GGreaseTrapQuotes
Get 3 quotes

Privacy policy

Effective May 2026 · M.S. Project Zeus CY Limited (HE 430641), Cyprus

M.S. Project Zeus CY Limited (trading as GreaseTrapQuotes, HE 430641, Cyprus) operates greasetrapquotes.com and the services described below ("Service"). This policy explains what personal data we collect, why, how we use it, and what rights you have. It is written to comply with the EU General Data Protection Regulation (GDPR), the Cyprus Data Protection Law (125(I)/2018), and the Australian Privacy Act 1988 (Cth) for users located in Australia.

1. What we collect

When you submit a quote request, we collect:

  • Your name, business name, mobile number, and email address
  • The venue address, suburb, postcode, and approximate GPS coordinates
  • Trap size, access type, service frequency, and last-service date
  • Optional photos you upload of the trap or kitchen access
  • UTM parameters and referrer (where you came from)
  • Your preferred contact method and time

When you sign in as a contractor, we additionally collect your ABN, EPA licence number, public liability insurance certificate, postcodes served, and bank-card payment metadata from Stripe (we do not store the card number).

We log technical data automatically: IP address, browser type, pages visited, and timestamps of actions, for security and abuse prevention.

2. Why we collect it (legal bases)

  • Contract performance. Matching you with three licensed contractors is the service you requested.
  • Legitimate interest. Fraud prevention, abuse detection, service improvement.
  • Legal obligation. Retaining transaction records for the period required by Cyprus and Australian tax law.
  • Consent. Sharing your contact details with up to three contractors. You give this consent explicitly via a tick-box at the end of the quote form.

3. Who we share it with

  • Up to three licensed contractors serving your postcode, after you submit the quote form. Contractors receive: your name, mobile, email, venue address, and trap details. They are bound by our Contractor Agreement to use this data only to contact you about the quoted job.
  • Service providers we rely on, each contracted with us for confidentiality and data protection: Supabase (database, EU region), Vercel (hosting), Google Maps (autocomplete + satellite tiles, you can opt out of Maps in your browser settings), Brevo (email delivery), Twilio (SMS delivery), Stripe (contractor payments).
  • Regulatory authorities if compelled by court order or applicable law.

We never sell your personal information. We never share it for marketing by third parties.

4. International transfers

Because we are a Cyprus company operating an Australian-facing service, your data crosses the EU–Australia border. Data is hosted on infrastructure within the EU (Supabase ap-southeast-2 for low-latency Australian access, with EU controller). Transfers from the EU to Australia rely on the European Commission's adequacy decision for limited categories and on the Standard Contractual Clauses where adequacy does not apply.

5. How long we keep it

  • Quote requests: 24 months after submission (so you can reorder)
  • Contractor profiles: until you ask us to delete your account, then anonymised within 90 days
  • Stripe transaction records: 7 years (Cyprus accounting law and AU tax record-keeping)
  • Marketing opt-ins: until you unsubscribe
  • Server logs: 90 days

6. Your rights

Under GDPR (if you're in the EU/EEA), the Cyprus Data Protection Law, and the Australian Privacy Principles, you can:

  • Access the personal information we hold about you
  • Correct it if inaccurate
  • Ask us to delete it ("right to be forgotten")
  • Object to processing for direct marketing
  • Request a portable copy of your data
  • Lodge a complaint with the Cyprus Office of the Commissioner for Personal Data Protection (dataprotection.gov.cy) or the Office of the Australian Information Commissioner (oaic.gov.au)

To exercise any of these rights, email hello@greasetrapquotes.com. We aim to respond within 30 days.

7. Cookies

We use a single first-party cookie strictly for authentication (Supabase session). We use Plausible Analytics, which is cookie-less and does not track you across sites. We do not use Google Analytics, Facebook Pixel, or any third-party advertising trackers.

8. Security

Database connections are encrypted with TLS. Passwords are hashed with bcrypt. Payment card data never touches our servers (handled by Stripe). Production access is restricted to named company personnel with multi-factor authentication.

9. Changes

If we materially change this policy we will email registered contractors and post a notice on the homepage at least 14 days before the change takes effect.

10. Contact

Data controller: M.S. Project Zeus CY Limited, Margarita Court 5, Tafoi ton Vasileon 118, 8015 Paphos, Cyprus
Registered in Cyprus (HE 430641)
Email: hello@greasetrapquotes.com

Questions about this document? Email hello@greasetrapquotes.com.