Privacy Policy - Carpet Cleaners BR3
This Privacy Policy explains how Carpet Cleaners BR3 collects, uses, stores, and protects personal data. It applies to all Carpet Cleaners BR3 customers in the area, including prospective customers, current customers, and anyone who interacts with our services. We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who This Policy Applies To
This policy applies to individuals who use or enquire about Carpet Cleaners BR3 services in the BR3 area. It covers data collected when you request a quote, book a service, communicate with us, make a payment, or otherwise engage with our business. It also applies where data is obtained from third parties, such as property managers, landlords, letting agents, or referral sources acting on your behalf.
2. Information We Collect
We only collect personal data that is necessary for providing our services, meeting legal obligations, and running our business effectively. The categories of data we may collect include:
- Identity data: name, title, and any information you provide when making an enquiry or booking.
- Contact data: address, email address, and telephone number.
- Service data: details about the cleaning service requested, property access notes, preferred appointment times, and instructions relevant to the job.
- Payment data: limited payment-related information necessary to process transactions and manage invoices. We do not store more payment information than is required for lawful and secure processing.
- Communication data: records of messages, emails, calls, and customer service interactions.
- Technical data: basic device or usage information if you interact with us through digital systems, including log data and security information.
- Complaint and feedback data: information you share when you provide feedback, raise concerns, or make a complaint.
We do not intentionally collect special category data unless you choose to disclose it and it is necessary for a specific request. If such information is provided, we will treat it with extra care and only process it where permitted by law.
3. How We Use Your Data
We use personal data for the following purposes:
- to provide quotes and manage bookings;
- to deliver cleaning services and related support;
- to communicate with you about appointments, changes, or service updates;
- to issue invoices, record payments, and manage our accounts;
- to respond to enquiries, complaints, and feedback;
- to maintain service quality, training, and internal records;
- to comply with legal, tax, accounting, and regulatory obligations;
- to protect against fraud, misuse, and security incidents;
- to improve our operations and customer experience.
We process data only where it is relevant and necessary for the purpose concerned. We will not use your data in a way that is incompatible with the reason it was collected.
4. Lawful Basis for Processing
Under GDPR, we must have a lawful basis for processing personal data. Carpet Cleaners BR3 relies on the following lawful bases where appropriate:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes managing bookings, delivering services, and handling related communication and payment administration.
Legal Obligation
We may process data to comply with legal requirements, such as accounting, tax, record-keeping, and responding to lawful requests from authorities.
Legitimate Interests
We may process data where it is necessary for our legitimate interests and where these interests are not overridden by your rights and freedoms. This includes managing our business, preventing fraud, improving service quality, and keeping appropriate internal records. Where we rely on legitimate interests, we ensure the processing is proportionate and limited to what is necessary.
Consent
In limited situations, we may rely on your consent, for example if you voluntarily agree to receive certain non-essential communications or if we need to process specific data for a particular optional purpose. Where consent is used, you may withdraw it at any time.
5. Data Sharing and Processors
We may share personal data with trusted third parties that help us operate our business. These parties act as processors or, in some cases, independent controllers. We only share the minimum data necessary and require appropriate safeguards.
Examples of processors may include:
- payment service providers;
- accounting and bookkeeping providers;
- IT, cloud storage, and system support providers;
- customer communication and scheduling tools;
- professional advisers such as accountants or legal advisers;
- service partners who help fulfil bookings or support operations.
All processors are required to process personal data only on our instructions, keep it secure, and comply with data protection law. We do not sell your personal data.
We may also disclose personal data if required to do so by law, to enforce our rights, or to protect the safety, security, and lawful interests of our customers, staff, and business.
6. Data Retention
We keep personal data only for as long as necessary for the purpose it was collected, including to satisfy legal, accounting, tax, or reporting requirements. Retention periods may vary depending on the type of data and the context in which it was collected.
As a general principle:
- customer and booking records are retained for the period needed to manage the service relationship and any follow-up issues;
- financial and invoice records are retained for the period required by law and standard accounting practice;
- complaint and correspondence records are retained for a reasonable period to evidence service handling and resolve disputes;
- technical or security logs are retained only as long as needed for operational and security purposes.
When data is no longer needed, it is securely deleted, anonymised, or archived in line with our retention practices.
7. Data Security
We take appropriate technical and organisational measures to protect personal data against loss, unauthorised access, accidental disclosure, alteration, or destruction. These measures may include access controls, secure storage, staff confidentiality obligations, and limited access to data on a need-to-know basis.
While we work hard to protect your data, no system can be guaranteed to be completely secure. If we become aware of a personal data breach affecting your rights and freedoms, we will handle it in line with legal requirements.
8. International Transfers
If any of our processors or systems involve the transfer of personal data outside the UK, we will ensure that appropriate safeguards are in place. This may include adequacy regulations, standard contractual clauses, or other legally recognised transfer mechanisms designed to protect your data.
9. Your Rights
Under data protection law, you have a number of rights regarding your personal data. These rights may apply in different circumstances, and legal exemptions may limit them in some cases.
- Right of access: you may request a copy of the personal data we hold about you.
- Right to rectification: you may ask us to correct inaccurate or incomplete data.
- Right to erasure: you may ask us to delete your personal data where it is no longer needed or where another legal basis allows deletion.
- Right to restrict processing: you may ask us to limit how we use your data in certain circumstances.
- Right to object: you may object to processing based on legitimate interests or direct marketing.
- Right to data portability: you may request that certain data be provided in a structured, commonly used format where technically feasible.
- Right to withdraw consent: where we rely on consent, you may withdraw it at any time.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.
10. Children’s Data
Our services are not intended for children, and we do not knowingly collect personal data from children except where it is incidentally provided by an adult customer and is necessary for the service. If we become aware that we have collected data from a child without a valid basis, we will take appropriate steps to delete it.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in legal requirements, business practices, or our services. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically so they remain informed about how their data is handled.
12. Summary of Our Commitment
Carpet Cleaners BR3 is committed to handling personal data lawfully, fairly, and transparently. We collect only what we need, use it for clear and legitimate purposes, keep it only as long as necessary, and protect it with suitable safeguards. All Carpet Cleaners BR3 customers in the area can expect their personal information to be treated with care, respect, and in line with applicable GDPR requirements.