Privacy Policy - Carpetcleaning N8
This Privacy Policy explains how Carpetcleaning N8 collects, uses, stores, shares, and protects personal data. It applies to all Carpetcleaning N8 customers in the area, including individuals who request quotes, book services, make enquiries, or receive cleaning services from us. We are committed to handling personal information in a lawful, fair, and transparent way in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Carpetcleaning N8 provides carpet cleaning and related cleaning services to residential and commercial customers. In this Privacy Policy, references to we, us, and our mean Carpetcleaning N8. We act as a data controller when we decide how and why personal data is used for our business operations and service delivery.
2. Personal Data We Collect
We collect only the information needed to manage enquiries, provide services, process payments, and meet legal or operational obligations. The types of data we may collect include:
- Identity details such as your name and, where relevant, the name of your business or property manager.
- Contact details such as your address, phone number, and email address.
- Service information such as property access details, cleaning requirements, preferred dates, and notes about the service requested.
- Billing and payment data such as invoice details, transaction records, and payment status.
- Communication records such as emails, messages, call notes, and complaint history.
- Technical data such as limited website or device information if you contact us through digital channels.
We do not intentionally collect special category personal data unless you choose to provide it and it is necessary for a specific service request, such as information relevant to accessibility, allergies, or health-related cleaning considerations. Where such data is provided, it will be handled with additional care and only when there is a valid lawful basis for processing.
3. How We Use Your Data
We use personal data for the following purposes:
- To respond to enquiries and provide quotations.
- To schedule, deliver, and manage cleaning services.
- To communicate about appointments, changes, and service updates.
- To issue invoices, manage payments, and keep financial records.
- To handle complaints, feedback, or service issues.
- To maintain business records and meet legal obligations.
- To improve our services, train staff, and support quality control.
- To protect against fraud, misuse, or security incidents.
We only process personal data where it is necessary and proportionate to the purpose for which it was collected.
4. Lawful Basis for Processing
Under data protection law, we must have a lawful basis for each use of personal data. We rely on the following lawful bases:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes managing quotations, booking cleaning services, delivering those services, and processing payments.
Legal Obligation
We may process and retain certain data to comply with tax, accounting, employment, or regulatory obligations. This can include retaining invoices and transaction records for required periods.
Legitimate Interests
We may process personal data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights and freedoms. Examples include managing business operations, improving service quality, preventing fraud, and maintaining secure records.
Consent
In limited situations, we may rely on your consent, particularly where processing is optional and not required for a service or legal reason. If we rely on consent, you may withdraw it at any time. Withdrawal will not affect the lawfulness of processing carried out before consent was withdrawn.
5. Data Sharing and Processors
We may share personal data with trusted third parties where necessary to run our business and provide services. These third parties act as processors when they handle data on our behalf and under our instructions.
Examples of processors may include:
- Payment service providers that help process card or online payments.
- Accounting and bookkeeping service providers.
- IT support, hosting, cloud storage, and system maintenance providers.
- Communication tools used to manage emails, messages, or appointment reminders.
- Customer management or scheduling software providers.
We only use processors that provide appropriate security and data protection commitments. Where personal data is shared, we ensure that suitable contracts and safeguards are in place. We do not sell your personal data.
We may also disclose personal data where required by law, court order, or a lawful request from a public authority. In limited circumstances, data may be shared to protect our rights, staff, customers, property, or the safety of others.
6. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting requirements.
- Enquiry records may be kept for a reasonable period to manage follow-up communication and customer service.
- Service records may be retained for the duration of the customer relationship and for a period afterwards to handle disputes, warranty-type issues, or repeat services.
- Financial and tax records are retained for the period required by law.
- Complaint and incident records may be kept as long as needed to address the matter and support our legitimate interests.
When data is no longer needed, we will securely delete, anonymise, or archive it in accordance with our retention practices.
7. Data Security
We take appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, password protection, staff confidentiality obligations, secure storage, and limited access to records on a need-to-know basis. While no system is completely secure, we work to reduce risks and maintain suitable safeguards.
8. Your Rights
As a data subject under UK GDPR, you have several rights regarding your personal data. These include:
- The right to be informed about how we use your data.
- The right of access to request a copy of the personal data we hold about you.
- The right to rectification if your data is inaccurate or incomplete.
- The right to erasure, also known as the right to be forgotten, in certain circumstances.
- The right to restrict processing in certain situations.
- The right to data portability where applicable.
- The right to object to processing based on legitimate interests or direct marketing.
- Rights related to automated decision-making, where such processing applies.
If you make a request, we may need to verify your identity before responding. We will normally respond within one month, unless the request is complex or we receive multiple requests, in which case an extension may apply as permitted by law.
9. Children’s Data
Our services are not directed at children as a primary audience, and we do not knowingly collect personal data from children unless it is provided by an adult customer in connection with a household or property service. If we become aware that we have collected data inappropriately, we will take steps to delete it where required.
10. International Transfers
Where a processor or service provider stores or accesses data outside the UK, we will take steps to ensure that appropriate safeguards are in place. This may include using approved contractual protections or other lawful transfer mechanisms to maintain an adequate level of protection for your data.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, legal obligations, or technology. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how we handle personal data.
12. How We Respond to Privacy Concerns
If you believe your data has been handled incorrectly, you may raise a privacy concern with us so it can be reviewed. We will take reasonable steps to investigate and resolve issues fairly and in line with our obligations. If you are not satisfied with the outcome, you may also have the right to lodge a complaint with the relevant data protection authority in the UK.
Carpetcleaning N8 is committed to protecting personal information and respecting privacy rights. We process data responsibly, keep it only as long as necessary, and ensure that our use of personal data is justified by a lawful basis. This policy applies to all Carpetcleaning N8 customers in area and forms part of our ongoing commitment to transparency and compliance.