Last updated: 29 May 2025
Privacy Policy
This privacy policy explains how Lyia Städ processes personal data when you visit our website, submit a booking request, or use our cleaning services in Stockholm. We comply with the GDPR and applicable Swedish law.
Data controller
Lyia Städ is the data controller for the processing described in this policy. Company registration number is provided in your booking confirmation.
Questions about personal data or terms can be sent to info@lyia.se. We respond within a reasonable time, including on weekends.
What data we process
We only process personal data that is necessary to provide cleaning services, manage bookings, and meet legal obligations.
- Contact details: name, email, phone number
- Home or business address where the service is performed
- Booking request details: preferred date, service type, property size, message
- Personal identity number when RUT tax reduction applies
- Payment and invoicing details
- Access information you voluntarily provide so we can perform the assignment
- Technical data when visiting the website (see our cookie policy)
Purpose and legal basis
We process personal data to handle enquiries, enter and perform contracts, carry out cleaning, invoice, administer RUT deductions, and provide customer service.
Processing is based on contract (GDPR Art. 6(1)(b)), legal obligation (e.g. accounting and tax rules), or legitimate interest in operating our business securely.
Email marketing is sent only with your consent or where permitted by law, and you may opt out at any time.
Sharing and processors
We do not sell personal data. Data may be shared with trusted suppliers that help us operate the business, such as email and form services, accounting, IT, and payment providers. They process data only on our instructions under appropriate agreements.
Data may be disclosed to authorities when required by law, for example the Swedish Tax Agency in connection with RUT.
Retention
We retain personal data for as long as needed for the purpose and as required by law. Customer and contract data is normally kept for the contract period and thereafter under Swedish accounting rules. Enquiries that do not lead to a contract are deleted when no longer relevant.
Your rights
You may request access, rectification, erasure, restriction, and object to certain processing. Where processing is based on consent, you may withdraw it. You also have the right to data portability where applicable.
Complaints may be filed with the Swedish Authority for Privacy Protection (IMY), imy.se.
Security
We implement technical and organisational measures to protect personal data against unauthorised access, loss, and misuse. Only staff who need customer data for their work are granted access.
Changes
We may update this policy. The latest version is always published on this page with the date shown above.