Privacy Policy - Carpetcleaning Paddington
Carpetcleaning Paddington is committed to protecting the privacy and personal data of all customers and prospective customers in the Paddington area. This Privacy Policy explains how we collect, use, store, share, and protect personal information in connection with our carpet cleaning services. It applies to all Carpetcleaning Paddington customers in the area, including individuals who request quotations, book appointments, receive services, or otherwise interact with us.
This policy is designed to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It explains what personal information we process, the lawful basis we rely on, how long we keep data, the third parties that may process information on our behalf, and the rights available to you.
1. Personal Data We Collect
We only collect personal data that is necessary for providing our services, managing customer relationships, and meeting legal or operational requirements. The information we may collect includes:
- Identity details such as your name and title.
- Contact details such as your phone number, email address, and service address.
- Service information such as appointment dates, cleaning instructions, property access notes, and service preferences.
- Payment information such as billing details and payment status. We do not store full card details unless strictly necessary and securely handled by payment providers.
- Communication records including emails, messages, complaint details, and service feedback.
- Technical data such as basic website or device information if you interact with our digital systems, where applicable.
We do not intentionally collect special category data unless you choose to provide it and it is relevant to your request, for example, if you disclose health-related access needs. Where such information is provided, we will only process it when permitted by data protection law and when necessary to deliver our services safely and appropriately.
2. How We Use Your Information
We process personal data for specific and limited purposes connected with our carpet cleaning services. These purposes include:
- Responding to enquiries and preparing quotations.
- Scheduling, delivering, and managing carpet cleaning appointments.
- Processing payments, invoices, refunds, and account records.
- Communicating service updates, confirmations, and follow-up information.
- Handling complaints, disputes, and customer support requests.
- Maintaining internal records, quality control, and service improvement.
- Meeting legal, tax, accounting, insurance, and regulatory obligations.
We only use your personal data where there is a valid reason to do so, and we do not sell personal information to third parties.
3. Lawful Basis for Processing
Under data protection law, we must have a lawful basis to process your personal data. Depending on the situation, Carpetcleaning Paddington may rely on one or more of the following lawful bases:
3.1 Contract
We process data when it is necessary to enter into or perform a contract with you. This includes processing your name, contact details, service address, and appointment information so we can provide carpet cleaning services as requested.
3.2 Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests. This may include service administration, internal record keeping, improving our services, preventing fraud, and handling customer queries. We always consider whether our interests are proportionate and respectful of your privacy.
3.3 Legal Obligation
We may process and retain data where necessary to comply with legal or regulatory obligations, such as tax records, accounting requirements, insurance documentation, and lawful requests from public authorities.
3.4 Consent
In limited cases, we may rely on your consent, for example if you agree to receive optional marketing communications. Where consent is used, you may withdraw it at any time. Withdrawal does not affect processing carried out before consent was withdrawn.
4. Data Sharing and Processors
We may share personal data with trusted third parties that act as data processors or, in some cases, independent controllers. We only share data when necessary and when appropriate safeguards are in place.
Processors may include:
- Payment service providers who handle secure payment transactions.
- Booking and scheduling systems used to manage appointments and customer records.
- IT and cloud storage providers that support secure data hosting, email, or system maintenance.
- Accounting and invoicing providers used for financial administration and compliance.
- Customer communication tools used to send appointment confirmations or service-related messages.
Where processors are used, they are required to process personal data only on our instructions, keep it secure, and comply with applicable data protection laws.
We may also disclose information if required by law, court order, or regulatory authority, or where necessary to protect our rights, customers, staff, or property.
5. Retention of Personal Data
We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods vary depending on the type of information and the purpose for processing.
- Customer service records are generally kept for a reasonable period after the final service date to handle queries, disputes, or repeat bookings.
- Financial and tax records are kept for the period required by law.
- Communication records may be retained for quality assurance and to maintain a history of service-related interactions.
- Consent-based marketing data is kept until you withdraw consent or until it is no longer needed.
When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.
6. Data Security
We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures are designed to reflect the nature of the data and the risks involved. While no system can be guaranteed to be completely secure, we work to maintain reasonable and proportionate safeguards at all times.
Carpetcleaning Paddington also expects any third-party processors we use to apply suitable security measures and to act responsibly when handling customer data.
7. Your Rights
As a data subject, you have important rights under data protection law. Subject to legal limits and verification of identity, you may have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate or incomplete information.
- Erase your personal data in certain circumstances.
- Restrict how we process your data in some situations.
- Object to processing based on legitimate interests or direct marketing.
- Data portability for information you provided to us, where applicable.
- Withdraw consent at any time where processing is based on consent.
If you wish to exercise any of these rights, we will respond in accordance with applicable law. We may need to request information to verify your identity before fulfilling your request.
8. International Transfers
Where personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place to protect it, such as adequacy regulations or approved contractual protections. We will only transfer data where lawful and necessary for service delivery or administrative purposes.
9. Marketing Communications
We may send optional marketing communications only where permitted by law, such as with your consent or in accordance with legitimate interest rules for existing customers where applicable. You can opt out of marketing at any time. If you opt out, we will stop sending such communications, though we may still contact you for service, legal, or administrative reasons.
10. Children’s Data
Our services are intended for adults and property-related customers. We do not knowingly collect personal data from children unless it is incidentally provided in the context of service delivery and is necessary for the visit. If we become aware that we have collected data from a child without appropriate basis, we will take reasonable steps to delete it.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or operational practices. Any updates will apply from the date they are published or otherwise communicated. We encourage customers to review this policy periodically to remain informed about how personal data is handled.
12. Summary of Our Commitment
We value your privacy and treat personal data with care, transparency, and respect. Our approach is to collect only what we need, use it fairly, keep it secure, and retain it only for as long as necessary. We aim to ensure that every customer in the Paddington area can use our carpet cleaning services with confidence that their information is being handled responsibly.
Carpetcleaning Paddington is committed to lawful, fair, and transparent processing in line with GDPR principles, including data minimisation, purpose limitation, accuracy, storage limitation, integrity and confidentiality, and accountability.
