Privacy Policy - Carpetcleaning E17
This Privacy Policy explains how Carpetcleaning E17 collects, uses, stores, and protects personal data in connection with our carpet cleaning services. It applies to all Carpetcleaning E17 customers in the area, including individuals who enquire about our services, request a quotation, book an appointment, or otherwise interact with us in relation to carpet cleaning, upholstery cleaning, stain treatment, and related services. We are committed to handling personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Scope of this Privacy Policy
This policy applies when we process personal data relating to customers, prospective customers, household members, business clients, and any other individuals whose information is provided to us in connection with our services. It covers data collected through direct communication, online enquiries, telephone calls, message forms, booking requests, payment processes, service delivery, and post-service follow-up.
We aim to be transparent about what data we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have in relation to your information.
2. Information We Collect
We may collect and process the following categories of personal data:
- Identity details: name, title, and, where relevant, business name.
- Contact details: address, email address, telephone number, and service location.
- Booking and service information: requested cleaning date, service type, property access notes, cleaning preferences, and details necessary to complete the work.
- Payment information: payment status, transaction references, and invoicing details. We do not intentionally store full card details unless required by secure payment systems operated by third parties.
- Communication records: enquiries, complaints, feedback, and correspondence by phone, email, or message.
- Technical data: limited information such as IP address, device type, or browser details if you interact with digital systems used to manage enquiries or bookings.
- Special category data: we do not عادة collect sensitive personal data. If such data is incidentally disclosed to us, for example through access instructions or household notes, we will process it only where necessary and with appropriate safeguards.
We only collect data that is relevant and necessary for providing our services, operating our business, meeting legal obligations, and maintaining service quality.
3. How We Use Personal Data
We use personal data for the following purposes:
- to respond to enquiries and provide quotations;
- to manage bookings and deliver carpet cleaning services;
- to communicate about appointments, access arrangements, and service changes;
- to process payments, issue invoices, and maintain financial records;
- to handle complaints, disputes, and customer support requests;
- to improve our services, train staff, and maintain operational quality;
- to comply with legal, accounting, tax, and regulatory obligations;
- to protect against fraud, misuse, or unlawful activity;
- to establish, exercise, or defend legal claims where necessary.
We use personal data only for legitimate business purposes and in a manner that is fair, lawful, and proportionate.
4. Lawful Basis for Processing
Under data protection law, we must have a lawful basis to process personal data. Depending on the activity, Carpetcleaning E17 relies on one or more of the following legal bases:
Contract
We process data where it is necessary to enter into or perform a contract with you. This includes taking bookings, providing cleaning services, managing appointments, and handling payment-related administration.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This includes responding to enquiries, maintaining service records, improving our operations, managing customer relations, and protecting our business from misuse or fraud.
Legal Obligation
We may process and retain certain information to comply with legal obligations, such as accounting rules, tax requirements, insurance obligations, and records needed for dispute resolution.
Consent
In limited circumstances, we may rely on your consent, for example where specific optional communications require permission. If processing is based on consent, you may withdraw it at any time. Withdrawal will not affect processing that took place before consent was withdrawn.
5. Data Sharing and Processors
We may share personal data with trusted third parties who assist us in operating our business. These parties act as processors when they process data on our behalf and under our instructions. They are required to protect personal data and use it only for agreed purposes.
Examples of processors may include:
- booking and scheduling systems;
- payment service providers;
- IT support and data storage providers;
- accounting and invoicing platforms;
- customer communication tools;
- professional advisers, such as accountants or legal advisers, where necessary.
We may also disclose personal information where required by law, court order, or regulatory request, or where disclosure is necessary to protect our rights, customers, staff, or property. We do not sell your personal data.
6. Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected, including any legal, accounting, or reporting requirements.
- Enquiry data: typically retained for a limited period after the enquiry has been resolved, unless further retention is needed for business records.
- Customer service records: retained for the duration needed to provide services and manage post-service support.
- Invoice and payment records: retained for the period required by tax and accounting laws.
- Complaint or dispute records: retained until the matter is fully resolved and for a reasonable period afterwards.
When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.
7. Data Security
We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and limiting access to those who need it for legitimate business purposes.
While no system is completely secure, we work to maintain a reasonable and appropriate level of protection based on the nature of the information we hold.
8. Your Rights
Under data protection law, you have a number of rights regarding your personal data. These may include:
- Right of access: to request confirmation of whether we process your data and receive a copy of it.
- Right to rectification: to ask us to correct inaccurate or incomplete information.
- Right to erasure: to request deletion of your data in certain circumstances.
- Right to restriction: to ask us to limit how we use your data in certain situations.
- Right to object: to object to processing based on legitimate interests or direct marketing, where applicable.
- Right to data portability: to request transfer of data you provided to us, where legally applicable.
- Right to withdraw consent: where processing relies on consent, you may withdraw it at any time.
Please note that these rights are not absolute. In some cases, we may need to retain or continue processing certain information where required by law or where we have compelling legitimate grounds.
9. How We Handle Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children except where it is incidentally provided in the course of service delivery, such as household contact notes. Where such information is processed, we do so only to the extent necessary and with appropriate care.
10. International Transfers
If any service provider stores or processes data outside the United Kingdom, we will take steps to ensure that appropriate safeguards are in place and that your information remains protected to a standard consistent with applicable law.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data handling practices. The most current version will apply to all Carpetcleaning E17 customers in the area from the date it is published or otherwise made available.
12. Summary of Key Principles
- We collect only necessary data for service, administration, and legal compliance.
- We process data lawfully using contract, legitimate interests, legal obligation, or consent where appropriate.
- We retain data for limited periods and delete it securely when no longer needed.
- We use trusted processors under written instructions and appropriate safeguards.
- We respect your rights to access, correct, delete, restrict, object, or port your data where applicable.
If you engage with Carpetcleaning E17, we will handle your personal information responsibly, fairly, and in line with data protection requirements.