Privacy Policy - Carpetcleaning E15
This Privacy Policy explains how Carpetcleaning E15 collects, uses, stores, shares, and protects personal data in connection with our services. It applies to all Carpetcleaning E15 customers in the area and to anyone who interacts with us to request, receive, or manage our services. We are committed to handling personal information in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Carpetcleaning E15 provides carpet cleaning and related domestic and commercial cleaning services. In the context of this policy, we act as the data controller for personal data that we collect and determine how and why it is processed. This means we decide the purposes and methods of processing your information when you use our services, contact us, request a quote, book an appointment, or communicate with us about an existing service.
2. Personal Data We Collect
We only collect personal data that is relevant and necessary for operating our services, managing customer relationships, and meeting legal obligations. The information we may collect includes:
- Identity details, such as your name and title.
- Contact information, such as your address, email address, and telephone number.
- Service details, including service type, property access notes, cleaning requirements, preferred appointments, and related instructions.
- Payment information, such as payment status, billing records, and transaction references. We do not intentionally store full card details when payment is processed through secure third-party providers.
- Communication records, including messages, complaints, feedback, and service updates.
- Technical data if you interact with our digital systems, such as device information, browser type, and basic usage data.
- Special category data is not normally collected. If you voluntarily provide information that could reveal sensitive circumstances, we will only process it where there is a lawful basis and, if required, explicit consent.
We do not collect more data than needed for the stated purpose.
3. How We Use Your Data
We use personal data for the following purposes:
- To provide quotes, confirm bookings, and deliver cleaning services.
- To manage customer accounts, appointments, and service history.
- To communicate with you about scheduling, service changes, or follow-up matters.
- To process payments and maintain financial records.
- To respond to enquiries, complaints, and requests.
- To improve service quality, training, and internal operations.
- To comply with legal, tax, insurance, and regulatory obligations.
- To prevent fraud, misuse, or security incidents.
We will only use your data where we have a valid reason to do so.
4. Lawful Basis for Processing
Under data protection law, we must have a lawful basis to process personal data. Carpetcleaning E15 relies on the following lawful bases:
a) Performance of a Contract
We process your information when it is necessary to enter into or perform a contract with you. This includes handling booking details, property information, payment processing, and service delivery.
b) Legal Obligation
We may process and retain certain records to meet legal and regulatory requirements, such as accounting, tax, recordkeeping, and dispute handling obligations.
c) Legitimate Interests
We may process data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights and freedoms. Examples include improving our services, responding to enquiries, preventing fraud, and maintaining secure business operations.
d) Consent
Where required, we may rely on your consent, particularly for optional communications or any processing that is not covered by another lawful basis. If we rely on consent, you can withdraw it at any time.
We always assess the necessity and proportionality of processing before using personal data.
5. Data Sharing and Processors
We may share personal data with trusted third parties who help us operate our business. These parties act as processors or independent controllers depending on the service they provide. When processors handle data on our behalf, they are required to follow our instructions and protect the information appropriately.
Examples of processors or service providers may include:
- Payment processing providers.
- Booking and scheduling software providers.
- IT support and cloud storage providers.
- Accountants and payroll or bookkeeping services.
- Customer communication tools, where used.
- Professional advisers, insurers, or legal advisers where necessary.
We may also disclose personal information if required by law, court order, or a lawful request from a public authority. We do not sell personal data.
All processors are selected carefully and expected to apply suitable security measures.
6. International Transfers
If any of our processors or service providers store or access data outside the UK, we will ensure that appropriate safeguards are in place before the transfer occurs. These safeguards may include adequacy regulations, standard contractual clauses, or other legally recognised protections. Our aim is to keep your data protected regardless of where it is processed.
7. Data Retention
We keep personal data only for as long as necessary for the purpose for which it was collected, including to satisfy legal, accounting, insurance, and reporting requirements. Retention periods depend on the type of data and the reason for processing.
- Customer and service records are retained for the duration of the service relationship and for a reasonable period afterwards.
- Financial and tax records are kept for the period required by law.
- Communication records may be retained to support service history, dispute resolution, and quality management.
- Security and technical records are kept only as long as needed to monitor and protect our systems.
When data is no longer needed, it will be securely deleted, anonymised, or archived in line with our retention practices.
8. Data Security
We use reasonable technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include restricted access, password protection, secure storage, staff awareness procedures, and supplier checks. While no system can be guaranteed completely secure, we take data security seriously and continually review our safeguards.
9. Your Rights
As a data subject, you have rights under UK GDPR in relation to the personal data we hold about you. Subject to legal limits and verification of identity, your rights may include:
- Right of access – to obtain confirmation of whether we process your data and receive a copy of it.
- Right to rectification – to request correction of inaccurate or incomplete information.
- Right to erasure – to request deletion of data where there is no good reason for us to keep it.
- Right to restriction – to request that we limit how we use your data in certain circumstances.
- Right to data portability – to receive certain data in a structured, commonly used format.
- Right to object – to object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent – where we rely on consent, you may withdraw it at any time.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you are unhappy with how your data is handled.
10. Children’s Data
Our services are intended for adults. We do not knowingly collect data from children unless it is provided incidentally in the course of delivering a service at a property. If we become aware that we have collected children’s data without an appropriate legal basis, we will take steps to delete it where required.
11. Automated Decision-Making
We do not use personal data for automated decision-making that produces legal or similarly significant effects. If this changes in the future, we will update this policy and ensure that appropriate safeguards are in place.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect legal, operational, or service changes. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their data is used.
13. Summary of Our Commitment
Carpetcleaning E15 is committed to processing personal data fairly, securely, and transparently. We collect only the information necessary to provide our services, rely on lawful bases such as contract, legal obligation, legitimate interests, and consent, and retain data only for as long as needed. We use trusted processors, protect your data with appropriate safeguards, and respect your rights under data protection law.
This Privacy Policy applies to all Carpetcleaning E15 customers in area.