Privacy Policy - West Drayton Carpet Cleaners
West Drayton Carpet Cleaners is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, share, store, and protect personal information when we provide carpet cleaning and related services. It applies to all West Drayton Carpet Cleaners customers in the area, including prospective customers, active customers, and anyone who contacts us about our services.
This policy has been written in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It is intended to be clear, transparent, and easy to understand.
1. Who We Are
For the purposes of data protection law, West Drayton Carpet Cleaners acts as the data controller for the personal information described in this policy. This means we decide why and how your personal data is used in connection with our services.
2. Personal Data We Collect
We only collect personal information that is necessary for providing our services, managing customer relationships, and meeting legal obligations. The types of data we may collect include:
- Identity details such as your name or title.
- Contact details such as your address, telephone number, and email address.
- Service information such as the type of cleaning requested, appointment details, property access notes, and service preferences.
- Payment information such as billing records, payment status, and transaction references. We do not keep more payment data than is necessary.
- Communication records such as emails, messages, call notes, complaints, feedback, and service requests.
- Technical information if you interact with us through digital systems, such as basic device or usage data used for security and performance purposes.
We do not intentionally collect special category data unless it is strictly necessary and you provide it voluntarily, for example where it is relevant to access needs or safety requirements. If such data is shared, we handle it with additional care and only where the law allows.
3. How We Use Your Personal Data
We use personal data for the following purposes:
- To arrange, deliver, and manage cleaning services.
- To confirm bookings, provide updates, and respond to enquiries.
- To issue invoices, process payments, and maintain financial records.
- To manage customer support, complaints, and follow-up communication.
- To improve our services, scheduling, and customer experience.
- To meet legal, accounting, and tax obligations.
- To protect against fraud, misuse, or security incidents.
We only use your data where there is a lawful reason to do so and where the use is fair, relevant, and limited to what is necessary.
4. Lawful Basis for Processing
Under GDPR, we must identify a lawful basis for each use of personal data. West Drayton Carpet Cleaners relies on the following lawful bases:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes booking services, carrying out cleaning work, managing payments, and delivering customer support related to the service.
Legitimate Interests
We may process personal data for our legitimate business interests, provided your rights do not override those interests. This can include service management, record keeping, quality control, business administration, fraud prevention, and limited internal analysis to improve operations. Where we rely on legitimate interests, we consider the impact on your privacy and ensure the use is proportionate.
Legal Obligation
We may process and retain certain information because we are required to do so by law. This includes tax records, accounting records, and information needed to comply with regulatory obligations or lawful requests from public authorities.
Consent
In limited cases, we may rely on your consent, for example where you voluntarily agree to receive certain optional communications or share information that is not otherwise required. If we rely on consent, you can withdraw it at any time. Withdrawal of consent does not affect the lawfulness of processing before it was withdrawn.
5. Data Sharing and Processors
We may share personal data with trusted third parties who help us operate our business. These third parties act as processors when they process data on our instructions. We only use processors that provide suitable safeguards and agree to handle data securely and lawfully.
Examples of processors may include:
- Payment service providers used to process transactions.
- Accounting or bookkeeping providers used for financial administration.
- IT and cloud storage providers used for secure record management.
- Customer communication tools used to manage messages and bookings.
- Appointment or scheduling systems used to organise service delivery.
We may also disclose personal data where required by law, for example to courts, regulators, law enforcement, or tax authorities. Any such disclosure will be limited to what is necessary.
We do not sell your personal data.
6. International Transfers
Where a processor or service provider stores or accesses data outside the United Kingdom, we take steps to ensure appropriate safeguards are in place. This may include the use of approved contractual protections or ensuring the destination provides an adequate level of protection for personal data.
7. Data Retention
We keep personal data only for as long as necessary for the purpose for which it was collected, including for legal, accounting, or reporting requirements. Retention periods vary depending on the type of information and the reason we hold it.
- Customer and service records are usually kept for the period needed to complete the service and for a reasonable time afterwards for support, dispute handling, and business records.
- Financial and invoice records are kept for the period required by tax and accounting law.
- Communication records are kept for as long as needed to manage enquiries, complaints, or evidence of service.
- Security or technical records are kept for a limited period unless needed for investigation or legal reasons.
When data is no longer needed, we will securely delete, destroy, or anonymise it.
8. Data Security
We use appropriate technical and organisational measures to help protect personal data from loss, misuse, unauthorised access, disclosure, or alteration. These measures are designed to be proportionate to the nature of the data and the risks involved.
Security measures may include access controls, secure storage, limited staff access, and careful selection of service providers. While no method of transmission or storage is completely secure, we work to reduce risk and respond promptly to any suspected incident.
9. Your Rights
As a data subject under GDPR, you have several rights in relation to your personal data. These rights may apply depending on the circumstances and any legal exceptions.
- Right of access – you can ask for a copy of the personal data we hold about you.
- Right to rectification – you can ask us to correct inaccurate or incomplete data.
- Right to erasure – in some cases, you can ask us to delete your data.
- Right to restrict processing – you can ask us to limit how we use your data in certain situations.
- Right to object – you can object to processing based on legitimate interests or direct marketing.
- Right to data portability – in some cases, you can ask for your data in a structured, commonly used format.
- Right to withdraw consent – where processing is based on consent, you can withdraw it at any time.
We will respond to requests in accordance with data protection law and within the required timeframes. We may ask for information to verify your identity before acting on a request.
10. Complaints and Further Rights
If you are concerned about how your data has been handled, we encourage you to raise the issue with us first so we can try to resolve it. You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been breached.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any updates will take effect when published or communicated where appropriate. We recommend reviewing this policy periodically so you remain informed about how your data is handled.
12. Summary of Key Points
This Privacy Policy explains how West Drayton Carpet Cleaners collects and uses personal data in connection with carpet cleaning services across the area. We collect only necessary information, use it for clear and lawful purposes, share it only with trusted processors or where required by law, and keep it only for as long as needed. You have rights over your personal data, and we aim to handle all information lawfully, fairly, and transparently.