Privacy Policy - Carpet Cleaners SE27
This Privacy Policy explains how Carpet Cleaners SE27 collects, uses, stores, shares, and protects personal data. It applies to all Carpet Cleaners SE27 customers in the SE27 area, including individuals who enquire about our services, request a quotation, book a service, or otherwise interact with us. We are committed to handling personal data lawfully, fairly, and transparently in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who we are
For the purposes of data protection law, Carpet Cleaners SE27 acts as the data controller for the personal data we collect and process in connection with our services. This means we determine the purposes and means of processing your personal data. We only process the data necessary to provide carpet cleaning and related services, manage customer relationships, and meet legal or operational obligations.
2. Personal data we collect
We collect only the data needed for legitimate business purposes. The types of personal data we may collect include:
- Identity details such as your name and, where relevant, business name.
- Contact details such as your address, email address, and telephone number.
- Service details such as the type of cleaning requested, property access information, preferred appointment times, and notes about specific cleaning requirements.
- Payment and billing information needed to process transactions and maintain financial records.
- Communication records including messages, quotes, booking confirmations, complaints, and feedback.
- Technical and usage information if you interact with our digital services, such as device type, browser data, and basic log information.
We do not intentionally collect special category data unless it is necessary and you have provided it for a specific reason, such as access arrangements or safety concerns. Where such data is involved, we apply additional safeguards and process it only when permitted by law.
3. How we use your data
We use personal data for the following purposes:
- To provide carpet cleaning and related services.
- To manage bookings, appointments, quotations, and customer enquiries.
- To communicate with you about your service request or ongoing work.
- To issue invoices, process payments, and maintain accounting records.
- To improve service quality, train staff, and monitor performance.
- To handle complaints, disputes, and customer support matters.
- To comply with legal, tax, insurance, and regulatory obligations.
- To protect our business, staff, and customers from fraud, misuse, or security threats.
We only use your data in ways that are consistent with the purpose for which it was collected and where we have a valid legal basis under GDPR.
4. Lawful basis for processing
We rely on one or more of the following lawful bases to process personal data:
Contract
We process your data where it is necessary to perform a contract with you or to take steps at your request before entering into a contract. This includes providing quotations, confirming bookings, delivering services, and handling payments.
Legitimate interests
We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Examples include improving our services, preventing fraud, managing customer records, and maintaining internal administration.
Legal obligation
We process certain data where required to comply with legal duties, such as tax, accounting, insurance, or record-keeping obligations.
Consent
Where required by law, we rely on your consent. If we ask for consent, you may withdraw it at any time. Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal.
Vital interests
In rare situations, we may process data where necessary to protect someone’s vital interests, for example in an emergency involving health or safety.
5. Data retention
We keep personal data only for as long as necessary to fulfil the purposes described in this policy, including meeting legal, accounting, and reporting requirements. Retention periods vary depending on the type of data and the reason for processing.
- Customer service records are usually retained for a reasonable period after the service ends to support follow-up, warranty, or dispute handling.
- Financial and invoicing records are retained for the period required by tax and accounting law.
- Communication records may be retained for operational and customer service purposes.
- Technical logs are kept only as long as needed for security and maintenance.
When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.
6. Data sharing and processors
We may share personal data with trusted third parties who help us operate our business. These third parties act as processors when they handle data on our behalf and under our instructions. We ensure that processors are subject to appropriate contractual obligations and provide sufficient safeguards for personal data.
Examples of processors or service providers may include:
- Payment processors for card or electronic payment transactions.
- Accounting and bookkeeping providers for financial administration.
- IT, hosting, and software providers supporting secure data storage and business systems.
- Customer communication tools used for appointment management and service updates.
- Professional advisers such as insurers, auditors, or legal advisers where necessary.
We may also disclose personal data where required by law, to respond to lawful requests from public authorities, or to establish, exercise, or defend legal claims. We do not sell your personal data.
7. International transfers
If any processor stores or accesses data outside the UK, we will ensure that appropriate safeguards are in place, such as adequacy regulations or standard contractual clauses, to protect your personal data to the required legal standard.
8. Data security
We take the security of personal data seriously and apply technical and organisational measures designed to prevent unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, password protection, secure storage, staff confidentiality requirements, and regular review of our procedures. While no system can be guaranteed to be completely secure, we work to keep personal data protected at an appropriate level.
9. Your rights
Under data protection law, you have a number of rights in relation to your personal data. These rights are not absolute and may be subject to legal exceptions or limitations. Your rights may include:
- Right of access – you can request a copy of the personal data we hold about you.
- Right to rectification – you can ask us to correct inaccurate or incomplete data.
- Right to erasure – in certain circumstances, you can ask us to delete your personal data.
- Right to restriction – you can ask us to limit how we use your data in certain situations.
- Right to object – you can object to processing based on legitimate interests or direct marketing.
- Right to data portability – you may request your data in a structured, commonly used format where applicable.
- Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.
If you wish to exercise any of these rights, we will respond in accordance with applicable law. We may need to verify your identity before acting on your request to ensure your data remains secure.
10. Complaints and supervisory authority
If you are concerned about how we handle your personal data, we encourage you to raise the matter with us first so we can address it promptly. You also have the right to lodge a complaint with the UK data protection supervisory authority if you believe your rights have been infringed. This policy does not limit any statutory rights available to you under data protection law.
11. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in the law, our services, or how we process personal data. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their information is handled.
12. Summary of our commitments
In summary, Carpet Cleaners SE27 only collects data that is necessary, uses it for clear and lawful purposes, keeps it secure, shares it only with trusted processors or where required by law, and respects your rights under GDPR. We aim to process all personal data fairly, transparently, and with careful respect for privacy throughout every stage of our services in the SE27 area.