Privacy Policy - Carpetcleaning NW10

This Privacy Policy explains how Carpetcleaning NW10 collects, uses, stores, shares, and protects personal data when providing services to customers in the NW10 area. It applies to all Carpetcleaning NW10 customers in the area, including prospective customers, current customers, and former customers who have used our services or enquired about them. We are committed to handling personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

For the purposes of data protection law, Carpetcleaning NW10 acts as a data controller in relation to personal data collected for service delivery, enquiries, booking management, invoicing, customer care, and compliance. This means we determine the purposes and means of processing personal information. In some cases, we may also use third-party service providers who act as data processors on our behalf.

2. Personal Data We Collect

We collect only the data necessary to provide, manage, and improve our services. The categories of personal data we may collect include:

  • Identity details such as name and title.
  • Contact details such as address, email address, and telephone number.
  • Service information such as property access details, service preferences, stain or fabric concerns, and instructions related to the job.
  • Booking and transaction details such as appointment dates, service history, quotes, invoices, and payment status.
  • Communication records such as messages, complaints, feedback, and notes from customer service interactions.
  • Technical data where applicable, such as basic website or device information used for security, troubleshooting, or analytics.

We do not intentionally collect special category data unless it is necessary and lawfully permitted, and only where you provide it voluntarily or it is directly relevant to the service. We ask that you avoid sharing sensitive information unless it is required for your request.

3. How We Use Your Data

We use personal data for clear and legitimate purposes connected to our services. These purposes include:

  • Responding to enquiries and providing quotations.
  • Managing bookings, appointments, and service delivery.
  • Processing payments, issuing receipts, and maintaining financial records.
  • Communicating with customers about service updates, schedule changes, or customer support matters.
  • Maintaining internal records and service history.
  • Handling complaints, disputes, and insurance or legal matters where required.
  • Meeting legal, accounting, and regulatory obligations.
  • Preventing fraud, misuse, or unauthorised access to our systems.

We do not sell personal data. We only use your information where it is necessary, proportionate, and lawful.

4. Lawful Basis for Processing

Under UK GDPR, we rely on one or more lawful bases depending on the purpose of processing:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes managing bookings, delivering carpet cleaning services, and processing payments.

Legitimate Interests

We may process data where it is necessary for our legitimate interests, provided your rights and freedoms do not override those interests. Examples include improving services, maintaining records, responding to customer queries, and protecting against fraud or misuse.

Legal Obligation

We may process and retain certain information to comply with legal and regulatory requirements, such as tax, accounting, and record-keeping duties.

Consent

Where required, we will rely on your consent, for example for certain marketing communications or optional uses of data. You may withdraw consent at any time where consent is the basis for processing.

Note: If we process data based on consent, withdrawal of consent will not affect processing already carried out before consent was withdrawn.

5. Data Sharing and Processors

We may share personal data with trusted third parties only where necessary and appropriate. These parties may act as processors or independent controllers depending on the service they provide.

Typical processors may include:

  • Payment service providers used to process card or online payments.
  • IT and cloud storage providers that host our business systems, backups, or communication tools.
  • Accounting or bookkeeping service providers supporting financial administration.
  • Scheduling or customer management platforms used to organise appointments.
  • Professional advisers, such as insurers, auditors, or legal advisers, where necessary.

All processors are required to handle data securely, use it only for specified purposes, and comply with data protection requirements. We aim to enter into appropriate contractual arrangements with all relevant processors.

We may also disclose information where required by law, court order, or lawful request from a public authority. In any case, we will share only the minimum information necessary.

6. International Transfers

Where any service provider stores or processes data outside the UK, we take steps to ensure appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms recognised under data protection law.

7. Data Retention

We retain personal data only for as long as necessary for the purpose for which it was collected, or for as long as required by law. Retention periods may vary depending on the type of information and the reason it was collected.

  • Customer enquiry records may be kept for a reasonable period to manage follow-up and service continuity.
  • Booking, invoicing, and payment records may be retained for accounting and tax purposes.
  • Service history and complaint records may be retained to support quality control and dispute resolution.
  • Security or access-related records may be kept for a limited period where needed for safety or operational reasons.

When information is no longer required, it is securely deleted, anonymised, or otherwise disposed of in a safe manner. We review retention regularly to ensure we do not keep data longer than necessary.

8. Data Security

We implement appropriate technical and organisational measures to protect personal data from accidental loss, unauthorised access, disclosure, alteration, or destruction. These measures may include access controls, secure storage, staff awareness, restricted permissions, and trusted supplier arrangements. While no system is entirely risk-free, we take reasonable steps to protect the information entrusted to us.

9. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete information.
  • Right to erasure – to ask us to delete your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain situations.
  • Right to data portability – to receive certain information in a structured, commonly used format where applicable.
  • Right to object – to object to processing based on legitimate interests or for direct marketing.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

These rights are not absolute and may be subject to legal limitations. We will assess each request carefully and respond within the time limits required by law.

10. How to Exercise Your Rights

If you wish to exercise any of your rights, you should provide enough information for us to identify you and understand your request. We may need to verify your identity before taking action. We will respond in a clear and timely manner, and we will explain if any part of your request cannot be fulfilled.

11. Marketing Communications

We will only send marketing communications where permitted by law. If consent is required, we will ask for it. You may opt out of marketing at any time. Operational or service-related messages are not considered marketing and may still be sent where necessary to fulfil our services or legal obligations.

12. Children’s Data

Our services are not directed at children, and we do not knowingly collect personal data from children except where necessary in connection with a lawful service request made by an adult customer. If we become aware that we have collected information from a child without proper authority, we will take appropriate steps to delete it.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, business practices, or service arrangements. Any revised version will apply from the date it is issued. We encourage customers to review this policy periodically so they remain informed about how their personal data is handled.

14. Complaints

If you have concerns about how your personal data is handled, you have the right to raise a complaint with the relevant data protection authority. You may also contact us to discuss any issue first, and we will do our best to address it promptly and fairly.

15. Summary of Key Points

In summary, Carpetcleaning NW10 processes personal data to deliver services, manage customer relationships, comply with legal duties, and protect legitimate business interests. We only collect data that is necessary, use it for defined purposes, share it carefully with trusted processors, and retain it only for as long as needed. Customers in the NW10 area have important rights over their information, and we are committed to respecting those rights in a transparent and lawful way.

This Privacy Policy applies to all Carpetcleaning NW10 customers in the area.

Carpetcleaning NW10

GDPR-compliant Privacy Policy for Carpetcleaning NW10 covering data collection, lawful basis, retention, processors, and user rights for all NW10 customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.