Plumstead Carpet Cleaners Privacy Policy

This Privacy Policy explains how Plumstead Carpet Cleaners collects, uses, stores and protects your personal data when you use our carpet and upholstery cleaning services. It applies to all Plumstead Carpet Cleaners customers in our service area, including those who contact us for quotations, make bookings, or otherwise interact with our business.

We are committed to complying with the United Kingdom General Data Protection Regulation and the Data Protection Act, and to handling your personal data lawfully, fairly and transparently.

Personal Data We Collect

We collect and process the following categories of personal data when you contact us or use our services:

Identification and contact details, such as your name and the address where services are to be provided. This may be your home address, business address or another property you specify.

Communication details that you choose to provide to us to arrange appointments, discuss quotes or manage bookings, such as your preferred communication channels.

Service and booking information, including details about the type of cleaning services requested, the size and condition of the property or items to be cleaned, preferred dates and times, and any access instructions you choose to give us.

Billing and payment information as necessary to process payments and manage invoices. Payment card details are handled securely through payment processors and are not stored by us where we use third party platforms for card processing.

Technical and usage information where applicable, such as information about how you interact with our online enquiry forms or website, including date and time of contact and basic technical logs, to help us secure our systems and improve our services.

Any other information you voluntarily provide, such as feedback, reviews, or additional instructions about your property or special requirements.

Lawful Bases for Processing

We rely on the following lawful bases under data protection law to process your personal data:

Contractual necessity. We process your personal data when it is necessary to take steps at your request before entering into a contract, and to perform our contract with you. This includes providing quotations, arranging cleaning services, carrying out the work, and communicating with you about your booking and payment.

Legitimate interests. We process personal data where it is necessary for our legitimate business interests and where these are not overridden by your interests or fundamental rights. This includes managing and improving our services, responding to enquiries and complaints, keeping appropriate business records, and protecting our business from fraud or misuse.

Legal obligations. We process certain personal data to comply with legal obligations, such as accounting, tax and financial record-keeping requirements, and to respond to lawful requests from public authorities.

Consent. In limited circumstances we may rely on your consent, for example for certain types of direct marketing communications where required by law. Where we rely on consent, you have the right to withdraw it at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

How We Use Your Personal Data

We use your personal data for the following purposes:

To provide and manage our carpet and upholstery cleaning services, including scheduling and carrying out visits to your property and following up on work completed.

To respond to your enquiries, provide quotations, and manage your bookings and any changes or cancellations.

To process payments, issue invoices and receipts, and manage our financial records.

To communicate with you about your use of our services, including important service messages, appointment reminders and updates.

To maintain our business records, manage our operations, and improve our services and customer experience.

To handle complaints, resolve disputes and enforce our terms and conditions.

To comply with legal and regulatory requirements, and to cooperate with law enforcement or regulatory bodies where required by law.

Data Sharing and Processors

We do not sell your personal data. We may share your personal data with carefully selected third parties where necessary for the purposes set out in this Privacy Policy.

Service providers acting as data processors may process data on our behalf to help us deliver our services. These may include providers of scheduling or booking tools, payment processing services, secure data storage and hosting services, and business administration tools. We only engage processors that provide sufficient guarantees to implement appropriate technical and organisational measures to protect your data.

Professional advisers, such as accountants, or others who provide professional services to our business may have limited access to personal data where reasonably necessary for their work and subject to confidentiality obligations.

Public authorities and law enforcement agencies may receive personal data where we are legally required to disclose it, or where disclosure is necessary to protect our rights or the rights of others.

Where we use data processors, they act only on our documented instructions and are not permitted to use your personal data for their own purposes.

International Transfers

Where we use service providers that are located outside the United Kingdom or the European Economic Area, or that store data in other countries, we take steps to ensure that your personal data is given adequate protection in accordance with data protection law. This may include using standard contractual clauses or relying on other approved safeguards or adequacy decisions. You can contact us for more information about international transfers relevant to your data.

Data Retention

We retain your personal data only for as long as is necessary for the purposes for which it was collected, or as required by law.

Customer and booking records are generally kept for as long as you remain an active customer and for a reasonable period afterwards to manage our relationship with you, deal with any queries or disputes, and maintain accurate business records.

Invoices, payment records and related financial data are retained for the period required under tax and accounting laws.

Enquiry information from potential customers who do not go on to use our services is retained for a limited period to respond to follow-up questions and manage our records, after which it is deleted or anonymised.

When personal data is no longer required, we will either securely delete it or irreversibly anonymise it so that it can no longer be linked to you.

Data Security

We take appropriate technical and organisational measures to protect your personal data from unauthorised access, accidental loss, destruction or damage. These measures include restricting access to personal data to those who need it for legitimate business purposes, using secure systems and tools, and training staff on data protection responsibilities.

While we take reasonable steps to safeguard your personal data, no system can be completely secure. If we become aware of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will inform you and any relevant authorities where required by law.

Your Data Protection Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to certain conditions and legal exceptions.

Right of access. You have the right to request confirmation that we process your personal data and to receive a copy of that data, together with information about how we use it.

Right to rectification. You have the right to ask us to correct inaccurate personal data and to complete incomplete data.

Right to erasure. In certain circumstances, you have the right to request that we delete your personal data, for example where it is no longer needed for the purposes for which it was collected, or where you withdraw consent and there is no other legal basis for processing.

Right to restriction of processing. You may ask us to restrict the processing of your personal data in certain situations, for example while we investigate a concern about accuracy or the lawfulness of processing.

Right to data portability. Where processing is based on consent or contract and carried out by automated means, you may have the right to receive your personal data in a structured, commonly used and machine readable format and to request that it is transmitted to another controller where technically feasible.

Right to object. You have the right to object to processing based on our legitimate interests, including profiling based on those interests. We will stop processing your data unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms or where processing is necessary for legal claims.

Rights in relation to direct marketing. You have the right to object at any time to the processing of your personal data for direct marketing purposes. If you object, we will stop using your data for this purpose.

Right to withdraw consent. Where we rely on your consent to process personal data, you may withdraw your consent at any time. This will not affect the lawfulness of processing before consent was withdrawn.

You also have the right to lodge a complaint with the relevant data protection authority if you believe that your data protection rights have been infringed. We encourage you to contact us first so that we can try to resolve your concerns.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or for other operational reasons. Any changes will take effect when the updated policy is made available. We recommend that you review this Privacy Policy periodically to stay informed about how we handle your personal data.