Privacy Policy

Privacy Policy

Privacy Policy

Your privacy matters to us. We protect your data in full accordance with German and EU law, including GDPR.

Privacy Policy for HelpWell.eu

Last Updated: November 2025


1. Introduction

HelpWell ("we," "us," "our," or "Company") is committed to protecting your privacy and ensuring you have a positive experience on our website and when using our services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at helpwell.eu (the "Website") and use our on-demand household, beauty, and wellness services platform (the "Services").

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Website or Services. By accessing and using HelpWell, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy.

2. Applicable Laws and Jurisdiction

HelpWell operates in compliance with:

  • EU General Data Protection Regulation (GDPR) - Regulation (EU) 2016/679

  • German Federal Data Protection Act (Bundesdatenschutzgesetz - BDSG)

  • German Telecommunications and Telemedia Data Protection Act (TTDSG)

  • ePrivacy Directive (Directive 2002/58/EC)

Our services are operated from servers located exclusively within the European Union. We are subject to the jurisdiction of German and EU data protection authorities, including the Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit).

3. Information We Collect

We collect information in the following ways:

3.1 Information You Provide Directly

Account Registration and User Profile:

  • First and last name

  • Email address

  • Phone number

  • Residential address (including postal code and district in Berlin)

  • Date of birth (for verification purposes only)

  • User profile preferences

Booking and Service Information:

  • Service preferences and selections

  • Scheduling details (preferred dates and times)

  • Special requests or notes for service providers

  • Service history and feedback

Payment Information:

  • Billing address

  • Payment method details (credit/debit card information, digital payment method)

  • Transaction history and invoices

Service Provider Verification (for Professionals):

  • Government-issued identification (ID verification)

  • Business license information

  • Professional qualifications and certifications

  • Insurance documentation

  • Professional references

  • Background check results (processed through external verification partners)

  • Bank account information (for payments)

Communication Data:

  • Messages, queries, and correspondence with customer support

  • Feedback, reviews, and ratings

  • Complaint details

3.2 Information Collected Automatically

Technical Information:

  • IP address

  • Browser type and version

  • Device type and operating system

  • Pages visited and time spent on each page

  • Referring website

  • Geographic location (based on IP address)

  • User interactions with our Website (clicks, form submissions)

  • Device identifiers and mobile advertising identifiers

Cookies and Tracking Technologies:

  • Session cookies

  • Persistent cookies

  • Web beacons

  • Analytics tracking pixels

  • Similar tracking technologies (as described in our Cookie Policy)

Communication Data:

  • Date and time of communications

  • Duration of calls or chat sessions (if applicable)

  • Communication metadata

3.3 Information from Third Parties

Service Provider Verification:

  • Background check companies (criminal records and identity verification)

  • Insurance companies (verification of professional coverage)

  • Qualification verification bodies (professional certifications)

Payment Processors:

  • Stripe (payment processor) provides transaction confirmation and security data

Third-Party Analytics:

  • Website analytics providers may process anonymized usage data

Social Media (if applicable):

  • If you link your social media account, we receive basic public profile information only with your explicit consent

4. Legal Basis for Processing Personal Data

We process your personal data only when we have a lawful basis under Article 6 GDPR and applicable German law. The legal bases we rely on are:

4.1 Contract Performance (Article 6(1)(b) GDPR)

Processing necessary to provide our Services to you:

  • Booking and scheduling services

  • Processing payments

  • Providing customer support

  • Delivering household, beauty, and wellness services

4.2 Legal Obligation (Article 6(1)(c) GDPR)

Processing required by law:

  • Tax compliance and financial record-keeping

  • Fraud prevention and detection

  • Compliance with law enforcement requests

  • Data protection and security obligations

4.3 Legitimate Interest (Article 6(1)(f) GDPR)

Processing necessary for our legitimate interests or those of third parties:

  • Improving and personalizing our Services

  • Preventing fraud and maintaining platform security

  • Conducting business analytics and website optimization

  • Marketing communications (where permitted and with your consent)

  • Enforcing our Terms of Service

  • Defending legal claims

4.4 Consent (Article 6(1)(a) GDPR)

Where we request explicit consent:

  • Marketing and promotional communications

  • Non-essential cookies and tracking technologies

  • Optional service enhancements

  • Social media linking

4.5 Public Interest (Article 6(1)(e) GDPR)

Processing necessary for public safety:

  • Background checks for service providers (protecting users)

  • Verification of professional credentials

5. How We Use Your Information

We use the information we collect for the following purposes:

5.1 Service Delivery

  • Creating and managing your account

  • Processing your service bookings

  • Connecting you with qualified service providers

  • Facilitating payments and issuing invoices

  • Providing customer support

  • Responding to your inquiries and requests

5.2 Service Provider Management

  • Verifying professional qualifications and credentials

  • Conducting background checks

  • Managing insurance and liability coverage

  • Assigning service providers to bookings

  • Maintaining provider ratings and performance records

5.3 Safety and Verification

  • Verifying user identities and preventing fraud

  • Conducting background checks on service professionals

  • Verifying professional licenses and insurance

  • Ensuring compliance with our Terms of Service

  • Protecting against misuse of our platform

5.4 Communication

  • Sending booking confirmations and updates

  • Providing customer support via email, phone, or chat

  • Notifying you of service changes or cancellations

  • Sending satisfaction surveys (with your consent)

5.5 Business Operations

  • Processing payments and managing refunds

  • Generating invoices and financial records

  • Maintaining transaction records for accounting purposes

  • Resolving disputes and complaints

  • Detecting and preventing fraud

5.6 Service Improvement

  • Analyzing user behavior and service usage patterns

  • Improving our Website and Services

  • Developing new features and services

  • Conducting user research and surveys (with consent)

  • Personalizing your experience

5.7 Marketing and Promotional Activities

  • Sending marketing emails about new services, special offers, and promotions (only with your consent or where legally permitted)

  • Conducting surveys and market research

  • Creating targeted advertising (with your consent)

5.8 Legal and Regulatory Compliance

  • Complying with legal obligations

  • Responding to lawful requests from authorities

  • Establishing, exercising, or defending legal claims

  • Protecting the rights, privacy, safety, or property of HelpWell, users, or the public

5.9 Analytics and Website Optimization

  • Analyzing Website traffic and user engagement

  • Understanding user preferences and behavior

  • Optimizing Website performance and user experience

  • Conducting statistical analysis (on aggregated, anonymized data)

6. Data Sharing and Disclosure

We take your privacy seriously and share your information only when necessary and lawful.

6.1 Service Providers and Data Processors

We may share your information with the following categories of data processors who process data on our behalf under Data Processing Agreements:

Payment Processing:

  • Stripe - Payment processor for secure payment processing and transaction management

    • Stripe acts as a data processor and receives payment information (name, email, billing address, card details)

    • Stripe's Privacy Policy: stripe.com/en-gb/privacy

    • Stripe implements appropriate security measures and is GDPR-compliant

Verification and Background Checks:

  • Third-party verification services for background checks on service professionals

  • Identity verification companies

  • Insurance verification providers

  • Professional qualification verification bodies

Customer Support:

  • Customer support platforms (if applicable)

  • Communication service providers

Analytics:

  • Website analytics providers (only anonymized data)

Cloud Infrastructure:

  • EU-based cloud hosting providers for data storage and backup

  • All data is encrypted and stored exclusively on EU servers

6.2 Service Provider Matching

Your booking information (name, address, contact details, service preferences, and service history) is shared with service professionals who are matched to fulfill your bookings. Service professionals access only the information necessary to provide your requested service.

6.3 Professional Networks

Service professionals may view aggregated ratings and reviews you provide (without personally identifying information) as part of their professional rating system on our platform.

6.4 Legal Obligations

We may disclose your information when required by law or when we believe in good faith that such disclosure is necessary to:

  • Comply with legal obligations, court orders, or government requests

  • Enforce our Terms of Service and other agreements

  • Protect the safety, rights, and property of HelpWell, our users, or the public

  • Detect, prevent, or address fraud or security issues

6.5 Data Protection Authorities

We may share information with German and EU data protection authorities as required by law or in response to official inquiries.

6.6 Legitimate Interests

We may share aggregated, anonymized data with business partners for analytical purposes where it does not identify you personally.

6.7 Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of substantially all of our assets, your information may be transferred as part of that transaction. We will provide notice via email or prominent notice on our Website of any such change in ownership or control of your personal data.

6.8 No Sale of Personal Data

We do not sell, rent, lease, or trade your personal information for marketing purposes. Your information is only shared with third parties for the purposes described in this Privacy Policy.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law.

7.1 Retention Periods

Account Information:

  • Active accounts: Retained for the duration of your account and user relationship with us

  • Deleted accounts: Retained for 90 days to allow account recovery; permanently deleted thereafter unless retention is required by law

Booking and Transaction Records:

  • Retained for 7 years for tax and accounting purposes (German tax law requirement)

  • Service-related correspondence retained for 2 years after service completion

Payment Information:

  • Transaction records retained for 10 years (German tax law - Section 257 HGB)

  • Payment method details retained only while needed for subscription billing; deleted upon account deletion or payment method change

  • Stripe processes payment data according to PCI-DSS requirements

Service Provider Verification Data:

  • Background checks and verifications retained for 5 years for liability and verification purposes

  • Professional qualifications retained for the duration of the professional relationship

  • Insurance verification retained for the duration of the professional engagement

Marketing Communications:

  • Consent records retained until withdrawn

  • Marketing data retained for 2 years after last engagement or until consent is withdrawn

Technical and Analytics Data:

  • Website logs retained for 90 days for security and troubleshooting

  • Cookies retained according to cookie types (session cookies: until browser close; persistent cookies: 12 months maximum)

  • Anonymized analytics data retained indefinitely

Customer Support Records:

  • Retained for 3 years to resolve disputes and improve service

Legal Obligations:

  • Data retained for periods required by German and EU law, including:

    • Tax records: 10 years (Section 257 HGB)

    • Employment records: 6 years (Section 257 HGB)

    • Commercial and business records: 6 years (Section 257 HGB)

7.2 Data Deletion

Upon account deletion or at your request, we delete or anonymize your personal data, except where:

  • Retention is required by law

  • Data is necessary to fulfill a legal obligation

  • An unresolved dispute exists

  • Data is needed for fraud prevention or platform security

  • A business or legal basis continues to justify retention

8. Your Privacy Rights

Under the GDPR and BDSG, you have the following rights regarding your personal data:

8.1 Right of Access (Article 15 GDPR)

You have the right to obtain confirmation of whether we are processing your personal data and to receive a copy of your data in a structured, commonly used, and machine-readable format.

How to Exercise: Contact us with a "Data Access Request" at privacy@helpwell.eu. We will respond within 30 days (extendable to 90 days for complex requests).

8.2 Right to Rectification (Article 16 GDPR)

You have the right to request correction of inaccurate or incomplete personal data. You can update much of your information directly through your account settings.

How to Exercise: Update your account information through the Website or contact us to request corrections for information you cannot update directly.

8.3 Right to Erasure (Article 17 GDPR)

You have the right to request deletion of your personal data under certain circumstances, including when:

  • Data is no longer necessary for the purposes collected

  • You withdraw consent

  • You object to processing

  • Data has been unlawfully processed

  • Deletion is required by law

Limitations: We may retain data where necessary for contractual obligations, legal compliance, fraud prevention, or security.

How to Exercise: Contact us at privacy@helpwell.eu with a "Data Deletion Request."

8.4 Right to Restrict Processing (Article 18 GDPR)

You have the right to restrict processing of your personal data in certain circumstances, such as:

  • During verification of accuracy disputes

  • When processing is unlawful but you prefer restriction to deletion

  • When we no longer need the data but you require it for legal claims

  • During an objection to processing

How to Exercise: Contact us at privacy@helpwell.eu with a "Restriction Request."

8.5 Right to Data Portability (Article 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format (such as CSV) and to transmit that data to another service provider.

How to Exercise: Contact us at privacy@helpwell.eu with a "Data Portability Request." We will provide your data within 30 days in a portable format.

8.6 Right to Object (Article 21 GDPR)

You have the right to object to processing of your personal data where we rely on legitimate interests or for direct marketing purposes.

Marketing Objection: You can unsubscribe from marketing emails by clicking the unsubscribe link in our emails or by updating your communication preferences in your account settings.

Other Processing: Contact us at privacy@helpwell.eu to object to other processing activities.

8.7 Right to Withdraw Consent (Article 7 GDPR)

Where we process your data based on consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.

How to Exercise: You can withdraw consent through your account settings or by contacting us at privacy@helpwell.eu.

8.8 Right Not to Be Subject to Automated Decision-Making (Article 22 GDPR)

You have rights regarding automated decision-making and profiling that produces legal or similarly significant effects. HelpWell does not use fully automated decision-making for significant decisions affecting you.

8.9 Right to Lodge a Complaint (Article 77 GDPR)

You have the right to lodge a complaint with a data protection authority if you believe we have violated your privacy rights.

Data Protection Authority in Berlin:

  • Name: Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit)

  • Website: datenschutz-berlin.de

  • Email: poststelle@au.berlin.de

  • Telephone: +49 30 13889-0

You also have the right to lodge a complaint with your national data protection authority or the authority in any EU member state where you reside or work.

8.10 Exercising Your Rights

To Exercise Any of These Rights:

  • Email: privacy@helpwell.eu

  • Mail: HelpWell, Data Protection Officer, Berlin, Germany

  • Portal: Through your account settings on our Website

Response Timeline: We will respond to rights requests within 30 days of receipt (extendable to 90 days for complex or numerous requests).

Verification: We may request identification information to verify your identity before processing your request to ensure we are responding to the correct data subject.

9. Data Security

We implement comprehensive technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

9.1 Security Measures

Technical Security:

  • Encryption in Transit: All data transmitted between your device and our servers is encrypted using SSL/TLS (HTTPS) protocols

  • Encryption at Rest: Sensitive data is encrypted on our servers using industry-standard encryption algorithms

  • Secure Payment Processing: Payment information is processed through PCI-DSS compliant payment processors (Stripe)

  • Firewall Protection: Network firewalls protect against unauthorized access

  • Intrusion Detection: Systems monitor for unauthorized access attempts

  • Data Backup: Regular encrypted backups are maintained on EU-based secure servers

  • API Security: Secure authentication protocols protect API communications

Organizational Security:

  • Access Controls: Only authorized personnel have access to personal data on a need-to-know basis

  • Staff Training: All staff handling personal data receive data protection training

  • Confidentiality Agreements: All employees and contractors sign confidentiality agreements

  • Third-Party Security: Service providers are required to implement equivalent security measures

  • Security Audits: Regular security assessments and penetration testing

  • Incident Response: Documented procedures for responding to security incidents

9.2 Data Protection Impact Assessments

We conduct Data Protection Impact Assessments (DPIAs) for high-risk processing activities as required by Article 35 GDPR, including:

  • Background checks on service professionals

  • Processing of sensitive service preferences

  • Automated matching and profiling

9.3 Data Breach Notification

In the event of a confirmed personal data breach that poses a high risk to your rights and freedoms, we will:

  • Notify affected individuals without undue delay and in any case within 72 hours of becoming aware of the breach (where feasible)

  • Provide clear information about the breach, affected data, and recommended protective measures

  • Notify the German data protection authority (Berliner Beauftragte für Datenschutz) without undue delay

Incident Reporting: You can report security concerns to privacy@helpwell.eu.

9.4 Limitations on Security

While we implement comprehensive security measures, no system is completely secure. We cannot guarantee absolute security of your information. You are responsible for maintaining the confidentiality of your account credentials and must notify us immediately of any unauthorized access.

10. International Data Transfers

10.1 EU Servers

All personal data is processed and stored exclusively on servers located within the European Union. We do not transfer personal data outside the EEA except as described below.

10.2 Limited Exceptions

If data must be transferred outside the EEA (for example, through certain cloud service providers), we ensure such transfers are protected by:

  • Standard Contractual Clauses (SCCs) - EU Commission-approved model clauses

  • Data Privacy Framework (DPF) - Adequacy decisions where applicable

  • Binding Corporate Rules - For transfers within corporate groups

  • Explicit consent - Where appropriate

10.3 Stripe Payment Processing

Stripe may transfer payment data internationally for transaction processing and fraud prevention. Stripe implements appropriate safeguards including SCCs and complies with the Data Privacy Framework.

11. Cookies and Tracking Technologies

11.1 What Are Cookies?

Cookies are small text files placed on your device when you visit our Website. We use cookies to:

  • Remember your preferences

  • Improve your user experience

  • Analyze Website usage

  • Ensure Website security

  • Facilitate service delivery

11.2 Types of Cookies We Use

Essential Cookies:

  • Session cookies for account login

  • Security and fraud prevention cookies

  • Load balancing cookies

  • These are necessary for Website functionality and cannot be disabled

Functionality Cookies:

  • Remember user preferences and settings

  • Enable personalized features

  • Require your consent

Analytics Cookies:

  • Google Analytics (anonymized)

  • Track Website traffic and user behavior

  • Require your consent

  • Can be disabled in your cookie preferences

Marketing Cookies:

  • Track performance of advertising campaigns

  • Enable targeted advertising

  • Require your consent

  • Can be disabled in your cookie preferences

11.3 Your Cookie Choices

You can:

  • Accept all cookies or decline optional cookies at first visit

  • Modify your cookie preferences in your account settings

  • Clear cookies from your browser

  • Use your browser's "Do Not Track" feature

  • Opt-out of analytics tracking

Disabling cookies may affect Website functionality and your experience.

11.4 Cookie Consent

We obtain your explicit consent for non-essential cookies through a consent banner displayed upon your first visit. You can update your preferences at any time.

11.5 Third-Party Cookies

Third-party service providers (such as Google Analytics) may place cookies on your device. Their use of cookies is governed by their own privacy policies.

12. Third-Party Links and Services

Our Website may contain links to third-party websites, applications, and services that are not operated by HelpWell. This Privacy Policy applies only to information we collect through our Website and Services.

We are not responsible for:

  • Privacy practices of third-party websites

  • Content on third-party sites

  • Third-party collection or use of your information

Recommendation: Review the privacy policies of any third-party services before providing your information.

13. Children's Privacy

Our Services are not directed to children under 13, and we do not knowingly collect personal data from children under 13. If we become aware that we have collected data from a child under 13 without verifiable parental consent, we will delete such information promptly.

Young users aged 13-18 should ensure they have parental guidance before using our Services.

14. GDPR-Specific Rights and Responsibilities

14.1 Data Controller and Data Processor

HelpWell as Data Controller: For most personal data you provide through our Website and Services, HelpWell is the data controller responsible for determining how and why your data is processed.

Third Parties as Data Processors: Service providers such as Stripe and analytics providers process data on our behalf as data processors under Data Processing Agreements.

14.2 Data Processing Agreements

All third-party service providers who process personal data on our behalf are bound by Data Processing Agreements (DPAs) that:

  • Limit processing to instructions from HelpWell

  • Ensure appropriate security measures

  • Restrict sub-processing

  • Guarantee data subject rights

  • Include audit and compliance provisions

14.3 Data Protection Officer Contact

If you have questions or concerns about our data protection practices, you can contact our Data Protection Officer:

The Data Protection Officer can assist with GDPR compliance questions and data subject requests.

15. Your Marketing Preferences

15.1 Email Communications

We send marketing emails about new services, special offers, and promotions only where you have opted in or where permitted by law.

To Manage Email Preferences:

  • Click the "Unsubscribe" link in any marketing email

  • Update your communication preferences in your account settings

  • Contact us at privacy@helpwell.eu

15.2 SMS and Push Notifications

We send SMS or push notifications only with your explicit opt-in consent. You can opt out of these communications through your account settings or by replying "STOP" to SMS messages.

15.3 Transactional Communications

You cannot opt out of transactional emails (booking confirmations, receipts, account alerts) as these are necessary for service delivery.

16. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know - Request what personal information we collect, use, or disclose

  • Right to Delete - Request deletion of personal information (with certain exceptions)

  • Right to Opt-Out - Opt out of the selling or sharing of your personal information

  • Right to Correct - Request correction of inaccurate personal information

  • Right to Limit Use - Limit use of sensitive personal information

To exercise CCPA rights, contact us at privacy@helpwell.eu with your request. We will verify your identity and respond within 45 days.

Note: We do not sell personal information as defined by CCPA. We share information only as described in this Privacy Policy.

17. UK Privacy Rights (GDPR as adopted in UK law)

If you are located in the United Kingdom, your data is protected under UK data protection laws based on GDPR principles. You have the same rights described in Section 8 of this Privacy Policy. UK data protection authority:

  • Information Commissioner's Office (ICO)

  • Website: ico.org.uk

18. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors.

18.1 Notification of Changes

  • Material changes will be notified via email to registered users

  • We will display a prominent notice on our Website

  • Your continued use of our Services constitutes acceptance of changes

18.2 Review Changes

We encourage you to review this Privacy Policy regularly to stay informed about how we protect your information.

19. Contact Information

19.1 Data Protection and Privacy Inquiries

Email: privacy@helpwell.eu

Mailing Address:
HelpWell
Berlin, Germany

Response Time: We aim to respond to all inquiries within 10 business days.

19.2 Customer Support

For general customer support questions (not related to privacy):

Operating Hours: 7 days a week, 9 AM to 10 PM CET (closed only on major holidays)

Contact Methods: Available through helpwell.eu

19.3 Data Protection Authority

If you have concerns about our data protection practices:

Berliner Beauftragte für Datenschutz und Informationsfreiheit

Appendix A: Legal Basis Summary


PurposeLegal BasisData CategoryService delivery and bookingContract performance (Article 6(1)(b) GDPR)Account, booking, payment dataPayment processingContract performance & Legal obligationPayment informationService provider verificationLegitimate interest & public safety (Article 6(1)(e) GDPR)Background checks, qualificationsFraud preventionLegitimate interest (Article 6(1)(f) GDPR)Transaction, behavioral dataTax complianceLegal obligation (Article 6(1)(c) GDPR)Financial recordsCustomer supportContract performance (Article 6(1)(b) GDPR)Communication dataMarketing communicationsConsent (Article 6(1)(a) GDPR)Email, contact informationWebsite analyticsLegitimate interest & ConsentTechnical data, cookiesService improvementLegitimate interest (Article 6(1)(f) GDPR)Usage patterns, feedback

Appendix B: Data Subject Rights Request Template


To submit a data subject rights request, please use the following template and send it to hi@helpwell.eu:

DATA SUBJECT RIGHTS REQUEST

Dear HelpWell Data Protection Team,

I am submitting a request to exercise my rights under the General Data Protection Regulation (GDPR) and German data protection laws.

Type of Request: (Please select one)

  • Right of Access (Article 15 GDPR)

  • Right to Rectification (Article 16 GDPR)

  • Right to Erasure (Article 17 GDPR)

  • Right to Restrict Processing (Article 18 GDPR)

  • Right to Data Portability (Article 20 GDPR)

  • Right to Object (Article 21 GDPR)

  • Other (please specify): _______________

My Details:

  • Full Name: _______________

  • Email Address: _______________

  • Account Username (if applicable): _______________

  • Phone Number: _______________

Description of Request:
[Please provide details of your request and any specific information you are requesting]

Attachments:
[Please attach a copy of your government-issued ID for verification purposes]

I understand that you may need to verify my identity to process this request and that you have 30 days (extendable to 90 days for complex requests) to respond.

Sincerely,
[Your Signature or Typed Name]

End of Privacy Policy