Privacy Policy - Carpetcleaning Pimlico
Last updated: This Privacy Policy explains how Carpetcleaning Pimlico collects, uses, stores, shares, and protects personal data. It applies to all Carpetcleaning Pimlico customers in the area, including individuals who request services, receive quotations, make enquiries, or otherwise interact with us in connection with carpet cleaning and related cleaning services.
1. Introduction
We are committed to respecting your privacy and handling your personal data in a lawful, fair, and transparent manner. This Privacy Policy is designed to meet the requirements of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It explains what information we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have in relation to your personal data.
By using our services or providing us with your information, you acknowledge that your personal data may be processed as described in this policy. We only process personal data where we have a valid legal basis and only for purposes that are necessary and proportionate.
2. Personal Data We Collect
We may collect and process the following categories of personal data:
- Identity details such as your name.
- Contact details such as address, phone number, and email address.
- Service details including information about the property, cleaning requirements, preferred appointment times, and service history.
- Payment-related information such as records of transactions, invoices, and payment status. We do not retain full card details where payment is processed securely by a third-party provider.
- Communication records including emails, messages, call notes, and feedback.
- Technical data if you interact with our digital systems, such as IP address, device information, and basic usage data, where applicable.
- Special category data only in exceptional circumstances where you voluntarily provide information that may reveal health-related or access needs, for example if cleaning arrangements must accommodate mobility or medical considerations.
We do not intentionally collect more information than is necessary. If you choose not to provide certain information, we may be unable to deliver some services or respond fully to your request.
3. How We Use Your Data
We use personal data for the following purposes:
- To provide quotations, schedule appointments, and deliver carpet cleaning services.
- To manage customer accounts, records, and service histories.
- To communicate with you about your booking, service changes, or follow-up queries.
- To process payments, refunds, and invoicing.
- To improve our services, customer support, and operational efficiency.
- To maintain internal records and manage business administration.
- To comply with legal obligations, including tax, accounting, and regulatory requirements.
- To prevent fraud, misuse, and security incidents.
We use your data only where necessary and in ways that are compatible with the original purpose for which it was collected.
4. Lawful Basis for Processing
Under data protection law, we must have a lawful basis to process your personal data. Depending on the circumstances, we rely on one or more of the following legal bases:
4.1 Contract
We process your data when it is necessary to enter into or perform a contract with you. This includes arranging appointments, delivering cleaning services, issuing invoices, and managing service-related communications.
4.2 Legal Obligation
We process certain information where necessary to comply with legal obligations, such as accounting, tax recordkeeping, and responding to lawful requests from authorities.
4.3 Legitimate Interests
We may process personal data where it is in our legitimate interests to do so and where those interests are not overridden by your rights and freedoms. This may include maintaining business records, improving services, preventing fraud, and handling customer enquiries efficiently.
4.4 Consent
In limited situations, we may rely on your consent, for example where you voluntarily provide additional information or agree to certain optional communications. Where consent is used, you may withdraw it at any time.
4.5 Vital Interests
In rare circumstances, we may process data to protect someone’s vital interests, such as in an emergency involving safety or welfare.
5. Sharing Your Information and Processors
We do not sell your personal data. However, we may share it with trusted third parties who act as processors on our behalf, or with other organisations where required by law or necessary for service delivery.
Examples of processors and recipients may include:
- Payment processors who securely handle transactions.
- IT and cloud service providers who store or maintain data systems.
- Accounting or bookkeeping providers who assist with financial administration.
- Customer communication tools used to send service-related messages.
- Professional advisers such as lawyers, insurers, or auditors where necessary.
- Public authorities where disclosure is required by law.
We ensure that processors only act on our instructions, use appropriate security measures, and process personal data only for the agreed purposes. Where data is transferred outside the UK, we take steps to ensure that appropriate safeguards are in place.
6. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including for legal, accounting, or reporting requirements. The length of time we retain data depends on the type of information and the reason we collected it.
- Customer and service records are typically retained for the duration of the service relationship and for a reasonable period afterwards.
- Financial and invoice records may be retained for the period required by tax and accounting law.
- Communication records may be kept for operational and evidential purposes.
- Consent-based records are kept until you withdraw consent or they are no longer needed.
When personal data is no longer required, we will securely delete, anonymise, or archive it in accordance with our retention practices.
7. Data Security
We use appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and limited access based on need.
Important: No data transmission or storage system can be guaranteed to be completely secure. While we take reasonable steps to protect your information, we cannot promise absolute security.
8. Your Rights Under GDPR
You have a number of rights in relation to your personal data. These rights may be subject to legal restrictions or exemptions, but we will always assess requests carefully.
- Right of access – you can request a copy of the personal data we hold about you.
- Right to rectification – you can ask us to correct inaccurate or incomplete information.
- Right to erasure – you may request deletion of your data in certain circumstances.
- Right to restrict processing – you can ask us to limit how we use your data in some cases.
- Right to data portability – you may request a copy of certain data in a structured, commonly used format.
- Right to object – you can object to processing based on legitimate interests or direct marketing, where applicable.
- Right to withdraw consent – where we rely on consent, you can withdraw it at any time.
If you wish to exercise any of these rights, we will respond within the timeframe required by law. To protect your privacy, we may need to verify your identity before responding to your request.
9. Children’s Data
Our services are not directed to children, and we do not knowingly collect personal data from children except where necessary in a service context and provided by an adult customer or guardian. If we become aware that we have collected information from a child without appropriate authority, we will take reasonable steps to delete it.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or business practices. Any revised version will apply from the date it is published or communicated. We encourage customers to review this policy periodically to stay informed about how we protect personal data.
11. Complaints and Supervisory Authority
If you are concerned about how we handle your personal data, you have the right to raise a complaint with the relevant data protection authority. We also encourage you to contact us first so that we can review and address your concerns promptly and fairly.
We take privacy seriously and aim to process all customer data in a lawful, transparent, and responsible manner. This policy reflects our commitment to protecting the personal information of everyone who uses Carpetcleaning Pimlico services in the area.
12. Summary of Key Commitments
- We collect only the data needed to provide and manage services.
- We process personal data under valid lawful bases.
- We share data only with trusted processors or where required by law.
- We retain information only for as long as necessary.
- We respect your rights and provide appropriate support for requests.
Carpetcleaning Pimlico is committed to privacy, accountability, and data protection for every customer in the area.
