintain a trustworthy marketplace, Cleaners are verified through Stripe Identity, which collects government-issued ID document images and, where used, a selfie that may be compared against the ID (face-matching).

  • What is processed: ID document images and, if applicable, a selfie and a biometric comparison performed by Stripe Identity. Where biometric face-matching occurs, this may constitute biometric/special-category data.
  • Legal basis (EU/EEA): Performance of our agreement with the Cleaner and our legitimate interest in verifying identity and preventing fraud for identity data; and, where biometric matching occurs, your explicit consent and/or the substantial-public-interest/fraud-prevention basis as permitted by law.
  • Retention: We retain the verification result/status. Raw identity documents are minimised and retained/deleted in line with Stripe Identity's retention practices rather than stored by DORIXÉ. DORIXÉ stores only the verification result/status. The underlying identity documents are held and deleted by Stripe under Stripe's own retention practices and privacy policy rather than stored by DORIXÉ.
  • Important — what verification means: Stripe Identity confirms identity only. It is not a criminal-background check, an insurance check, or an eco-certification. See Section 7.

We have assessed (or will document) a Data Protection Impact Assessment (DPIA) covering identity verification together with home photographs and geolocation, as these are high-risk processing activities. We maintain a Data Protection Impact Assessment covering identity verification, home photographs, and precise geolocation, and we review it as these processing activities change.


7. What We Verify — and What We Do Not (Important)

To avoid misleading you, we state plainly the limits of our checks:

  • DORIXÉ performs identity verification via Stripe Identity for Cleaners.
  • DORIXÉ does not conduct criminal-background checks, does not independently verify that any Cleaner holds insurance, and does not itself certify any Cleaner's environmental ("eco") credentials.
  • Any eco, insurance, qualification, or experience attributes shown on a Cleaner's profile are self-declared by that independent Cleaner and are not independently verified by DORIXÉ unless we expressly state otherwise and identify the verifying standard.
  • DORIXÉ does not guarantee any Cleaner's qualifications, insurance, criminal history, or the quality or outcome of any cleaning service.

If we introduce genuine background checks, insurance verification, or third-party eco-certification in the future, we will state exactly who performs them, how often, and to what standard, and we will keep the supporting evidence on file.

Sustainability / green claims data. Our internal "eco-level" tiers (and any carbon-offset add-on) are based on self-declared Cleaner practices unless a specific third-party certification is named. The optional carbon-offset add-on, where offered, is a voluntary contribution; details of what it funds, the provider/registry, and the methodology are described at checkout and in our Terms. Where the optional carbon-offset add-on is offered, the provider/registry, project type, standard, and calculation methodology are disclosed at checkout and in our Terms of Service.


8. Reviews, Messages, and Other User-Generated Content

  • Reviews and ratings are personal data published about an identifiable person (the reviewed Client or Cleaner). We publish them on the basis of our legitimate interest in operating a transparent, trustworthy marketplace.
  • A reviewed person may object to a review, request correction of inaccurate content, or use our report/takedown process for unlawful, defamatory, or privacy-infringing content (see our Terms).
  • Messages and dispute evidence between Clients and Cleaners are processed to deliver the service, resolve disputes, and ensure safety and compliance, on the basis of contract performance and legitimate interest.
  • Retention: Reviews persist for as long as they remain relevant to the marketplace reviews remain published for as long as the reviewed account is active and the review remains relevant to the marketplace, and are removed or anonymised when the account is deleted. Messages and dispute evidence are retained for the life of the booking/dispute and a reasonable period afterwards for the life of the related booking or dispute and for up to 3 years afterwards, or longer where needed to establish, exercise, or defend legal claims.

Reviews, message content, and home-photo manifests are included in the data we provide in response to access and portability requests (see Section 12).


9. Who We Share Data With (Subprocessors and Recipients)

We share personal data with the service providers below, who process it on our behalf under data-processing agreements, and with the Cleaner or Client you transact with. We do not sell personal data for money.

Current subprocessors (last updated 28 June 2026):

ProviderPurposePrimary processing locationTransfer mechanism (for EU/EEA data)
StripePayment processing, payouts, ConnectEU and US / globalStandard Contractual Clauses (and EU-US Data Privacy Framework certification where the recipient is certified)
Stripe IdentityCleaner identity/biometric verificationEU and US / globalStandard Contractual Clauses (and EU-US Data Privacy Framework certification where the recipient is certified)
ClerkAuthentication / account managementUS / globalStandard Contractual Clauses (and EU-US Data Privacy Framework certification where the recipient is certified)
ResendTransactional & (opted-in) marketing emailUSStandard Contractual Clauses (and EU-US Data Privacy Framework certification where the recipient is certified)
Backblaze B2File/photo storage (private bucket)United StatesStandard Contractual Clauses (and EU-US Data Privacy Framework certification where the recipient is certified)
PusherReal-time notificationsUS / globalStandard Contractual Clauses (and EU-US Data Privacy Framework certification where the recipient is certified)
InngestBackground job orchestration (bookings, recurring)US / globalStandard Contractual Clauses (and EU-US Data Privacy Framework certification where the recipient is certified)
SentryError monitoring / diagnosticsUS/EUStandard Contractual Clauses (and EU-US Data Privacy Framework certification where the recipient is certified)
UmamiPrivacy-respecting product analyticsSelf-hosted on the operator's own server in the EU (first-party)Not a third-country transfer: Umami is self-hosted on our own server (first-party), so no transfer mechanism is required.

We also share data with:

  • The Cleaner or Client you transact with (e.g. a Cleaner sees the service address and any photos for their booking).
  • Affiliates/referrers and third-party merchants in connection with the referral program and the Eco-store: we process referral codes, attribution data, and payout details, and may share limited data with third-party merchants whose products are linked from the Eco-store. Eco-store links are affiliate links and we may earn a commission; this is disclosed near those links.
  • Tax authorities and payment-reporting bodies where required by law (e.g. EU DAC7 reporting for platform sellers/affiliates; US 1099 reporting and W-9/W-8 collection). We collect the required tax information before payout (EU identity/TIN data for DAC7; US W-9/W-8) and report to the relevant tax authorities, including EU DAC7 reporting and US 1099 reporting, as those obligations arise.
  • Authorities, courts, and advisors where necessary to comply with law, enforce our Terms, or protect rights and safety.
  • A successor in the event of a merger, acquisition, or asset sale, subject to this Policy.

Sentry / diagnostic data: Error-monitoring tools can incidentally capture personal data in URLs, request data, or stack traces. We process this on the basis of our legitimate interest in security and debugging, and we configure the tool to avoid sending default personal data and to scrub sensitive fields. Our error-monitoring is configured so that personal data is not sent by default (sendDefaultPii is not enabled), and Sentry is hosted in the EU region.

We will keep this list current and provide advance notice of new subprocessors where required.

International data transfers. Several of the providers above are located in, or transfer data to, the United States or other countries outside the EU/EEA. Where we transfer EU/EEA personal data internationally, we rely on a lawful transfer mechanism — an adequacy decision, the EU-US Data Privacy Framework (for certified recipients), or the EU Standard Contractual Clauses (2021) together with supplementary measures following a transfer impact assessment. You can request a copy of the relevant safeguards from our privacy contact (Section 16). For US-based providers (Stripe, Clerk, Resend, Backblaze B2, Pusher, Inngest) we rely on the EU Standard Contractual Clauses, supplemented by the EU-US Data Privacy Framework where the provider is certified, with transfer impact assessments on file. Sentry is hosted in the EU region, and Umami is self-hosted by us, so neither involves a third-country transfer.


10. Legal Bases for Processing (EU/EEA — GDPR Article 6)

PurposeLegal basis
Creating/managing your account; facilitating bookings, bids, recurring bookings, payments, and communicationsContract (Art. 6(1)(b))
Identity verification of Cleaners (identity data)Contract / legitimate interest (Art. 6(1)(b)/(f))
Biometric matching in identity verification (if used)Explicit consent / substantial public interest / fraud prevention (Art. 9)
Fraud prevention, platform security, error monitoring, publishing reviewsLegitimate interests (Art. 6(1)(f))
Marketing emails and non-essential analytics/affiliate cookiesConsent (Art. 6(1)(a); ePrivacy)
Tax, accounting, and regulatory reporting (incl. DAC7)Legal obligation (Art. 6(1)(c))

Where we rely on consent, you may withdraw it at any time, as easily as you gave it (Section 11). Withdrawal does not affect processing already carried out.


11. Cookies, Analytics, and Marketing Consent

Non-essential storage requires your consent. We do not load non-essential analytics, affiliate/referral tracking, or marketing technologies until you have opted in through our consent banner. Strictly necessary cookies (e.g. authentication and payment-security cookies) are always active because the service cannot function without them.

  • Our consent banner offers an equally prominent "Accept all" and "Reject all" at the first layer (no pre-ticked boxes; rejecting is as easy as accepting), plus a "Manage preferences" option with a granular analytics toggle.
  • Your choice (including its timestamp and the banner version) is recorded so we can demonstrate consent, and you can change or withdraw it at any time via the persistent "Cookie settings" link in our website footer.
  • For US users, we treat the Global Privacy Control (GPC) browser signal as a valid opt-out of "sale"/"sharing" (Section 13).

A complete, categorised cookie/technology table (Strictly necessary / Analytics / Marketing & Affiliate) — including the Umami analytics identifier, authentication and payment cookies, and any affiliate/referral trackers, with provider, purpose, duration, and first/third-party status — is maintained in our Cookie Policy.

Marketing communications. We send marketing emails (such as lifecycle "value," "soft," and "hard" campaigns) only to people who have given a separate, optional, unticked opt-in, which we record with the wording shown and a timestamp. Acceptance of our Terms is a separate, required step and is not treated as marketing consent. The account-confirmation welcome message is sent as a service/transactional message. Every marketing email contains a one-click unsubscribe and we honour opt-outs promptly (and, for US recipients, within 10 business days as required by CAN-SPAM). Marketing emails include our valid physical postal address. DORIXÉ's postal contact address will be published here as part of completing registration before public launch; in the meantime, the email addresses below are monitored and are the fastest way to reach us.


12. Your Rights — EU/EEA (GDPR)

You have the right to:

  • Access (Art. 15) — obtain a copy of your personal data
  • Rectification (Art. 16) — correct inaccurate or incomplete data
  • Erasure (Art. 17) — request deletion (the "right to be forgotten"), subject to the retention rules in Section 14
  • Restriction (Art. 18) and Objection (Art. 21) — including objecting to processing based on legitimate interests and to direct marketing
  • Portability (Art. 20) — receive your data in a structured, machine-readable format
  • Withdraw consent at any time, as easily as it was given

What our access/portability export includes. When you request your data, we provide all personal data we hold about you in a structured, machine-readable form, including: profile and account data, service addresses and precise geolocation, home-photo files or a manifest of their URLs, message content, reviews and ratings, booking and payment metadata, consent and marketing history, and IP/analytics identifiers.

What erasure does. When you request erasure, we propagate deletion as far as reasonably possible: we soft-delete your account and then anonymise or delete your records, delete your uploaded home photographs from Backblaze B2, and request deletion/suppression from relevant processors (e.g. Stripe, Resend, Sentry), subject to the legal-retention carve-out below. We operate a 30-day soft-delete/wind-down window before final anonymisation. Records we are legally required to keep — primarily financial, tax, and transaction records — are retained on the basis of our legal obligation (Section 14) even after erasure of the rest of your data. Our data-export and account-erasure tools implement these rights, including removal of your stored photos and inclusion of your in-app messages in data exports.

Response time. We respond within one month of a verified request, extendable by a further two months for complex or numerous requests; we will tell you if an extension applies.

Complaints. You may lodge a complaint with your national supervisory authority, in addition to any other remedy. Our lead supervisory authority is the competent data protection authority for the German state in which our operation is established.


13. Your Rights — United States (CCPA/CPRA and Other State Laws)

This section is the Notice at Collection and statement of rights for US residents, including California (CCPA/CPRA) and, as applicable, Colorado, Virginia, Connecticut, Utah, Oregon, Texas, Montana, and other states.

Categories of personal information we collect (mapped to CCPA categories), the purposes, and retention (see Section 14):

CCPA categoryExamples we collectPurpose
IdentifiersName, email, phone, account/device IDsAccount, bookings, communications
Customer recordsService address, payment metadataService fulfilment, billing
Commercial informationBookings, bids, transactions, refundsOperating the marketplace
Geolocation (precise)Service-address latitude/longitudeMatching and routing bookings
Internet/network activityPages visited, interactions, analyticsSecurity, analytics, improvement
Sensory informationBefore/after photos of home interiorsJob documentation, dispute evidence
Financial informationPayment metadata (via Stripe)Payments and payouts
Identity-verification data (Cleaners)ID documents, selfie (via Stripe Identity)Verifying Cleaner identity

Sensitive Personal Information (SPI). We collect precise geolocation and photographs of home interiors, which are sensitive. We use SPI only for the limited purposes of providing and fulfilling the service (matching, job documentation, dispute resolution) and not to infer characteristics about you. California residents may limit the use of sensitive personal information via the link below. For Virginia, Colorado, and Connecticut residents, we obtain opt-in consent before processing precise geolocation/sensitive data where required.

"Sale" and "Sharing." We do not sell your personal information for money. CPRA also defines "sharing" to include disclosing personal information for cross-context behavioral advertising, and "sale" broadly. We do not engage in cross-context behavioral advertising as a default; our analytics are configured to be privacy-respecting and consent-gated. To the extent any "sale" or "sharing" occurs, you may opt out using the controls below, and we honour the Global Privacy Control (GPC) signal as a valid opt-out.

Your US privacy rights:

  • Know / Access the personal information we collect, use, disclose, and share
  • Delete your personal information (subject to legal-retention exceptions)
  • Correct inaccurate personal information
  • Opt out of any sale or sharing
  • Limit the use of sensitive personal information
  • Non-discrimination — we will not deny service, charge different prices, or provide a lesser quality of service because you exercised your rights

How to exercise your rights (two methods):

  1. Email privacy@dorixé.com
  2. Submit our online request form at /legal/privacy-request

You may also use these controls: "Do Not Sell or Share My Personal Information" and "Limit the Use of My Sensitive Personal Information" in our website footer.

Verification and authorized agents. We verify your identity before fulfilling a request (typically by confirming information associated with your account). You may use an authorized agent; we will require proof of the agent's authorization and may ask you to verify your own identity.

Appeals (CO/VA/CT and others). If we deny your request, you may appeal by contacting privacy@dorixé.com (mark your message "Privacy Appeal"). We will respond to the appeal within the statutory period, and you may contact your state Attorney General if you are unsatisfied.

Response timeline. We confirm receipt within 10 business days and respond within 45 days, extendable by an additional 45 days (90 days total) where reasonably necessary, with notice to you.


14. Data Retention

We keep personal data only as long as necessary for the purposes set out in this Policy, then delete or anonymise it. Retention is tied to purpose:

Data categoryRetention
Account/profile dataLife of the account, then a 30-day soft-delete/wind-down, then anonymisation
Bookings, payment, financial & tax recordsStatutory period under applicable tax/accounting law 10 years for invoices and accounting records, as required by German tax law (§ 147 AO), or the equivalent statutory period applicable in your market
Home photographsDeleted 90 days after job completion, unless tied to an open dispute
Precise geolocationMinimised; retained only as long as needed for the relevant booking
Messages & dispute evidenceFor the life of the booking/dispute and a reasonable period afterwards the life of the related booking or dispute, plus up to 3 years afterwards
Identity-verification data (Cleaners)Verification result retained; raw documents minimised/deleted per Stripe Identity
Reviews & ratingsWhile relevant to the marketplace while the reviewed account is active and the review stays relevant; removed or anonymised on account deletion
Analytics dataShort, and held in anonymised/aggregated form where possible the life of the related booking or dispute, plus up to 3 years afterwards
Marketing & consent recordsUntil you withdraw consent, plus proof-of-consent retained for a limited period

After account erasure, we retain only the records we are legally required to keep (primarily financial/tax records), anonymising the rest.


15. Data Breaches, Security, Children, and Changes

Security. We use appropriate technical and organisational measures to protect personal data, including access controls, private storage for home photographs, encryption in transit, and authenticated file access. No system is perfectly secure, but we work to protect your data and to limit who can access it.

Data breaches. If a personal-data breach occurs, we will assess it and, where required, notify the competent supervisory authority within 72 hours of becoming aware of it, and notify affected individuals without undue delay where there is a high risk to their rights and freedoms. For US residents, we will provide breach notice as required by applicable state law.

Children. The DORIXÉ platform is not directed to children and may not be used by anyone under 18 to transact as a Client, Cleaner, or affiliate. We do not knowingly collect personal data from children below the applicable minimum age (16 in the EU, or the relevant member-state digital-consent age; 13 in the US). Photographs uploaded to the platform must not depict identifiable children. If we learn that we hold a minor's data in breach of these rules, we will delete it and remove the account.

Changes to this Policy. We may update this Policy. We will revise the "Last reviewed" date and, for material changes, notify you by email and/or in-app with reasonable advance notice before the change takes effect. We review this Policy at least every 12 months. A summary of material changes will be provided where appropriate.


16. How to Contact Us

  • Privacy / data protection: privacy@dorixé.com
  • General legal: legal@dorixé.com
  • US privacy requests: privacy@dorixé.com / /legal/privacy-request
  • Data Protection Officer (if appointed): No DPO is appointed (not required under Art. 37 GDPR); contact privacy@dorixé.com.
  • EU/EEA Representative (Art. 27, if applicable): Not applicable; the controller is established in Germany (the EU).
  • Postal address: DORIXÉ's postal contact address will be published here as part of completing registration before public launch; in the meantime, the email addresses below are monitored and are the fastest way to reach us.

EU/EEA residents may also lodge a complaint with their national supervisory authority. US residents may contact their state Attorney General or privacy regulator (e.g. the California Privacy Protection Agency).


17. Related Policies

This Privacy Policy should be read together with our Terms of Service, Cookie Policy, Affiliate / Referral Program Terms, and, where applicable, the Impressum / legal notice for EU users. Where this Policy describes verification, eco claims, cancellation, payments, or the marketplace structure, the operative contractual terms are set out in those documents.


*DORIXÉ is a marketplace connecting Clients with independent cleaning professionals. DORIXÉ is not the employer of any Cleaner and does not itself provide cleaning services. Payment services are provided by Stripe under Stripe's own terms; DORIXÉ does not itself hold customer funds.*