Privacy Policy for Carpet Cleaners TW7
This Privacy Policy explains how Carpet Cleaners TW7 collects, uses, stores, shares, and protects personal data when providing services to customers in the TW7 area. It applies to all Carpet Cleaners TW7 customers in the area, including individuals who request carpet cleaning, upholstery cleaning, stain removal, and related domestic or commercial cleaning services. We are committed to handling personal information in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who we are
For the purposes of data protection law, Carpet Cleaners TW7 acts as the data controller for personal data collected and used in connection with our services. This means we determine the purposes and means of processing personal data. We take privacy seriously and aim to collect only the information necessary to deliver services safely, efficiently, and professionally.
2. Personal data we collect
We may collect and process the following categories of personal data:
- Identity data: name and, where relevant, business name.
- Contact data: address, email address, and telephone number.
- Service data: details about the cleaning services requested, property access information, preferred appointment times, and notes about carpets, fabrics, stains, or special cleaning requirements.
- Billing and payment data: invoice details, payment status, and transaction records. We do not retain full payment card details unless a secure payment provider processes them on our behalf.
- Communication data: correspondence you send to us, including enquiries, complaints, feedback, or service instructions.
- Technical data: basic device or usage information if you interact with our digital systems, such as IP address or browser type, where applicable.
- Health or vulnerability information: only where strictly necessary, for example if access arrangements or product sensitivities are disclosed to us to ensure safe service delivery.
We do not intentionally collect special category data unless you choose to provide it and it is necessary for the service, such as information relating to allergies or mobility requirements.
3. How we use personal data
We use personal data for the following purposes:
- to provide quotations and manage bookings;
- to carry out carpet cleaning and related services;
- to communicate with customers about appointments, service changes, or follow-up matters;
- to issue invoices and manage payments;
- to maintain service records and quality assurance;
- to handle complaints, disputes, or claims;
- to comply with legal, accounting, and tax obligations;
- to improve our services, processes, and customer experience;
- to protect against fraud, misuse, or unlawful activity.
We only process personal data for clear and legitimate purposes, and we do not use it in ways that are incompatible with those purposes.
4. Lawful basis for processing
We rely on one or more of the following lawful bases under the UK GDPR:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes managing bookings, carrying out cleaning services, and processing payments.
Legal obligation
We may process and retain data where required to meet legal obligations, such as accounting records, tax compliance, and record-keeping requirements.
Legitimate interests
We may process data where it is necessary for our legitimate interests, provided your interests and fundamental rights do not override those interests. Examples include service administration, customer communication, business improvement, and fraud prevention. Where we rely on legitimate interests, we assess the impact on your privacy and ensure the processing is proportionate.
Consent
In limited situations, we may rely on your consent, particularly where processing is not required for the contract or another legal basis. If consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
Where special category data is involved, we will only process it where a lawful condition under Article 9 UK GDPR applies, such as your explicit consent or another permitted basis where necessary.
5. Sharing personal data with processors
We may share personal data with trusted third parties who act as processors on our behalf. These processors are only permitted to process data according to our instructions and must implement appropriate security measures. Examples may include:
- payment service providers;
- booking or scheduling systems;
- IT, hosting, and cloud storage providers;
- accounting and invoicing software providers;
- customer communication platforms;
- professional advisers such as accountants or legal advisers;
- delivery or logistics partners, if needed to support service operations.
We may also disclose personal data where required by law, regulatory obligation, court order, or to protect our rights, customers, staff, or property. We do not sell personal data.
6. International transfers
If any processor stores or accesses data outside the UK, we ensure appropriate safeguards are in place. These safeguards may include adequacy regulations, the UK International Data Transfer Agreement, or other lawful transfer mechanisms permitted by data protection law. We aim to keep data within secure environments and only use providers that meet suitable privacy and security standards.
7. Data retention
We retain personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, insurance, or reporting requirements. Retention periods may vary depending on the type of data and the service provided. In general:
- customer service and booking records are kept for the period needed to manage the relationship and any follow-up queries;
- billing and tax-related records are kept for the period required by law;
- communications and complaints are retained for a reasonable period to help resolve issues and maintain service records;
- data no longer required is securely deleted, anonymised, or archived in line with our retention practices.
Where we are legally required or reasonably need to keep data for a longer period, we will do so only for that purpose. Once the retention period expires, personal data is disposed of securely.
8. Data security
We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, alteration, disclosure, or destruction. These measures may include access controls, secure storage, staff confidentiality obligations, and regular review of our systems and procedures. While no system can be guaranteed completely secure, we work to maintain a level of protection appropriate to the risk.
9. Your rights
Under data protection law, you have several rights regarding your personal data. Subject to legal limits, these include:
- Right of access: you may request a copy of the personal data we hold about you;
- Right to rectification: you may ask us to correct inaccurate or incomplete data;
- Right to erasure: in certain circumstances, you may request deletion of your data;
- Right to restriction: you may ask us to limit processing in certain situations;
- Right to data portability: where applicable, you may receive your data in a structured, commonly used format;
- Right to object: you may object to processing based on legitimate interests or direct marketing;
- Right to withdraw consent: where we rely on consent, you can withdraw it at any time;
- Right to complain: you may lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your rights have been infringed.
We may need to verify your identity before responding to a rights request. We aim to respond within the time limits required by law.
10. Marketing preferences
If we send any marketing communications, we will do so only where permitted by law. You may opt out of marketing at any time. Operational messages relating to your service, such as appointment updates or billing information, are not marketing communications.
11. Children’s data
Our services are not directed at children, and we do not knowingly collect personal data from children unless it is provided by an adult customer in connection with service arrangements. If we become aware that we have collected data from a child without appropriate authority, we will take steps to delete it where required.
12. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any revised version will apply from the date it is made available. We encourage customers in the TW7 area to review this policy periodically so they remain informed about how we process personal data.
13. Summary of our privacy commitment
Carpet Cleaners TW7 is committed to processing personal data responsibly, securely, and only when necessary. We collect only the information needed to provide and manage our services, use lawful bases such as contract, legal obligation, consent, and legitimate interests, retain data only for appropriate periods, and share it only with trusted processors or where required by law. Customers in the TW7 area can exercise their data protection rights at any time, subject to legal conditions and exceptions. Our goal is to maintain a service that is professional, trustworthy, and respectful of privacy at every stage.