Privacy Policy - Bexley Carpet Cleaners
This Privacy Policy explains how Bexley Carpet Cleaners collects, uses, stores, shares, and protects personal data when providing cleaning services to customers in the Bexley area. It applies to all Bexley Carpet Cleaners customers in area, including prospective customers, current customers, and former customers who have previously used our services or contacted us about a booking.
We are committed to handling personal information in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is intended to help you understand what information we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have over your personal data.
1. Information We Collect
We only collect personal data that is necessary to provide our services, manage our relationship with you, and meet our legal obligations. The type of information we may collect includes:
- Identity details: your name and, where needed, the name of a business or property manager.
- Contact details: address, email address, telephone number, and preferred contact method.
- Service information: details about the cleaning services you request, property access arrangements, and any notes relevant to the work.
- Billing and payment information: records of payments, invoices, and transaction references. We do not store full card details unless this is handled securely by a payment provider.
- Communication records: emails, messages, call notes, complaint details, and service feedback.
- Technical information: limited information such as IP address or device data if you contact us online and this is captured by our systems.
We do not intentionally collect special category data unless it is necessary and you provide it to us. If you share information that may reveal health, accessibility, or vulnerability-related needs so that we can safely deliver services, we will handle it with extra care and only for that specific purpose.
2. How We Use Your Data
We use your personal data for the following purposes:
- to respond to enquiries and provide quotations;
- to schedule, deliver, and manage cleaning services;
- to communicate service updates, reminders, or changes;
- to process payments, invoices, refunds, and account records;
- to handle complaints, follow-up questions, or disputes;
- to maintain internal records and support business administration;
- to comply with legal, accounting, and tax obligations;
- to improve our services, processes, and customer experience;
- to protect against fraud, misuse, or unlawful activity.
We do not sell your personal data. We only use it for legitimate business purposes connected to our cleaning services and legal responsibilities.
3. Lawful Basis for Processing
Under data protection law, we must have a lawful basis for processing personal data. Depending on the situation, Bexley Carpet Cleaners may rely on one or more of the following lawful bases:
Contract
We process your data when it is necessary to perform a contract with you or take steps at your request before entering into a contract. This includes providing quotations, arranging appointments, and delivering cleaning services.
Legitimate Interests
We may process your data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights. This can include service administration, record keeping, responding to customer queries, improving our operations, and preventing misuse of our services.
Legal Obligation
We may process and retain certain information to comply with legal obligations, such as tax, accounting, insurance, or record-keeping requirements.
Consent
In limited situations, we may rely on your consent, for example where you choose to provide additional information that is not required for the service, or where specific optional communications are offered. If we rely on consent, you may withdraw it at any time.
Where we process special category data, we will only do so when there is a lawful basis and an additional condition under data protection law.
4. Data Sharing and Processors
We may share personal data with trusted third parties that help us operate our business. These parties act as data processors or independent controllers depending on the service they provide.
Processors may include:
- accounting and bookkeeping providers;
- payment service providers;
- IT, email, cloud storage, and software service providers;
- customer management or scheduling systems;
- professional advisers such as accountants, insurers, or legal advisers;
- regulatory, law enforcement, or public authorities where required by law.
We require processors to protect your data and only use it on our instructions, unless they are independently responsible for their own processing. We take reasonable steps to ensure that any third party handling personal data does so securely and lawfully.
We do not allow processors to use your personal data for their own marketing purposes.
5. Retention of Personal Data
We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, and reporting requirements.
- Customer and service records: generally retained for up to 6 years after the end of the customer relationship, unless a longer period is required by law or needed to resolve a dispute.
- Financial and tax records: retained for the period required under tax and accounting laws, typically up to 6 years.
- Communication records: kept for as long as needed to manage the enquiry, service issue, or complaint.
- Consent-based records: retained until consent is withdrawn or the purpose no longer applies.
When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.
6. Data Security
We take appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff training, and restricted use of systems. No method of transmission or storage is completely secure, but we work to reduce risk and protect your information as far as reasonably possible.
7. Your Rights
As a data subject, you have rights regarding your personal data. Depending on the circumstances, these may include:
- Right of access: you can request a copy of the personal data we hold about you.
- Right to rectification: you can ask us to correct inaccurate or incomplete information.
- Right to erasure: you can request deletion of your data in certain situations.
- Right to restrict processing: you may ask us to limit how we use your data in certain cases.
- Right to object: you may object to processing based on legitimate interests or direct marketing.
- Right to data portability: you can request certain data in a structured, commonly used format where applicable.
- Right to withdraw consent: where we rely on consent, you may withdraw it at any time.
If you wish to exercise any of these rights, we will respond within the time limits required by law. In some cases, we may need to verify your identity before we can act on your request.
8. Complaints and Supervisory Authority
If you have concerns about how we handle personal data, you should first contact us using the usual business channels so we can try to resolve the issue. You also have the right to make a complaint to the Information Commissioner’s Office (ICO) if you believe your data has been misused or your rights have not been respected.
9. Children’s Data
Our services are intended for adult customers and property-related service arrangements. We do not knowingly collect personal data from children except where it is incidental to a service arrangement and necessary for safety or access purposes. If we become aware that we have collected such data without a lawful basis, we will take appropriate steps to delete or safeguard it.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any updated version will apply from the date it is published or communicated through our usual business channels. We encourage customers to review this policy periodically.
11. Summary of Key Points
- Bexley Carpet Cleaners collects only the information needed to provide and manage cleaning services.
- We process data under lawful bases such as contract, legitimate interests, legal obligation, and where relevant consent.
- We retain data only for as long as necessary and delete or anonymise it when it is no longer needed.
- We may use trusted processors such as accounting, IT, payment, and administrative service providers.
- You have rights over your personal data, including access, correction, deletion, objection, and withdrawal of consent.
This Privacy Policy applies to all Bexley Carpet Cleaners customers in area. By engaging our services, you acknowledge that your personal data may be processed in accordance with this policy and applicable data protection laws.