Privacy Policy - Wanstead Carpet Cleaners
This Privacy Policy explains how Wanstead Carpet Cleaners collects, uses, shares, stores, and protects personal data. It applies to all Wanstead Carpet Cleaners customers in the area, including prospective customers, existing customers, and individuals who enquire about our services. We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who This Policy Applies To
This policy applies to anyone whose personal data we process in connection with our carpet cleaning, upholstery cleaning, stain treatment, and related domestic or commercial cleaning services. If you use our services, request a quotation, make an enquiry, or otherwise interact with us, this policy explains how we treat your information.
2. Personal Data We Collect
We only collect personal data that is relevant and necessary for providing our services, managing customer relationships, and meeting legal obligations. The types of information we may collect include:
- Identity information such as your name and, where relevant, the name of your business or organisation.
- Contact information such as your address, telephone number, and email address.
- Service details such as property access instructions, cleaning preferences, carpet or fabric types, stain descriptions, and appointment notes.
- Billing and payment information such as invoice details and records of payments made or received.
- Communication records such as enquiries, complaints, feedback, and correspondence.
- Technical or usage information where relevant, including records of website interactions or device information if you contact us through digital channels.
We do not seek to collect special category data unless it is strictly necessary and you have provided it voluntarily in a context where processing is lawful. If such data is received accidentally, we will handle it carefully and only retain it where there is a valid legal reason to do so.
3. How We Use Your Personal Data
We use personal data only for specific and legitimate purposes. These may include:
- Providing quotations and responding to enquiries.
- Scheduling, delivering, and managing cleaning services.
- Recording service history and customer preferences.
- Issuing invoices, handling payments, and maintaining financial records.
- Managing complaints, queries, and customer support.
- Meeting legal, tax, accounting, and regulatory obligations.
- Improving the quality, safety, and efficiency of our services.
- Preventing fraud, misuse, or security incidents.
We will not use your personal data for purposes that are incompatible with those described in this policy unless we have a lawful basis to do so and, where appropriate, have informed you.
4. Lawful Basis for Processing
Under the UK GDPR, we must have a lawful basis for each type of processing activity. Depending on the circumstances, we rely on one or more of the following lawful bases:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes arranging services, carrying out cleaning work, managing appointments, and handling invoices or payments.
Legal Obligation
We may process data where necessary to comply with legal duties, including accounting records, tax obligations, and record-keeping requirements.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include service administration, internal record management, customer support, security, and service improvement.
Consent
In limited circumstances, we may rely on your consent, for example where you voluntarily provide additional information that is not required for service delivery. Where consent is used, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.
5. Data Sharing and Processors
We may share personal data with trusted third parties who help us operate our business. These third parties act as data processors where they process data on our instructions, or as independent data controllers where they determine their own purposes for processing. We take appropriate steps to ensure data is protected and used only for permitted purposes.
Examples of processors or service providers may include:
- Payment service providers who handle transactions securely.
- Accounting or bookkeeping providers who support financial administration.
- Scheduling or administrative software providers who help manage bookings and customer records.
- IT and cloud storage providers who securely host data or support systems.
- Professional advisers such as accountants or legal advisers where necessary.
We may also disclose personal data if required by law, by a court order, or to protect our rights, property, customers, or staff. Where data is shared outside the UK, we will ensure appropriate safeguards are in place in accordance with data protection law.
6. Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected, and for any additional period required by law. Retention periods may vary depending on the type of data and the reason we hold it.
- Customer and service records are generally kept for the duration of the customer relationship and for a reasonable period afterwards.
- Financial and accounting records are retained for the period required by tax and accounting laws.
- Communication records are kept as long as needed to resolve queries, maintain accurate records, or support legitimate business needs.
- Marketing-related data, where applicable, is kept until you withdraw consent or object, or until it is no longer needed.
When personal data is no longer needed, we will securely delete, anonymise, or otherwise dispose of it.
7. Security of Personal Data
We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction. These measures may include access controls, secure storage, staff awareness, and limiting access to those who need the information for legitimate business purposes. While no system is completely secure, we work to maintain a level of protection appropriate to the nature of the information we handle.
8. Your Rights Under Data Protection Law
As a data subject, you have a number of rights under the UK GDPR. These rights may not always apply in every situation, but we will respond to requests in accordance with the law.
- Right of access – you may request a copy of the personal data we hold about you.
- Right to rectification – you may ask us to correct inaccurate or incomplete data.
- Right to erasure – in some cases, you may ask us to delete your data.
- Right to restriction – you may ask us to limit how we use your data in certain circumstances.
- Right to data portability – you may request certain data in a structured, commonly used format.
- Right to object – you may object to processing based on legitimate interests, and to direct marketing where applicable.
- Right to withdraw consent – where we rely on consent, you may withdraw it at any time.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data has not been handled properly. We encourage you to raise any concern with us first so that we can address it promptly and fairly.
9. Children’s Data
Our services are primarily intended for adults. We do not knowingly collect personal data from children unless it is provided by an adult customer for service-related reasons, such as property access or household instructions. If we become aware that we have collected data from a child without a lawful basis, we will take appropriate steps to delete it.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in legal requirements, business practices, or how we process personal data. Any updated version will apply from the date it is published or otherwise communicated. We recommend reviewing this policy periodically to stay informed.
11. Our Commitment
At Wanstead Carpet Cleaners, we respect privacy and aim to handle customer information responsibly. We keep our processing limited, proportionate, and transparent. If you are a customer in the Wanstead area, you can expect us to treat your personal data with care, use it only where we have a lawful basis, and retain it only for as long as necessary.
This policy is designed to meet the requirements of UK data protection law and to provide clear information about how your data is managed in connection with our services.