Privacy Policy

We collect information you provide directly and information generated through your use of our platform:

• •Account information — full name, email address, phone number, and password (stored as a hashed value).
• •Booking details — service address, postcode, unit number, scheduled date & time, service type, and any special instructions.
• •Payment records — transaction amount and payment gateway reference number (processed by CHIP; we do not store full card numbers).
• •Location data — GPS coordinates you provide when entering a service address, used only to match nearby cleaners.
• •Device & usage data — IP address, browser type, pages visited, and timestamps collected automatically via server logs.
• •Reviews & communications — ratings, written reviews, and messages you submit through the platform.

Your information is used solely for the purposes for which it was collected:

• •Create and manage your account and bookings.
• •Match you with available, verified cleaners near your address.
• •Process payments and issue receipts through our payment gateway.
• •Send booking confirmations, status updates, and support replies via email or in-app notifications.
• •Improve platform safety, detect fraud, and resolve disputes.
• •Comply with legal and regulatory obligations under Malaysian law.

We do not sell or rent your personal data. We only share it in these limited circumstances:

• •Assigned cleaners — Your first name, service address, scheduled time, and any special instructions are shared with the cleaner who accepts your booking.
• •Payment processor (CHIP) — Billing information is transmitted to CHIP Fintech Sdn Bhd to process your payment securely. CHIP's own privacy policy applies to this data.
• •Legal obligations — We may disclose data if required by law, court order, or to protect the rights and safety of our users.
• •Business transfer — In the event of a merger or acquisition, your data may be transferred to the successor entity under equivalent privacy protections.

We implement industry-standard security measures to protect your data:

• •All data in transit is encrypted using HTTPS / TLS.
• •Passwords are stored using a one-way cryptographic hash (bcrypt); we never store plain-text passwords.
• •Payment card details are handled exclusively by our PCI-DSS compliant payment partner CHIP. We store only the transaction reference number.
• •Access to personal data is restricted to authorised personnel on a need-to-know basis.

We retain your personal data for as long as your account is active or as needed to provide services. Booking and payment records are kept for a minimum of 7 years to comply with Malaysian accounting and tax regulations. You may request deletion of your account at any time; we will remove your personal data within 30 days, except where retention is required by law.

We use essential session cookies to keep you logged in securely. We do not use third-party advertising or tracking cookies. The cookies we set include:

• •.AspNetCore.Antiforgery.* — Prevents cross-site request forgery (CSRF) attacks.
• •.AspNetCore.Session — Maintains your login session.

You can disable cookies in your browser settings, but this will prevent you from logging in.

Under the Personal Data Protection Act 2010 (Malaysia), you have the right to:

• •Access — Request a copy of the personal data we hold about you.
• •Correction — Request correction of inaccurate or incomplete data.
• •Withdrawal of consent — Withdraw consent for processing at any time (this may affect your ability to use certain features).
• •Deletion — Request deletion of your account and associated personal data.

To exercise any of these rights, contact us at support@thebersih.com. We will respond within 14 business days.

If you have questions or concerns about this Privacy Policy or our data practices, please reach out: