Privacy Policy - Carpetcleaning Ilford
This Privacy Policy explains how Carpetcleaning Ilford collects, uses, stores, shares, and protects personal data when providing our cleaning services. It applies to all Carpetcleaning Ilford customers in the area, including individuals, households, landlords, tenants, and business clients who use our services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who this policy applies to
This policy applies to anyone who contacts us, requests a quote, books a service, receives a service, or otherwise interacts with Carpetcleaning Ilford in connection with our carpet cleaning and related cleaning services. It also applies to customer representatives, property managers, and other individuals whose personal data we may process while delivering a service.
2. Personal data we collect
We collect only the information that is necessary for legitimate business and service purposes. Depending on the service requested, we may collect the following categories of personal data:
- Identity data, such as your name or the name of your business or property representative.
- Contact data, such as address details and communication preferences.
- Service data, such as information about the type of cleaning required, property access details, and scheduling preferences.
- Payment data, such as payment status, transaction records, and billing information.
- Communication data, such as messages, feedback, complaints, and service-related correspondence.
- Technical data, where relevant, such as limited information generated when you communicate with us electronically.
We do not seek to collect unnecessary or excessive information. Where possible, we keep the data collected to a minimum and only process what is needed to deliver our services properly.
3. How we use your data
We use personal data for several operational and legal purposes connected with the delivery of our services. These purposes include:
- responding to enquiries and providing quotations;
- managing bookings and appointments;
- delivering carpet cleaning and related services;
- communicating about service changes, follow-ups, or scheduling issues;
- processing payments and maintaining business records;
- handling complaints, service issues, and warranty or satisfaction-related matters;
- meeting legal, accounting, tax, and insurance obligations;
- protecting our business, staff, and customers from fraud or misuse.
We will only use your personal data where we have a lawful basis to do so. We will not use your information for purposes that are incompatible with the reason it was collected unless we have a valid legal basis or your consent where required.
4. Lawful basis for processing
Under data protection law, we must have a lawful basis for processing personal data. Carpetcleaning Ilford relies on the following lawful bases, depending on the situation:
Contract
We process personal data when it is necessary to perform a contract with you or to take steps at your request before entering into a contract. This includes handling bookings, delivering services, and managing payments.
Legal obligation
We may process personal data where necessary to comply with legal obligations, such as keeping accounting records, meeting tax requirements, or responding to lawful requests from authorities.
Legitimate interests
We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include improving our services, managing client relationships, preventing fraud, and maintaining internal records.
Consent
In limited situations, we may rely on your consent, for example where you agree to receive certain types of non-essential communication. Where consent is used, you may withdraw it at any time.
We do not rely on consent where another lawful basis is more appropriate or required for the service relationship.
5. Data sharing and processors
We may share personal data with trusted third parties who help us deliver and manage our services. These parties act as processors or, in some cases, independent controllers. We only share information when necessary and only with parties that provide appropriate safeguards.
Examples of processors may include:
- payment processing providers;
- booking or administration systems;
- IT and cloud storage providers;
- professional advisers such as accountants or insurers where required;
- subcontracted service providers assisting with operational tasks.
Where a processor handles personal data on our behalf, it is required to act only on our instructions, keep data secure, and comply with data protection law. We take reasonable steps to ensure that any processor we use has appropriate technical and organisational measures in place.
We may also disclose information if required by law, to enforce our legal rights, to protect the safety of customers or staff, or in connection with a business reorganisation or legal process.
6. Data retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including meeting legal, accounting, and reporting requirements. Retention periods depend on the type of data and the reason it is held.
- Customer service and booking records are kept for as long as needed to manage the service relationship and any follow-up issues.
- Invoices, payment records, and tax-related records are generally retained for the period required by applicable law.
- Complaint and correspondence records may be retained for a reasonable period to resolve disputes and maintain service quality.
- Consent-based communication records are kept until consent is withdrawn or they are no longer needed.
When personal data is no longer needed, we will delete, anonymise, or securely destroy it in line with our retention practices. We review retention periodically to make sure data is not kept for longer than necessary.
7. Data security
We take data security seriously and use appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, confidentiality obligations, and limited access to personal information on a need-to-know basis.
Although no method of transmission or storage is completely secure, we work to maintain a level of protection appropriate to the nature of the data and the risks involved.
8. Your rights under data protection law
As a data subject, you have several rights regarding your personal data. These rights may apply in full or in part depending on the circumstances and the legal basis for processing.
- Right of access – you can request confirmation of whether we process your data and obtain a copy of it.
- Right to rectification – you can ask us to correct inaccurate or incomplete information.
- Right to erasure – in certain cases, you may request deletion of your personal data.
- Right to restrict processing – you can request that we limit the use of your data in specific situations.
- Right to data portability – where applicable, you may receive your data in a structured, commonly used format.
- Right to object – you can object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent – where we rely on consent, you may withdraw it at any time.
If you wish to exercise any of these rights, we will respond in accordance with applicable law. We may need to verify your identity before responding to ensure that personal data is only disclosed to the correct person.
9. Children’s data
Our services are generally directed to adults and business customers. We do not knowingly collect personal data from children except where it is necessary and lawful in the context of providing a service to a household or property. If we become aware that we have inadvertently collected data from a child without a lawful basis, we will take appropriate steps to delete it.
10. International transfers
Where personal data is transferred outside the United Kingdom, we will take appropriate steps to ensure a similar degree of protection is afforded to it. This may include using approved contractual safeguards or relying on other lawful transfer mechanisms permitted under data protection law.
11. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. Any updated version will apply from the date it is made available. We encourage customers to review the policy periodically so they remain informed about how their personal data is handled.
12. Summary of your privacy protections
In summary, Carpetcleaning Ilford processes personal data only where it is necessary, lawful, and proportionate. We collect data for service delivery, operational administration, legal compliance, and legitimate business purposes. We retain data for no longer than needed, use trusted processors where required, and respect your rights under data protection law.
By using Carpetcleaning Ilford services, customers in the area acknowledge that their personal data may be processed in line with this Privacy Policy.
