Privacy Policy - Carpetcleaning SE3
This Privacy Policy explains how Carpetcleaning SE3 collects, uses, stores, shares, and protects personal data. It applies to all Carpetcleaning SE3 customers in the area, including individuals who enquire about, purchase, or receive any carpet cleaning service provided under the Carpetcleaning SE3 name. We are committed to handling personal data fairly, transparently, and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
By using our services, requesting a quote, making a booking, or communicating with us, you acknowledge that your personal data may be processed as described in this Policy. We only process data that is necessary, relevant, and limited to what is required for the purposes set out below.
1. Data We Collect
Carpetcleaning SE3 may collect personal data directly from you, from your interactions with us, or from third parties acting on your behalf. The types of information we may collect include:
- Identity details such as your name and, where relevant, the name of a business or property manager.
- Contact details such as your email address, telephone number, and service address.
- Booking and service information including requested dates, service preferences, property access details, and cleaning instructions.
- Payment-related data such as billing information and transaction records, though full payment card details are typically processed by secure payment providers rather than stored by us.
- Correspondence including emails, messages, notes from phone calls, and records of complaints or feedback.
- Technical data where applicable, such as basic website or device information used to improve service performance and security.
We do not intentionally collect special category data unless it is strictly necessary and you choose to provide it to us. Special category data includes information about health, religion, ethnicity, or other sensitive matters. If such information is shared with us incidentally, we will treat it with enhanced care and only process it where a lawful basis applies.
2. How We Use Your Data
We process personal data for legitimate and limited business purposes connected to our carpet cleaning services. These purposes may include:
- Responding to enquiries and providing quotations.
- Managing bookings, appointments, and service delivery.
- Processing payments, invoices, and refunds where applicable.
- Communicating about service updates, scheduling changes, or follow-up queries.
- Maintaining internal records, customer history, and accounting information.
- Handling complaints, disputes, and service quality issues.
- Meeting legal, tax, and regulatory obligations.
- Protecting our business, customers, staff, and property from fraud or misuse.
We only use personal data for the purpose for which it was collected unless we reasonably determine that another compatible purpose exists under data protection law.
3. Lawful Basis for Processing
Under UK GDPR, we must have a lawful basis for every processing activity. Carpetcleaning SE3 relies on the following lawful bases, depending on the context:
Contract
We process personal data when it is necessary to take steps at your request before entering into a contract, or to perform a contract with you. This includes booking services, communicating service details, and delivering carpet cleaning work.
Legitimate Interests
We may process data for our legitimate business interests where those interests are not overridden by your rights and freedoms. This can include maintaining records, improving our services, preventing fraud, and managing customer communications. We always assess whether the impact on your privacy is proportionate.
Legal Obligation
Some data must be kept and processed to meet legal requirements, such as tax, accounting, and record-keeping obligations.
Consent
Where required, we will rely on your consent, for example for certain marketing communications or optional processing activities. If processing is based on consent, you may withdraw that consent at any time.
Vital Interests and Public Task
These bases are unlikely to be used in normal business operations, but if an emergency or exceptional circumstance arises, we may rely on them where necessary.
4. Sharing Your Data and Processors
We may share personal data with carefully selected third parties that support our business operations. These organisations act as data processors or, in some cases, independent data controllers. We only share what is necessary and require appropriate safeguards to be in place.
Examples of processors and service providers may include:
- Booking and scheduling providers that help manage appointments and customer records.
- Payment service providers that process card or electronic payments securely.
- IT and cloud storage providers that host business systems, files, or communication tools.
- Accounting or bookkeeping providers that support invoicing and financial administration.
- Professional advisers such as legal, insurance, or tax advisers where necessary.
- Subcontracted service personnel when needed to fulfil a booking or complete work.
All processors are expected to process personal data only on our instructions, to keep it secure, and to use it solely for the agreed purpose. We do not sell your personal data. We do not share your data with third parties for their own marketing purposes unless you have clearly consented or the law otherwise permits it.
If data is transferred outside the UK or the European Economic Area, we will ensure appropriate safeguards are used, such as adequacy regulations or standard contractual protections where required.
5. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, or reporting obligations. Retention periods vary depending on the type of information and the reason for processing.
- Customer and booking records are generally retained for as long as needed to manage the service relationship and handle any follow-up matters.
- Financial and tax records are retained for the period required by applicable law.
- Correspondence and complaint records may be retained for a reasonable period to evidence service history and resolve disputes.
- Marketing-related data is retained until you withdraw consent or object, or until it is no longer needed.
When personal data is no longer needed, we will securely delete, anonymise, or archive it in line with our retention procedures. We regularly review stored data to avoid keeping information for longer than necessary.
6. Your Rights Under GDPR
As a data subject, you have rights regarding your personal data. These rights may apply depending on the reason we are processing your information and the legal basis involved. You may have the right to:
- Access a copy of the personal data we hold about you.
- Rectification of inaccurate or incomplete information.
- Erasure of your data in certain circumstances, also known as the right to be forgotten.
- Restriction of processing in certain situations.
- Object to processing based on legitimate interests or direct marketing.
- Data portability for information you have provided where processing is based on consent or contract and carried out by automated means.
- Withdraw consent where processing relies on consent.
You also have the right to lodge a complaint with the Information Commissioner’s Office if you believe your data protection rights have been breached. Exercising your rights will not usually affect the quality of service you receive, although in some cases we may not be able to complete a request if the data is required to comply with law or to perform a contract.
7. Security of Personal Data
We use appropriate technical and organisational measures to protect personal data from unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff awareness, and supplier checks. While no system can be guaranteed to be completely secure, we take data protection seriously and review our procedures periodically.
8. Children’s Data
Our services are directed to adults and property customers rather than children. We do not knowingly collect personal data from children unless it is provided incidentally in connection with a service booking or property access requirement. Where this occurs, we will process it only when necessary and with suitable safeguards.
9. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, business practices, or service operations. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this Policy periodically so they remain informed about how personal data is handled.
10. Summary of Our Privacy Commitments
Carpetcleaning SE3 is committed to processing personal data lawfully, fairly, and transparently. We collect only what is needed to provide and manage our services, rely on appropriate lawful bases, use trusted processors under protective contracts, and retain information only for as long as necessary. We respect your rights and aim to support every customer in the SE3 area with clear, responsible, and secure data handling practices.