Privacy Policy

MASTER’OK ISRAEL

(Edition 2024)

1. General Provisions

1.1. This document establishes the rules for the collection, use, storage, and protection of user information on the MASTER’OK ISRAEL website (https://master-ok.co.il) and related online resources.

1.2. MASTER’OK ISRAEL provides professional repair and maintenance services throughout Israel, covering both residential and commercial properties. Service areas include: window and glass cleaning, cleaning and mold removal, construction and repair works, full-scale plumbing and electrical services.

1.3. Data processing is carried out in accordance with:

– Israeli Privacy Protection Law (חוק הגנת הפרטיות, התשמ”א–1981);

– Information Security Regulations (תשע”ז–2017);

– EU General Data Protection Regulation (GDPR, Regulation (EU) 2016/679);

– international standards for personal data protection.

1.4. Use of the Website and services constitutes the user’s consent to the provisions of this Policy.

2. Consent and Legal Grounds

2.1. By submitting a request through the Website or contacting company representatives, the user voluntarily agrees to the processing of their personal and technical data.

2.2. Data processing is carried out on lawful grounds, including:

– fulfillment of contractual obligations for service delivery;

– compliance with legal requirements;

– the user’s consent to the processing of their data.

3. Processed Data

3.1. Personal data:

– name, phone number, email address (bekkermaster@gmail.com);

– property address where services are provided (if submitted);

– information specified in service orders and feedback forms;

– correspondence with the company and inquiry history.

3.2. Technical information:

– IP address, browser type, and operating system version;

– device details and referral sources;

– cookies and session identifiers.

3.3. As part of service preparation, photographs or descriptions of premises and defects provided by the client for assessment of work volume and cost may also be processed.

4. Purposes of Data Processing

Data is collected and used for the following purposes:

– establishing and maintaining communication with clients;

– processing and fulfilling service orders;

– preparing contracts and cost estimates;

– ensuring service security and preventing violations;

– improving service quality and expanding the range of offerings;

– informing clients about additional services and promotions (with separate consent);

– analyzing service demand, including cleaning, repairs, installations, and maintenance.

5. Cookies and Identification

5.1. The MASTER’OK ISRAEL Website uses cookies to ensure proper functioning of services, to remember user preferences, and to analyze traffic.

5.2. Cookies may be used for:

– automatic login;

– storing user preferences;

– collecting statistics on Website usage;

– personalizing displayed content.

5.3. Users may disable cookies in their browser settings; however, this may affect the proper functioning of certain Website features.

6. Data Storage and Protection

6.1. All personal and technical data is processed using modern security technologies (TLS 1.3, SSL, AES-256).

6.2. The servers hosting the Website are protected by network filtering systems, access controls, and backup mechanisms.

6.3. Data may be shared with third parties only in the following cases:

– when required by law;

– with the user’s consent;

– under agreements with technology and service partners (hosting, payment systems, CRM platforms) who are obligated to maintain confidentiality.

6.4. If the volume of processed data exceeds the threshold set by Israeli law (10,000 records), the database will be registered with the Israeli Privacy Protection Authority.

7. International Data Transfers

7.1. Data may be stored and processed on servers located outside Israel, including in the EU and the USA.

7.2. When transferring data abroad, compliance with international standards is ensured, including:

– GDPR (EU);

– SCC (EU Standard Contractual Clauses);

– additional international data protection protocols.

7.3. Such transfers are carried out only where adequate protection and contractual safeguards are provided by the receiving party.

8. User Rights

The User has the right to:

– receive confirmation of the processing of their personal data;

– request access to their data and obtain a copy;

– request correction, updating, or deletion of data;

– restrict or object to data processing;

– withdraw consent to data processing at any time;

– file a complaint with the Israeli Privacy Protection Authority or other supervisory authorities.

9. Data Retention Periods

9.1. Users’ personal data is retained only for as long as necessary to achieve the purposes of processing, or longer if required by law.

9.2. Standard retention periods:

– requests and correspondence — up to 7 years;

– accounting and payment records — at least 7 years, in accordance with Israeli tax legislation;

– technical logs (IP, security logs) — up to 12 months;

– analytical data — up to 24 months, after which they are anonymized;

– cookies and identifiers — up to 30 days or until deleted by the user.

9.3. Upon expiration of retention periods, data is deleted or anonymized.

9.4. In the event of judicial or pre-judicial proceedings, data retention may be extended until the conclusion of the proceedings.

10. Data Sharing with Third Parties

10.1. Data may be shared with third parties only in the following cases:

– to perform a contract and deliver services;

– with the user’s consent;

– upon request from government authorities or courts;

– to contractors and partners (hosting, cloud services, payment providers, CRM, analytics services).

10.2. All partners are required to maintain confidentiality and use the data strictly within the scope of providing services.

10.3. Data may be transferred for research and statistical purposes only in anonymized form.

10.4. In the event of corporate changes (merger, acquisition, asset sale), data will continue to be processed in accordance with this Policy.

11. Policy Updates

11.1. This Policy may be reviewed and updated in response to changes in legislation or services.

11.2. In the event of significant changes, users will be informed via a notice on the Website or by e-mail.

11.3. The updated version becomes effective upon publication on the Website.

11.4. If a new processing purpose is introduced that is incompatible with the original one, the Company will seek separate user consent.

12. Contacts

Data Controller: MASTER’OK ISRAEL

E-mail: bekkermaster@gmail.com

Website: https://master-ok.co.il

Response time to user requests — up to 30 calendar days.

13. International Data Transfers

13.1. Personal data may be processed and stored on servers located outside Israel, including in the European Union, the United States, and other countries.

13.2. Transfers are carried out only where legal protection mechanisms are in place: Standard Contractual Clauses (SCC), GDPR-based agreements, and equivalent international instruments.

13.3. All partners are required to ensure a level of data protection comparable to the requirements of Israeli law and international ISO/IEC standards.

13.4. Information on recipient countries and categories is provided to the user upon request.

14. Processing of Sensitive Data

14.1. Sensitive data includes information relating to health, biometric identifiers, financial details, religious and political views, ethnic origin, and other categories defined by law.

14.2. Such data is processed only with the user’s explicit consent or in cases expressly provided for by law.

14.3. Additional security measures are applied to sensitive data: separate encryption, restricted access, and minimized retention periods.

14.4. Sensitive data is never used for marketing purposes.

15. Operator’s Responsibility

15.1. MASTER’OK ISRAEL ensures the implementation of organizational and technical measures for data protection and is responsible for compliance with applicable legislation.

15.2. The Company is not liable for situations where access to data occurred due to the user’s own actions (e.g., password disclosure) or as a result of force majeure circumstances.

15.3. We are not responsible for the practices of third-party websites linked from our resource.

15.4. In the event of a security incident, the Company undertakes to remedy the issue and notify affected users and competent authorities.

16. Final Provisions

16.1. This Policy is part of the Terms of Use of https://master-ok.co.il.

16.2. Governing law: the legislation of the State of Israel; disputes are subject to the jurisdiction of Israeli courts, unless otherwise provided by international treaties.

16.3. The invalidity of any provision does not affect the validity of the remaining provisions.

16.4. If the database exceeds 10,000 records and/or involves the processing of sensitive data, it is registered with the Israeli Privacy Protection Authority (רשות להגנת הפרטיות).

16.5. Last updated: September 2025.

Appendix 1

September 2025

Extended Data Protection Provisions

1. Device Identifiers and Logs

1.1. For diagnostics and troubleshooting, the following may be collected:

– device and application identifiers (e.g., Android ID, iOS IDFA/IDFV, device model, OS version);

– network data (IP address, connection type, carrier);

– event logs, crash reports, system module tags;

– attachments provided by the user (photos, videos, screenshots, audio files).

1.2. This data is processed solely for the purposes of diagnostics, support, and improving service quality.

2. Push Notifications and Communications

2.1. Unique notification tokens (e.g., Firebase Cloud Messaging, APNs) are processed to deliver push notifications.

2.2. Users may opt out of push notifications via device settings or the service interface.

2.3. System notifications related to contract execution (e.g., order confirmations) may be sent without separate consent.

3. Third-Party SDKs and Services

3.1. Third-party SDKs and providers are used for service operation.

3.2. SDK categories:

– analytics and statistics (e.g., Google Analytics, Firebase, Yandex.Metrica);

– stability monitoring and logging (e.g., Sentry, Crashlytics, LogRocket);

– marketing and personalization (e.g., Google Ads, Facebook Pixel, Mailchimp, HubSpot);

– payment gateways (e.g., PayPal, Stripe, Max/Isracard, Apple Pay, Google Pay);

– infrastructure and hosting (e.g., AWS, Azure, Google Cloud, Hetzner).

3.3. Each SDK/service is governed by a Data Processing Agreement (DPA) including GDPR/SCC, ISO/IEC, and an obligation to use data solely for its functions.

4. Exceptions Without Consent

Processing without separate consent is permitted in cases of:

– contract performance with the user;

– fulfillment of legal obligations;

– protection of vital interests;

– tasks carried out in the public interest;

– legitimate interests of the operator (without prejudice to data subject rights);

– publication of data by the subject in open access;

– ensuring service security and stability.

5. Privacy Management

5.1. Users have access to a Privacy Center/cookie center to:

– enable/disable analytical and marketing cookies;

– withdraw consent for personal data processing;

– manage push notification and email subscription settings.

5.2. Global Privacy Control (GPC) signals and similar mechanisms are supported.

6. Minors

6.1. Services are not intended for individuals under 16 (or the applicable age of consent under local law).

6.2. Children’s data is not intentionally processed.

6.3. If children’s data is identified as collected without proper consent, such data will be deleted.

7. Automated Decisions and Profiling

7.1. Users are informed of personalization and automated data processing.

7.2. No decisions with legal consequences are made solely based on automated processing.

7.3. Users have the right to object and request human intervention.

8. Controller / Processor / Joint Controller

8.1. In services provided to end-users, the operator acts as a data controller.

8.2. When working with corporate clients, the operator may act as a processor under a Data Processing Agreement (DPA).

8.3. In cases of jointly determined purposes and means of processing, a joint controller regime applies, with transparent allocation of responsibilities.

9. Data Protection Officer (DPO/Privacy Officer)

A designated DPO/Privacy Officer is appointed, and their contact details are published in the policy.

For users in the EU/UK, a representative under Article 27 GDPR may be appointed.

10. Breach Notification

10.1. In the event of a security incident, the operator notifies the supervisory authority within 72 hours (GDPR) and affected data subjects without undue delay.

10.2. Notifications include: nature of the breach, categories of affected data, consequences, and measures taken.

11. Data Retention Matrix

Data Category   Retention Period              Further Actions

Accounts and contact details       account duration + 24 months    deletion/pseudonymization

Requests and support tickets       up to 36 months after closure     deletion/anonymization

Error logs and diagnostics            90–180 days       aggregation/deletion

Marketing consents and prefs     until withdrawal + 24 months for audit    deletion

Payment and accounting data     at least 7 years (per tax law)        archiving/deletion

Media attachments (photo/video)            until case closure + 12 months    deletion

Cookies/identifiers          up to 30 days or until user withdrawal     deletion

12. Logging and Access Control

12.1. All actions involving personal data are recorded in audit logs.

12.2. Access is granted on a least privilege basis (PoLP).

12.3. Roles and access rights are reviewed at least once every 12 months.

13. User Applications and Attachments

13.1. Users are responsible for ensuring that uploaded photos/videos/files do not contain third-party data without consent.

13.2. The operator warns of the risk of excessive data transfer and applies minimization and masking in processing.

14. Disclaimer

All information posted on this website, including texts, photos, videos, images, and other content, is provided for informational purposes only. Any resemblance to actual persons, organizations, or events is purely coincidental and unrelated to specific individuals.

Some materials are created by our company, others are provided by partners and clients, and may also be generated using artificial intelligence technologies. All materials are for demonstration and informational purposes only and cannot be regarded as direct instructions, legal or professional advice.

The company bears no responsibility for the interpretation of posted information, nor for any direct or indirect consequences of its use. By using this website, you confirm your understanding that all content is informational and cannot serve as grounds for claims or demands against the company, its employees, partners, or clients.