Privacy Policy - Carpet Cleaners EC2
This Privacy Policy explains how Carpet Cleaners EC2 collects, uses, stores, shares, and protects personal data. It applies to all Carpet Cleaners EC2 customers in the EC2 area, including anyone who requests a quote, books a service, receives a service, or otherwise interacts with us in connection with our cleaning services. We are committed to handling personal data in a lawful, fair, and transparent manner, in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
By using our services, you acknowledge that your personal data may be processed in accordance with this policy. We only process personal data when we have a valid lawful basis to do so, and we take reasonable steps to ensure that all information is kept secure and used only for the purposes described below.
1. Personal Data We Collect
We may collect and process different categories of personal data depending on how you interact with us. The information we collect is limited to what is necessary for providing our services, managing customer relationships, meeting legal obligations, and improving service quality.
Information you provide directly
- Identity data such as your name.
- Contact data such as address, email address, and telephone number.
- Service data such as booking details, property access instructions, service preferences, and cleaning requirements.
- Payment-related information where needed to process a transaction, although full card details are generally handled by secure payment processors rather than stored by us.
- Communication records such as enquiries, complaints, feedback, and messages you send to us.
Information collected automatically
- Technical data such as IP address, device type, browser type, and operating system, where applicable.
- Usage data relating to how you interact with our service communications or digital tools.
We do not intentionally collect special category data unless you choose to provide it and it is necessary for a specific service request, such as access information relevant to health or mobility. If such information is provided, we will only process it where we have an appropriate lawful basis and additional safeguards are in place.
2. How We Use Your Personal Data
We use personal data only for defined and legitimate purposes. These include:
- processing enquiries and providing quotations;
- managing bookings and delivering carpet cleaning services;
- communicating with you about your appointment, service details, or follow-up matters;
- taking payment and maintaining transaction records;
- handling complaints, service issues, and customer support;
- maintaining business records and accounting documentation;
- meeting legal, tax, and regulatory obligations;
- preventing fraud, misuse, or unauthorised access;
- improving the quality, efficiency, and reliability of our services.
We will not use your personal data for purposes that are incompatible with the reasons for which it was collected, unless we have informed you and have a valid legal basis to do so.
3. Lawful Basis for Processing
Under data protection law, we must have a lawful basis for every processing activity. Carpet Cleaners EC2 relies on the following lawful bases:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes taking bookings, carrying out cleaning services, sending service updates, and managing billing or payment arrangements.
Legitimate interests
We may process personal data where it is necessary for our legitimate business interests, provided that your interests and fundamental rights do not override those interests. Examples include responding to customer enquiries, managing business operations, preventing fraud, improving service quality, and maintaining internal records.
Legal obligation
We may process your information where necessary to comply with legal requirements, such as tax, accounting, consumer protection, or record-keeping obligations.
Consent
In limited cases, we may rely on your consent, for example if you opt in to certain types of marketing communications or agree to the processing of optional information. Where we rely on consent, you have the right to withdraw it at any time.
Vital interests or public task
These bases are unlikely to apply to our usual carpet cleaning services, but they may be used in rare situations if required by law or to protect someone’s vital interests.
4. Sharing Your Data and Processors
We may share personal data with trusted third parties who help us operate our business. These third parties act as processors when they process data on our behalf and only under our instructions. We require appropriate contractual safeguards from all processors to ensure they protect your information and use it only for authorised purposes.
Examples of processors and service providers may include:
- payment service providers for secure payment processing;
- booking and scheduling software providers;
- IT support, cloud hosting, or data storage providers;
- accounting or bookkeeping service providers;
- customer communication tools used for emails or service notifications;
- professional advisers such as legal or financial advisers where necessary.
We may also disclose personal data where required by law, court order, regulatory request, or to protect our rights, property, staff, customers, or the public. We do not sell personal data.
5. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting requirements. Retention periods vary depending on the type of information and the purpose of processing.
- Customer booking and service records are generally retained for a period necessary to manage the service relationship and handle any follow-up queries or disputes.
- Financial and tax records are retained for the period required by law.
- Communications and complaint records may be retained for as long as needed to resolve issues and demonstrate proper handling.
- Marketing consent records may be retained until you withdraw consent or the information is no longer needed.
When personal data is no longer required, it is securely deleted, anonymised, or otherwise disposed of in a safe and appropriate manner.
6. Data Security
We take the security of personal data seriously and implement appropriate technical and organisational measures designed to protect against unauthorised access, accidental loss, destruction, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and monitoring of systems used to process customer information.
While no system can be guaranteed to be completely secure, we work to reduce risks and respond promptly to any suspected data incident. If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will take appropriate action in accordance with applicable law.
7. Your Rights Under Data Protection Law
You have several rights regarding your personal data. These rights apply subject to certain legal conditions and exceptions.
- Right of access – you can request a copy of the personal data we hold about you.
- Right to rectification – you can ask us to correct inaccurate or incomplete information.
- Right to erasure – in certain circumstances, you can request deletion of your personal data.
- Right to restriction – you can ask us to limit how your data is used in specific situations.
- Right to object – you can object to processing based on legitimate interests or direct marketing.
- Right to data portability – where applicable, you can request that certain data be provided in a structured, commonly used format.
- Right to withdraw consent – where processing is based on consent, you can withdraw it at any time.
You also have the right to make a complaint to the Information Commissioner’s Office (ICO) if you are unhappy with how we handle your personal data. We encourage you to raise any concerns with us first so we can address them promptly.
8. International Transfers
If any of our processors store or access data outside the United Kingdom, we ensure that appropriate safeguards are in place to protect your personal data. These safeguards may include adequacy regulations, standard contractual clauses, or other legally recognised transfer mechanisms.
9. Children’s Data
Our services are intended for adults and are not directed at children. We do not knowingly collect personal data from children unless it is provided by an adult customer in the context of arranging a service where that information is necessary and lawful.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in law, our services, or the way we handle data. Any changes will take effect when published in the updated version. We encourage customers to review this policy periodically to stay informed about how personal data is protected.
Summary: Carpet Cleaners EC2’s GDPR privacy policy explains what data is collected, lawful bases, retention periods, processors, security, and customer rights for all EC2 customers.