Privacy Policy - Cambridge Heath Carpet Cleaners
This Privacy Policy explains how Cambridge Heath Carpet Cleaners collects, uses, stores, shares, and protects personal data when providing carpet cleaning and related services. It applies to all Cambridge Heath Carpet Cleaners customers in the Cambridge Heath area, including residential and commercial clients, prospective customers, and any individual who contacts us or uses our services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Cambridge Heath Carpet Cleaners provides professional carpet cleaning and related cleaning services to customers in and around Cambridge Heath. In this policy, references to “we,” “us,” or “our” mean Cambridge Heath Carpet Cleaners acting as the data controller for personal data processed in connection with our services. This means we decide why and how your personal data is used.
2. Information We Collect
We may collect and process personal data directly from you, from your use of our services, or from third parties acting on your behalf. The type of information collected depends on the service requested and the way you interact with us.
Personal Data We May Collect
- Identity information: your name and, where relevant, business or property name.
- Contact details: address, email address, and telephone number.
- Service information: details about the cleaning service requested, property access notes, service preferences, and scheduling information.
- Payment information: transaction records, billing details, and limited payment-related information necessary to process payments.
- Communications: correspondence, feedback, complaints, and notes from calls, messages, or written enquiries.
- Technical data: basic online usage data such as device type, browser information, and approximate location if submitted through digital channels.
- Marketing preferences: your preferences regarding service updates or promotional communications where applicable.
We do not intentionally collect special category data unless it is necessary and you provide it voluntarily, for example if it is relevant to accessibility, health, or safety considerations linked to a service visit. If such information is provided, we will only process it where a lawful basis applies and where additional legal conditions are met.
3. How We Use Your Data
We use personal data only for legitimate business purposes connected with operating our cleaning services and managing our customer relationships. This includes:
- providing quotes and arranging appointments;
- delivering carpet cleaning and associated services;
- handling payments, invoicing, and service records;
- responding to enquiries, complaints, and aftercare requests;
- maintaining service quality, safety, and operational planning;
- meeting legal, accounting, and tax obligations;
- sending service-related updates and, where permitted, marketing communications;
- preventing fraud, misuse, or unlawful activity;
- improving our services and customer experience.
We only process data for purposes that are relevant, necessary, and proportionate to the service being provided. We do not use your personal data in ways that are incompatible with the purposes described in this policy.
4. Lawful Basis for Processing
Under UK GDPR, we must have a lawful basis for every use of personal data. Depending on the context, Cambridge Heath Carpet Cleaners may rely on one or more of the following lawful bases:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes providing quotes, booking appointments, completing cleaning work, invoicing, and customer support related to the service.
Legal Obligation
We may process personal data when required to comply with legal duties, including tax, accounting, record-keeping, consumer protection, and other applicable regulations.
Legitimate Interests
We may use personal data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights and freedoms. Examples include service administration, fraud prevention, service improvement, and internal record keeping. We always assess whether our interests are appropriate before relying on this basis.
Consent
We rely on consent where required, particularly for certain marketing activities or the processing of optional information that is not otherwise necessary for service delivery. If we rely on consent, you can withdraw it at any time.
Vital Interests
In rare circumstances, we may process personal data if necessary to protect someone’s vital interests, such as in an emergency involving health or safety during a service visit.
5. Data Sharing and Processors
We may share personal data with trusted third parties that help us operate our business. These third parties act as processors when they process data on our instructions, or as separate controllers where they determine their own purposes for processing. We take appropriate steps to ensure data is protected whenever it is shared.
Categories of Processors and Recipients
- Payment service providers: to process customer payments securely.
- Booking and scheduling providers: to manage appointments and service coordination.
- IT and cloud service providers: to store data, maintain systems, and support secure communications.
- Accounting and bookkeeping providers: to manage invoices, financial records, and tax compliance.
- Customer service tools: to help manage enquiries and service communications.
- Professional advisers: such as legal, insurance, or tax advisers when necessary.
- Regulators or authorities: where disclosure is required by law or to protect rights and safety.
We require processors to act only on our documented instructions, to maintain appropriate security, and to process personal data only for the agreed purpose. Where data is transferred outside the UK, we will ensure suitable safeguards are in place in accordance with applicable law.
6. Data Retention
We retain personal data only for as long as necessary for the purpose for which it was collected, and to meet legal, accounting, or reporting obligations. Retention periods may vary depending on the type of data and the reason for processing.
- Customer and service records: kept for the duration of the service relationship and for a reasonable period afterwards.
- Financial and tax records: retained for the period required by law and accounting standards.
- Enquiry and communication records: retained as needed to manage correspondence, resolve issues, and improve customer service.
- Marketing preferences: kept until you update your preferences or withdraw consent where applicable.
When personal data is no longer required, we will securely delete, anonymise, or archive it in line with our retention practices. We do not keep data longer than necessary.
7. Your Rights
Individuals whose personal data we process have rights under data protection law. These rights apply subject to certain legal conditions and exceptions. Depending on the circumstances, you may have the right to:
- Access your personal data and request a copy of the information we hold about you.
- Rectify inaccurate or incomplete personal data.
- Erase your personal data in certain circumstances.
- Restrict processing in certain situations.
- Object to processing based on legitimate interests or direct marketing.
- Data portability for information processed by automated means based on consent or contract, where applicable.
- Withdraw consent at any time where processing is based on consent.
You also have the right to make a complaint to the Information Commissioner’s Office (ICO) if you believe your data has been handled unlawfully or unfairly. We encourage customers to raise concerns with us first so we can try to resolve the matter promptly.
8. Data Security
We take reasonable and appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures include access controls, secure storage, and staff awareness practices. While no system can be guaranteed completely secure, we work to protect data in line with recognised standards.
9. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children except where necessary in connection with a customer request and with appropriate adult involvement. If we become aware that data has been collected unlawfully from a child, we will take reasonable steps to delete it.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data processing practices. The most current version will apply to your use of our services. We encourage you to review this policy periodically so that you remain informed about how we handle personal data.
11. Summary of Our Commitment
Cambridge Heath Carpet Cleaners is committed to processing customer data responsibly, securely, and lawfully. We collect only the information needed to provide and manage our services, we use it under a valid lawful basis, we limit retention to what is necessary, and we share data only with trusted processors or where required by law. If you are a customer in the Cambridge Heath area, this policy applies to you and describes how we protect your personal information.