Privacy Policy - Carpetcleaning SE22
This Privacy Policy explains how Carpetcleaning SE22 collects, uses, stores, and protects personal data relating to its customers and prospective customers. It applies to all Carpetcleaning SE22 customers in area, including individuals who request a quote, book a service, receive a service, or otherwise interact with us in connection with carpet cleaning and related cleaning services.
We are committed to handling personal data lawfully, fairly, and transparently in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is designed to help you understand what information we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have over your personal data.
1. Information We Collect
Carpetcleaning SE22 may collect and process the following categories of personal data:
- Identity details: name, title, and any relevant account or booking reference.
- Contact details: address, email address, telephone number, and service location.
- Service information: details about the cleaning services requested, property type, carpet or upholstery condition, and preferences relevant to service delivery.
- Payment information: limited payment details required to process transactions, invoice records, and payment status. We do not store unnecessary financial information.
- Communication records: emails, messages, notes from calls, complaints, feedback, and service requests.
- Technical data: basic information such as IP address, browser type, and device information where collected through digital systems used for administration or security.
We generally collect data directly from you when you make an enquiry, request a quotation, confirm a booking, or communicate with us about our services. In some cases, we may receive information from third parties acting on your behalf, such as a landlord, letting agent, property manager, or family member arranging a service for you.
2. How We Use Personal Data
We use personal data only for specific, legitimate business purposes connected with our cleaning services. These purposes include:
- responding to enquiries and providing quotations;
- managing bookings, scheduling appointments, and delivering services;
- processing payments and issuing invoices or receipts;
- communicating with customers about service arrangements, changes, or follow-up matters;
- handling complaints, feedback, and customer support requests;
- maintaining records for accounting, tax, and business administration;
- protecting our business, staff, and customers from fraud, misuse, or unlawful activity;
- meeting legal and regulatory obligations.
We do not sell personal data. We also do not use personal data for purposes that are incompatible with the reason it was collected unless we have a lawful basis to do so.
3. Lawful Basis for Processing
Under data protection law, Carpetcleaning SE22 must have a lawful basis to process personal data. Depending on the circumstance, we rely on one or more of the following:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes arranging quotations, confirming bookings, delivering cleaning services, and processing payments.
Legitimate Interests
We may process data where it is necessary for our legitimate interests and where those interests are not overridden by your rights and freedoms. This may include managing our operations, improving service quality, maintaining records, preventing fraud, and handling customer enquiries efficiently. When relying on legitimate interests, we consider whether the processing is proportionate and respectful of your privacy.
Legal Obligation
We process certain information to comply with legal obligations, including tax, accounting, recordkeeping, and business compliance requirements.
Consent
In limited circumstances, we may rely on your consent, for example where you have clearly agreed to specific optional communications or data uses. Where consent is used, you may withdraw it at any time. Withdrawal will not affect the lawfulness of processing carried out before the withdrawal.
4. Data Sharing and Processors
We may share personal data with trusted third parties only when necessary to operate our business and provide services. These third parties act as processors or independent controllers depending on the nature of the service.
Examples of processors may include:
- IT and software providers that support scheduling, invoicing, customer records, or secure data storage;
- payment service providers that handle payment processing;
- accounting or bookkeeping providers that assist with financial administration;
- communication service providers that support email, messaging, or telephone systems;
- professional advisers such as insurers, auditors, or legal advisers where needed.
We require processors to protect personal data, use it only for authorised purposes, and maintain appropriate security measures. Where personal data is shared with independent controllers, they are responsible for their own compliance with data protection law.
We may also disclose personal data where required by law, court order, regulator, or law enforcement authority, or where such disclosure is necessary to protect our rights, staff, customers, or property.
5. Data Retention
Carpetcleaning SE22 retains personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, or reporting requirements. Retention periods are determined by the type of data, the nature of the service, and applicable legal obligations.
- Customer and booking records: retained for the duration of the business relationship and a reasonable period afterwards to manage follow-up, disputes, or warranty-related issues.
- Financial and tax records: retained for the period required by law and accounting standards.
- Communication records: retained for as long as needed to address enquiries, complaints, and service administration.
- Technical and security data: retained for a limited period unless needed for investigation or security purposes.
When personal data is no longer needed, we will securely delete, anonymise, or archive it in accordance with our retention practices and legal obligations. We do not keep personal data indefinitely.
6. Security of Personal Data
We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, restricted permissions, and staff awareness practices.
Although we work to protect personal data, no system can be guaranteed completely secure. If we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will take steps required by law, which may include notifying the relevant supervisory authority and affected individuals where appropriate.
7. Your Rights
As a data subject under the UK GDPR, you have several rights regarding your personal data. These rights may be subject to certain legal exceptions and limitations.
- Right of access: you may request confirmation of whether we process your data and obtain a copy of that data.
- Right to rectification: you may ask us to correct inaccurate or incomplete information.
- Right to erasure: in certain circumstances, you may request deletion of your personal data.
- Right to restriction: you may ask us to limit how we use your data in specific situations.
- Right to object: you may object to processing based on legitimate interests or direct marketing where applicable.
- Right to data portability: where processing is based on consent or contract and carried out by automated means, you may request transfer of certain data in a structured format.
- Right to withdraw consent: where processing relies on consent, you may withdraw it at any time.
If you wish to exercise any of these rights, we will respond in accordance with applicable law and may need to verify your identity before processing your request.
8. Children’s Data
Our services are intended for adult customers. We do not knowingly collect personal data from children except where it is unavoidable in the context of a booking or property access arrangement made by an adult customer. If we become aware that we have collected child-related data in error, we will take appropriate steps to delete it where lawful and practical.
9. International Transfers
Where any processor or service provider stores or accesses personal data outside the UK, we will ensure that appropriate safeguards are in place in line with applicable data protection law. These safeguards may include adequacy regulations, contractual protections, or other approved transfer mechanisms.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or operational practices. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically so they remain informed about how their data is handled.
11. Summary of Our Commitment
Carpetcleaning SE22 processes personal data responsibly and only for lawful, clearly defined purposes. We collect only the information needed to provide our services, retain it for a limited and justified period, and share it only with trusted processors or where required by law. We respect your privacy rights and aim to ensure that all Carpetcleaning SE22 customers in area receive fair, transparent, and secure handling of their personal data.
In short: your data is used to deliver and manage our services, protected with appropriate safeguards, and handled in accordance with GDPR principles of lawfulness, fairness, transparency, minimisation, accuracy, storage limitation, integrity, and confidentiality.