Privacy Policy - Carpetcleaning SW18
This Privacy Policy explains how Carpetcleaning SW18 collects, uses, stores, shares, and protects personal data relating to customers and prospective customers in the SW18 area. It applies to all Carpetcleaning SW18 customers in the area, including individuals who request quotes, book services, receive cleaning services, or otherwise interact with our business. We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
By using our services, you acknowledge that you have read this Privacy Policy and understand how your information is processed. We only collect personal data that is necessary for delivering our services, managing our relationship with you, and meeting our legal obligations.
1. Data We Collect
We may collect and process different types of personal data depending on how you interact with us. This may include:
- Identity data: your name, title, and any relevant customer reference details.
- Contact data: address, phone number, email address, and service location within the SW18 area.
- Service data: details of the cleaning service requested, property type, cleaning instructions, preferred dates, and service history.
- Payment and transaction data: records of payments made, invoices issued, and payment status.
- Communication data: messages, feedback, complaints, and service-related correspondence.
- Technical data: limited information such as IP address, device details, and browser information if you interact with digital forms or website tools.
- Special category data: we do not normally collect special category data. If such information is provided voluntarily and is necessary for service delivery, we will process it only where a lawful basis applies and with appropriate safeguards.
We collect data directly from you where possible. In some cases, information may be provided by a third party acting on your behalf, such as a landlord, tenant, property manager, or family member arranging a service.
2. How We Use Your Data
We use personal data only for clear and legitimate purposes. These include:
- providing carpet cleaning services and related customer support;
- preparing quotes and managing bookings;
- carrying out service delivery at your property;
- processing payments and managing invoices;
- responding to questions, feedback, and complaints;
- maintaining business records and service history;
- meeting legal, tax, accounting, and regulatory obligations;
- preventing fraud, misuse, and unauthorised access;
- improving our service quality and customer experience.
We do not use your personal data for purposes that are incompatible with the reasons it was collected. If we ever need to use your information for a new purpose, we will ensure that we have a valid legal basis and provide any required information to you.
3. Lawful Basis for Processing
Under data protection law, we must have a lawful basis to process personal data. Depending on the circumstances, we rely on the following bases:
Contract
Processing is necessary for the performance of a contract or for steps taken at your request before entering into a contract. This applies when we provide quotations, schedule services, carry out carpet cleaning, and manage payments.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Examples include maintaining service records, responding to enquiries, improving our operations, and protecting against misuse or fraud. Where we rely on legitimate interests, we consider the impact on you and ensure the processing is proportionate.
Legal Obligation
We may process and retain certain information to comply with legal obligations, such as tax, accounting, and record-keeping requirements.
Consent
In limited situations, we may rely on your consent, for example where it is required by law for certain optional communications or specific processing activities. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
4. Retention of Personal Data
We keep personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, and reporting obligations. The retention period may vary depending on the type of data and the reason for processing.
- Customer and service records are retained for a period necessary to manage the service relationship and resolve disputes.
- Financial and invoicing information is retained in line with statutory accounting and tax requirements.
- Communication records may be kept for a reasonable period to handle follow-up queries, service issues, or complaints.
- Where data is no longer needed, it is securely deleted or anonymised.
We regularly review retained data to ensure it is not kept longer than necessary. If information is no longer required, we will take reasonable steps to dispose of it safely and securely.
5. Processors and Data Sharing
We may share personal data with carefully selected third parties who help us operate our business. These organisations act as processors or, in some cases, independent controllers. We only share data where necessary and where appropriate safeguards are in place.
- Payment processors: to handle secure card or electronic payments.
- Accounting and bookkeeping providers: to manage financial records and compliance.
- IT and software providers: to store data securely, manage bookings, and support internal systems.
- Administrative support services: where required to assist with scheduling, record management, or customer communications.
- Professional advisers: such as accountants, insurers, or legal advisers when necessary.
- Public authorities: where we are required to disclose data by law or to protect rights, property, or safety.
All processors are required to protect personal data and process it only on our instructions, unless they are acting as an independent controller. We aim to ensure that any sharing is limited to what is necessary and that data is transferred securely.
6. International Transfers
If any of our service providers process data outside the United Kingdom, we will ensure that appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or other legally recognised transfer mechanisms. We take reasonable steps to ensure that your personal data remains protected wherever it is processed.
7. Security of Personal Data
We use appropriate technical and organisational measures to protect personal data from unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures may include access controls, secure storage, staff confidentiality obligations, and limiting access to data on a need-to-know basis.
While no method of transmission or storage is completely secure, we work to maintain a high standard of data protection and regularly review our security practices. If a personal data breach occurs and is likely to result in a risk to your rights and freedoms, we will handle it in accordance with applicable legal requirements.
8. Your Rights
As a data subject, you have certain rights under data protection law. These rights may apply in different circumstances and may be subject to legal exceptions.
- Right of access: you may request confirmation of whether we process your personal data and ask for a copy of it.
- Right to rectification: you may ask us to correct inaccurate or incomplete data.
- Right to erasure: you may request deletion of your data where there is no lawful reason for us to keep it.
- Right to restriction: you may ask us to limit how we use your data in certain situations.
- Right to object: you may object to processing based on legitimate interests or direct marketing, where applicable.
- Right to data portability: you may request certain data in a structured, commonly used, machine-readable format.
- Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.
Please note that some rights may not apply in full where we must retain information for legal, contractual, or legitimate business reasons. If you exercise a right, we may need to verify your identity before responding.
9. Cookies and Similar Technologies
If we use online forms or digital tools, limited technical data may be collected through cookies or similar technologies. These are generally used to support basic functionality, measure performance, or improve user experience. Where required, we will provide appropriate notice and obtain consent for non-essential cookies.
10. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children unless it is provided by an adult in connection with a service request. If we become aware that child-related data has been collected without proper basis, we will take steps to remove it where appropriate.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any changes will take effect when published in the updated version. We encourage customers to review this policy periodically to stay informed about how we protect personal data.
12. Summary of Our Commitment
We are committed to processing personal data responsibly, securely, and transparently. For every customer in the SW18 area, we aim to ensure that data is collected only when needed, used only for valid reasons, retained only for as long as necessary, and shared only with trusted processors or where the law requires it. Our approach is built on lawfulness, fairness, transparency, minimisation, accuracy, storage limitation, integrity, and confidentiality.
This Privacy Policy applies to all Carpetcleaning SW18 customers in the area. By using our services, you agree that your personal data may be handled in accordance with this policy and applicable data protection law.