Privacy Policy - Carpet Cleaners Tooting
This Privacy Policy explains how Carpet Cleaners Tooting collects, uses, stores, shares, and protects personal data. It applies to all Carpet Cleaners Tooting customers in the area, including residential and commercial clients who request carpet cleaning, upholstery cleaning, stain treatment, odour removal, or related services. We are committed to handling personal data fairly, lawfully, and transparently in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
For the purposes of data protection law, Carpet Cleaners Tooting acts as the data controller for the personal data we collect in connection with our services. This means we determine why and how your personal data is processed. In some cases, third parties such as payment providers or software platforms may act as separate data controllers or processors depending on the service they provide.
We take privacy seriously and aim to ensure that personal information is only used for legitimate business purposes and kept secure for no longer than necessary.
2. Personal Data We Collect
We collect only the information needed to provide our services effectively and manage customer relationships. Depending on your interaction with us, we may collect the following types of data:
- Identity data such as your name and title.
- Contact data such as your address, phone number, and email address.
- Service data including property details, carpet or fabric types, cleaning preferences, and instructions relevant to the job.
- Transaction data such as payment records, invoices, and service history.
- Communication data including messages, complaint details, and customer service notes.
- Technical data such as basic website usage information if you contact us through online forms or digital booking tools.
We do not intentionally collect special category data unless you voluntarily provide it and it is necessary for a specific service issue, such as a note relating to health sensitivities or access requirements. Where such data is provided, we will treat it with additional care and only process it where permitted by law.
3. How We Use Your Data
We use personal data for the following purposes:
- To respond to enquiries and provide quotations.
- To arrange, manage, and deliver carpet cleaning services.
- To process payments and issue invoices or receipts.
- To communicate appointment details, service updates, and post-service information.
- To handle complaints, queries, and follow-up support.
- To maintain business records and comply with legal obligations.
- To improve our service quality, scheduling, and customer experience.
We only use data in ways that are compatible with the original reason it was collected, unless we are required or permitted to use it for another lawful purpose.
4. Lawful Basis for Processing
Under UK GDPR, we must identify a lawful basis for each type of processing. Carpet Cleaners Tooting relies on the following lawful bases:
Contract
We process your data when it is necessary to enter into or perform a contract with you. This includes taking bookings, delivering services, managing appointments, and handling payments.
Legitimate Interests
We may process personal data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Examples include record keeping, service improvement, fraud prevention, and responding to customer inquiries.
Legal Obligation
We may process and retain certain data to comply with legal and regulatory obligations, such as tax, accounting, and record-keeping requirements.
Consent
Where required, we may rely on your consent, for example if you choose to receive certain marketing communications. You may withdraw consent at any time, and this will not affect any processing carried out before withdrawal.
5. Sharing and Processors
We may share personal data with trusted third parties who help us deliver our services. These third parties act as processors when they process data on our behalf, and they are required to protect it and use it only for the agreed purpose.
Typical processors and service providers may include:
- Payment processing providers.
- Booking, scheduling, and customer management software providers.
- IT, cloud storage, and email service providers.
- Accountants or professional advisers who support financial and legal compliance.
We may also disclose data where necessary to comply with the law, enforce agreements, protect rights, or respond to lawful requests from public authorities. We do not sell personal data.
6. Data Retention
We keep personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. The retention period may vary depending on the type of information and the reason it is held.
In general:
- Customer service records are retained for a reasonable period to support ongoing service and dispute handling.
- Financial and invoicing records are kept for the period required by tax and accounting laws.
- Communication records are retained as long as needed to manage enquiries and ensure service continuity.
When data is no longer required, it is securely deleted or anonymised. We apply retention limits to reduce unnecessary storage of personal information.
7. Data Security
We use appropriate technical and organisational measures to protect personal data from unauthorised access, accidental loss, misuse, or disclosure. These measures may include password protection, access controls, secure storage, and staff confidentiality obligations.
While no system can be guaranteed completely secure, we work to maintain a level of security appropriate to the nature of the data we hold and the risks involved.
8. International Transfers
If any processor stores or accesses data outside the United Kingdom, we will ensure that appropriate safeguards are in place. These safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms recognised under data protection law.
9. Your Rights
As a data subject, you have important rights under the UK GDPR. Subject to legal limits and exemptions, you may have the right to:
- Access your personal data and obtain a copy of the information we hold about you.
- Rectification of inaccurate or incomplete data.
- Erasure of your data in certain circumstances.
- Restriction of processing in certain circumstances.
- Object to processing based on legitimate interests or direct marketing.
- Data portability for information you have provided to us, where applicable.
- Withdraw consent at any time where processing is based on consent.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage you to raise concerns with us first so that we can try to resolve the matter promptly and fairly.
10. Children’s Data
Our services are intended for adults and business customers. We do not knowingly collect personal data from children in a way that would require separate consent or special handling, unless it is incidentally included in service instructions or communications from an adult customer. If we become aware that we have collected data from a child unlawfully, we will take appropriate steps to delete it.
11. Marketing Preferences
We may send service-related updates that are necessary for completing bookings or managing customer accounts. Where we send optional marketing messages, we will do so only where permitted by law. You can opt out of non-essential communications at any time. If you opt out, we will still be able to contact you about active bookings, payments, or important service matters.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in law, business practices, or service arrangements. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their data is handled.
13. Summary of Key Principles
Carpet Cleaners Tooting processes personal data lawfully, fairly, and transparently. We collect only the information needed to deliver services and manage our relationship with customers in the area. We use appropriate lawful bases, limit retention, share data only with trusted processors or where required by law, and respect your rights under UK data protection law.
This Privacy Policy applies to all Carpet Cleaners Tooting customers in the area.