Privacy Policy - Chingford Carpet Cleaners
Last updated: This Privacy Policy explains how Chingford Carpet Cleaners collects, uses, stores, shares, and protects personal data in connection with our carpet cleaning services. It applies to all Chingford Carpet Cleaners customers in the area, including anyone who enquires about, books, receives, or pays for our services.
We are committed to handling personal data in a lawful, fair, and transparent way in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Chingford Carpet Cleaners provides professional carpet cleaning and related cleaning services to customers in the local area. In this Privacy Policy, references to we, us, and our mean Chingford Carpet Cleaners.
This policy applies to personal data we receive directly from customers, prospective customers, household members, business clients, and individuals authorised to act on a customer’s behalf.
2. Personal Data We Collect
We only collect personal data that is necessary for the purpose of delivering our services, managing customer relationships, meeting our legal obligations, and improving our operations. The data we collect may include:
- Identity details such as your name or the name of your household or business contact.
- Contact details such as address, email address, and telephone number.
- Service details including property access information, cleaning instructions, appointment preferences, and records of services requested or completed.
- Payment information such as transaction records and billing details. We do not store full card details where payment is handled by a third-party payment provider.
- Communication records including emails, messages, call notes, and complaints or feedback you send to us.
- Technical data where applicable, such as basic website or device information if you interact with our online systems.
- Special category data only in limited situations, and only where you choose to provide it or where it is necessary for a lawful purpose, for example, information about accessibility needs that may affect service delivery.
We do not intentionally collect more information than required, and we ask customers not to share unnecessary personal data with us.
3. How We Use Personal Data
We use personal data for the following purposes:
- to respond to enquiries and provide quotes;
- to arrange appointments and deliver carpet cleaning services;
- to manage customer records and service history;
- to process payments and issue invoices or receipts;
- to communicate about changes, cancellations, or service updates;
- to handle complaints, disputes, and requests;
- to keep records for accounting, tax, and legal compliance;
- to improve our services and customer experience;
- to protect against fraud, misuse, or unlawful activity;
- to meet health, safety, and operational obligations.
We will only use your personal data for the purposes for which it was collected, unless we reasonably need to use it for a compatible purpose or another lawful reason.
4. Lawful Basis for Processing
We process personal data only where we have a valid lawful basis under UK GDPR. Depending on the situation, the lawful basis may be one or more of the following:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes booking services, confirming appointments, carrying out carpet cleaning, and taking payment.
Legal Obligation
We may process data when required to comply with legal obligations, including accounting, tax, record-keeping, and responding to lawful requests from public authorities.
Legitimate Interests
We may process personal data where it is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests. This may include managing our business efficiently, keeping service records, preventing fraud, and improving service quality.
Consent
In limited cases, we may rely on your consent, particularly where you provide optional information or agree to certain communications. Where consent is used, you may withdraw it at any time.
Vital Interests
In rare situations, we may process personal data to protect someone’s vital interests, such as in an emergency involving health or safety.
5. Sharing and Processors
We may share personal data with trusted third parties where necessary to run our business and provide services. These third parties act as processors or, in some cases, independent controllers.
Processors may include:
- Payment processors that handle secure card or online payments;
- Booking or scheduling providers used to organise appointments;
- IT and cloud service providers that store emails, files, or business records;
- Accounting and bookkeeping providers that help manage invoicing and tax records;
- Communication service providers that deliver email, text, or phone services on our behalf;
- Professional advisers such as accountants, insurers, or legal advisers where needed.
We require processors to protect personal data, process it only on our instructions, and use appropriate technical and organisational safeguards. We do not sell personal data.
We may also disclose personal data if required by law, to enforce our rights, to protect our business and customers, or in connection with a business transfer, reorganisation, or similar event.
6. International Transfers
If any processor or service provider stores or accesses data outside the UK, we will ensure appropriate safeguards are in place in line with UK data protection law. These safeguards may include adequacy regulations, UK-approved transfer mechanisms, or contractual protections designed to keep your data secure.
7. Data Retention
We keep personal data only for as long as necessary for the purpose for which it was collected, and to satisfy legal, accounting, or reporting obligations. Retention periods may vary depending on the type of data and the reason it was collected.
In general:
- customer and service records are kept for a reasonable period after the service relationship ends;
- financial and tax records are retained in line with legal requirements;
- complaints, correspondence, and dispute records are kept for as long as needed to resolve the issue and defend legal claims;
- unused enquiry data may be deleted after a shorter period where no service is booked.
When personal data is no longer needed, it is securely deleted, anonymised, or archived in a restricted form where appropriate.
8. Data Security
We take appropriate security measures to protect personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures may include access controls, password protection, secure storage, limited staff access, and contractual safeguards with processors.
Although we work to protect your information, no system can be guaranteed completely secure. If a data breach occurs that is likely to result in a risk to your rights and freedoms, we will take steps to address it in accordance with applicable law.
9. Your Rights
Under UK GDPR, you may have the following rights in relation to your personal data:
- Right of access – to request a copy of the personal data we hold about you;
- Right to rectification – to ask us to correct inaccurate or incomplete information;
- Right to erasure – to ask us to delete your data in certain circumstances;
- Right to restriction – to ask us to limit how we use your data in certain situations;
- Right to data portability – to request certain data in a structured, commonly used format;
- Right to object – to object to processing based on legitimate interests or direct marketing;
- Right to withdraw consent – where processing is based on consent, you may withdraw it at any time;
- Right to complain – to raise a complaint with the UK Information Commissioner’s Office if you believe your data has been mishandled.
Some rights may not apply in all circumstances, as exemptions and legal limitations can apply. We will respond to requests in line with applicable data protection law.
10. How We Handle Children’s Data
Our services are generally intended for adults. We do not knowingly collect personal data from children unless it is necessary in connection with a customer’s service request and handled lawfully. If we become aware that we have collected data from a child without a valid basis, we will take appropriate steps to delete it.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. Any updated version will apply from the date it is published or otherwise communicated.
We encourage customers to review this policy periodically so they remain informed about how personal data is used.
12. Summary of Our Privacy Principles
In summary, Chingford Carpet Cleaners aims to:
- collect only necessary personal data;
- use data fairly, lawfully, and transparently;
- keep data secure and accurate;
- retain data only for as long as needed;
- share data only with trusted processors or where legally required;
- respect your rights under data protection law.
This Privacy Policy is intended to give customers clear information about how we manage personal data. If you are a customer in the area served by Chingford Carpet Cleaners, this policy applies to your use of our services and your interactions with us.