CleanLog logo
Claim early access

Privacy Policy

Last updated: 20 Nov 2025

Effective date: 20 Nov 2025

This Privacy Policy explains how Routine Tech Pte. Ltd. ("Routine Tech", "we", "us", "our") collects, uses, discloses and protects personal data when you use CleanLog (the "Service") or otherwise interact with us.

1. Introduction

We take your privacy seriously. This Policy is intended to comply with the Personal Data Protection Act 2012 (Singapore) ("PDPA") and, where applicable, other data protection laws in the jurisdictions where our Users are located. By using the Service or providing personal data to us, you agree to the practices described in this Policy.

2. Who we are and how to contact us

Company: Routine Tech Pte. Ltd.
Registered office: 150 Cecil Street #03-02, Singapore 069543
Website: https://cleanlog.com

Data Protection Officer (DPO): [email protected]

Please contact our DPO if you have any questions about this Policy or how we handle personal data.

3. Scope

This Policy applies to:

  • visitors to our website;
  • customers (organisations) that subscribe to the Service ("Customers");
  • individuals who use the Service as Authorised Users (e.g. cleaners, supervisors, managers, facility staff); and
  • individuals who scan our QR codes in restrooms or other locations to submit ratings or feedback ("Visitors").

It does not apply to third-party websites or services that we do not control.

4. Personal data we collect

"Personal data" means data that can identify an individual, whether on its own or with other information. Depending on how you use the Service, we may collect the following categories of personal data:

4.1. Data you or your organisation provide

  • Account and profile data: names, job titles, roles, work email addresses, phone numbers, organisation name, billing details.
  • Cleaning operations data: assignments of locations, checkpoints and schedules to specific cleaners or teams; timestamps, check-in/check-out records and notes entered by users.
  • Photos and media: photos or videos uploaded as proof of cleaning, which may incidentally include identifiable individuals or surroundings.
  • Support and communication data: content of messages and attachments you send to us (e.g. via email, in-app support, contact forms).

4.2. Visitor feedback data

When you scan a CleanLog QR code as a Visitor and submit feedback, we collect:

  • your responses to rating questions (e.g. cleanliness rating, satisfaction level);
  • any free-text comments you choose to provide (which may include personal data if you decide to include it);
  • technical data such as the date and time of submission, the facility/location identifier, and IP address/device information.

We do not require you to provide your name or contact details to submit Visitor Feedback. If you choose to include contact information or other personal details in your comments, we will process them in accordance with this Policy.

4.3. Data we collect automatically

When you access the Service, we may automatically collect:

  • Device and log data: IP address, browser type, operating system, device identifiers, pages viewed, date/time of access, referring URLs.
  • Usage data: actions taken in the Service (e.g. creating checkpoints, logging cleanings, uploading photos, submitting feedback), feature usage patterns, error logs.
  • Cookies and similar technologies to remember your preferences, secure your session and analyse usage. You can usually control cookies through your browser settings, but disabling certain cookies may affect functionality.

4.4. Data from third parties

  • your employer or organisation (the Customer) when they add you as an Authorised User;
  • third-party tools integrated with the Service (e.g. authentication providers, communication tools), to the extent authorised by you or your organisation.

5. How we use personal data and on what basis

We use personal data for the following purposes:

5.1. To provide and operate the Service

  • Creating and managing Accounts and Authorised User profiles.
  • Recording cleaning activities, logs, photos and Visitor Feedback as part of the Service.
  • Generating reports, dashboards and audit trails for Customers.
  • Routing Visitor Feedback to the relevant Customer so they can review and, where appropriate, respond or take action.

5.2. To secure the Service

  • Authenticating users and preventing unauthorised access.
  • Detecting and preventing fraud, abuse and security incidents.
  • Monitoring and improving the stability and performance of the Service.

5.3. To communicate with you

  • Sending transactional emails (e.g. account notifications, password resets, system alerts).
  • Responding to your questions, support requests and feedback.
  • In some cases, contacting you if you have voluntarily provided contact details in Visitor Feedback and have requested a response.

5.4. To improve the Service

  • Analysing usage patterns to understand how the Service is used.
  • Developing new features and enhancements.
  • Creating aggregated and anonymised statistics that do not identify individuals (for example, overall cleanliness scores or trends across facilities).

5.5. For legal, compliance and risk management

  • Complying with applicable laws and regulations.
  • Enforcing our Terms of Service and other agreements.
  • Protecting our rights, property and safety, and those of our users or the public.

5.6. Marketing (optional)

With appropriate consent where required, sending you information about new features, promotions or content related to the Service. You may opt out of marketing communications at any time via the unsubscribe link in our messages or by contacting us.

Under the PDPA, we generally rely on your consent (including deemed consent under the PDPA) and/or other permitted purposes such as where the collection, use or disclosure is reasonably necessary for managing or providing the Service, or is required by law. Where other data protection laws apply (e.g. in the EU/UK), we may also rely on legitimate interests, performance of a contract, or compliance with legal obligations as our legal bases, as appropriate.

6. How we share personal data

We do not sell personal data. We may disclose personal data in the following situations:

6.1. Within the Customer’s organisation

  • Authorised Users within the same Customer account may see certain data in line with the roles and permissions configured by the Customer.
  • Visitor Feedback submitted by scanning that Customer’s QR codes may be made available to that Customer (e.g. facility manager, cleaning manager) so they can review and act on it.

6.2. Service providers (sub-processors)

We may engage third-party service providers to support the Service, including cloud hosting and infrastructure providers, email and communication tools, analytics and monitoring services, payment processors and billing tools, and customer support tools. These service providers will only process personal data on our behalf, under our instructions, and are subject to obligations to safeguard personal data.

6.3. Business transfers

In connection with a merger, acquisition, financing, sale of assets, restructuring or similar transaction, personal data may be transferred as part of the transaction. We will only do so where permitted by law and will take steps to ensure continued protection of personal data.

6.4. Legal and safety requirements

We may disclose personal data if we believe in good faith that it is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request; enforce our Terms of Service or other agreements; or protect the rights, property or safety of Routine Tech, our users or the public.

7. International transfers of personal data

Our servers, service providers and partners may be located outside the country where you are based (for example, outside Singapore). This may involve transferring personal data to countries that may have different data protection laws. Where personal data is transferred out of Singapore, we will ensure that the receiving organisation provides a standard of protection comparable to that under the PDPA (for example, through contractual obligations or other safeguards), except where an exemption applies. Where other data protection laws apply (such as the EU/UK GDPR), we will take appropriate steps to ensure adequate protection for international transfers, as required by those laws.

8. Data retention

We retain personal data for as long as reasonably necessary to provide the Service to the Customer, comply with our legal and regulatory obligations, resolve disputes and enforce our agreements, or fulfil the purposes described in this Policy. When personal data is no longer needed for these purposes, we will delete or anonymise it, or isolate it from further processing, in accordance with our data retention policies and applicable law. Customers may control how long certain records (such as cleaning logs and Visitor Feedback) are kept within their accounts, subject to technical and legal limitations.

9. Security

We take reasonable technical and organisational measures to protect personal data against unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. These measures may include access controls and authentication, encryption in transit, regular software updates and security monitoring, and access logging and audits. However, no method of transmission over the Internet or method of electronic storage is completely secure. While we strive to protect personal data, we cannot guarantee absolute security.

10. Your choices and rights

10.1. Access and correction: Subject to legal requirements, you have the right to request access to personal data we hold about you, and to request corrections if you believe it is inaccurate or incomplete.

10.2. Withdrawal of consent: You may withdraw your consent to our collection, use or disclosure of your personal data at any time, subject to legal or contractual restrictions and reasonable notice. Withdrawing consent may affect our ability to provide the Service (for example, you may no longer be able to use your account).

10.3. Managing your information: If you are an Authorised User, you may be able to update certain personal data directly inside the Service (e.g. name, contact details), or you can contact your organisation’s administrator. If you are a Visitor and wish to exercise your rights in relation to a specific feedback submission, you can contact us or, in some cases, the relevant Customer (facility owner/manager).

10.4. How to exercise your rights: To exercise any of these rights, please contact our DPO at [email protected]. We may need to verify your identity and may charge a reasonable fee where allowed by law (e.g. for processing access requests). We will respond within a reasonable time and in accordance with applicable laws.

11. International users and additional rights

We are based in Singapore and our primary data protection obligations arise under Singapore’s PDPA. However, individuals located in other countries may have additional rights under their local data protection laws (for example, in the European Economic Area, United Kingdom, or certain US states). Depending on where you are located and how you interact with our Service, you may have rights to request access to your personal data; request correction or deletion of your personal data; object to or restrict our processing of your personal data; request a copy of your personal data in a portable format; and lodge a complaint with a data protection authority. We will respond to requests to exercise these rights in accordance with applicable laws. To exercise any of these rights, please contact our Data Protection Officer at [email protected]. If we are required in future to appoint an EU or UK representative under the EU/UK General Data Protection Regulation, we will update this Policy with their contact details.

12. Children

The Service is intended for use by organisations and adult professionals. We do not knowingly collect personal data from children under 16 years of age. If you believe a child has provided personal data to us without appropriate consent, please contact us and we will take steps to delete such data where required.

13. Third-party websites and services

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices or content of those third parties. We encourage you to read their privacy policies before providing them with personal data.

14. Changes to this Privacy Policy

We may update this Policy from time to time. We will indicate the effective date at the top and, where appropriate, notify you of material changes (for example, by email, in-app notice or a notice on our website). Your continued use of the Service after any changes take effect signifies your acceptance of the updated Policy. If you do not agree with the changes, you should stop using the Service.

15. Contact us

If you have any questions, concerns or complaints about this Policy or our handling of personal data, please contact our Data Protection Officer:

Data Protection Officer
Routine Tech Pte. Ltd.
Email: [email protected]
Address: 150 Cecil Street #03-02, Singapore 069543

We will investigate and respond to your query within a reasonable time.