Privacy Policy - Carpet Cleaners E3
This Privacy Policy explains how Carpet Cleaners E3 collects, uses, stores, shares, and protects personal data. It applies to all Carpet Cleaners E3 customers in the area, including prospective customers, active customers, and anyone who contacts us for carpet, upholstery, rug, stain treatment, or related cleaning services. We are committed to handling personal data in a lawful, fair, and transparent way in line with the UK GDPR and the Data Protection Act 2018.
1. Who We Are
Carpet Cleaners E3 provides professional cleaning services for domestic and commercial premises. In the course of providing these services, we may collect and process personal data about customers, property occupiers, payment contacts, and other individuals involved in booking, receiving, or managing our services. We act as a data controller for the personal data we determine the purpose and means of processing.
2. Personal Data We Collect
We only collect data that is relevant and necessary for our service delivery, customer management, safety, and legal obligations. The types of information we may collect include:
- Identity details such as name and title
- Contact details such as address, email address, and telephone number
- Service details such as property access instructions, cleaning preferences, booking times, and service history
- Payment information such as transaction records, invoice details, and partial payment references
- Communication records such as enquiries, complaints, feedback, and correspondence
- Technical data if you interact with us electronically, such as basic device or browser information where relevant for security and functionality
- Special categories of data only where strictly necessary and provided by you, for example health-related access needs or allergy information relevant to safe service delivery
We do not intentionally collect more personal data than is required. If special category data is provided, we treat it with additional care and only process it where there is a clear lawful reason to do so.
3. How We Collect Personal Data
We may collect personal data in several ways, including:
- when you make a booking or request a quote
- when you communicate with us by phone, email, or online form
- when we carry out a service at your property
- when you make a payment or receive an invoice
- when you submit a review, complaint, or follow-up enquiry
- when third parties provide necessary service-related information on your behalf
Where personal data is provided by someone other than you, we expect that person to have the authority or consent to share it with us.
4. Lawful Basis for Processing
We process personal data only where a lawful basis under the UK GDPR applies. The main lawful bases we rely on are:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes managing bookings, providing cleaning services, sending invoices, and handling service-related communications.
Legal Obligation
We may process personal data to comply with legal or regulatory obligations, such as accounting requirements, tax rules, fraud prevention, and record-keeping duties.
Legitimate Interests
We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. These interests include managing customer relationships, improving our services, maintaining business records, protecting against misuse, and ensuring the security of our operations.
Consent
Where required, we will rely on your consent. This may apply to certain optional communications or to the processing of special category data where no other lawful basis is available. You may withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal.
5. How We Use Your Data
We use personal data for the following purposes:
- to provide carpet cleaning and related services
- to confirm bookings and manage appointments
- to communicate about service requirements, changes, or issues
- to prepare quotes, invoices, and payment records
- to respond to customer enquiries and complaints
- to improve service quality and customer satisfaction
- to meet legal, accounting, and compliance obligations
- to protect our business, staff, and customers from fraud, misuse, or security risks
We do not use personal data for automated decision-making that produces legal or similarly significant effects.
6. Data Sharing and Processors
We may share personal data with trusted third-party processors who help us deliver our services or operate our business. These parties process data on our behalf and only under our instructions. Examples may include:
- payment service providers
- accounting and bookkeeping providers
- booking, scheduling, or customer management software providers
- IT and cloud storage providers
- professional advisers such as accountants or legal advisers
- subcontracted service providers where necessary to fulfil a booking
We require processors to handle personal data securely and to process it only for the agreed purpose. We do not sell personal data. We may also disclose data where required by law, court order, or a lawful request from a public authority.
7. International Transfers
If any processor stores or accesses personal data outside the UK, we ensure that appropriate safeguards are in place. These safeguards may include adequacy regulations, standard contractual clauses, or equivalent protections required by law.
8. Data Retention
We keep personal data only for as long as necessary for the purpose for which it was collected, unless a longer period is required by law. Retention periods may vary depending on the type of record and the reason it is held. For example:
- Customer service records are retained for the duration of the customer relationship and for a reasonable period afterwards
- Financial and tax records are kept for the period required by accounting and tax legislation
- Complaints or dispute records may be kept longer where needed to resolve issues or defend legal claims
- Consent-based records are kept until consent is withdrawn or the information is no longer needed
When personal data is no longer needed, it is securely deleted, anonymised, or archived in line with our retention practices.
9. Data Security
We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, alteration, disclosure, or destruction. These measures may include access controls, password protection, secure storage, staff confidentiality obligations, and regular review of systems and procedures. While no system can be guaranteed completely secure, we take data protection seriously and work to reduce risk wherever reasonably possible.
10. Your Rights Under GDPR
Depending on the circumstances, you have the following rights in relation to your personal data:
- Right of access - to request a copy of the personal data we hold about you
- Right to rectification - to ask us to correct inaccurate or incomplete data
- Right to erasure - to request deletion of your data where legally possible
- Right to restriction - to ask us to limit processing in certain situations
- Right to data portability - to receive certain data in a structured, commonly used format
- Right to object - to object to processing based on legitimate interests or direct marketing
- Right to withdraw consent - where processing is based on consent
We may need to verify your identity before responding to a request. We aim to respond within the statutory timeframe and will explain if an extension is needed.
11. How to Exercise Your Rights
You may contact us to exercise any of your rights or to raise concerns about how your data is handled. We may ask for information to confirm your identity and to help us locate the relevant records. There is usually no fee for making a request, unless it is clearly unfounded, excessive, or repetitive.
12. Complaints
If you believe your data has not been handled properly, you have the right to raise a complaint with the relevant supervisory authority. We encourage you to contact us first so we can try to resolve the issue promptly and fairly. If you remain dissatisfied, you can seek further guidance from the UK data protection regulator.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. Any updated version will apply from the date it is made available. We recommend reviewing this policy periodically to stay informed about how we handle personal data.
14. Summary of Our Commitment
Carpet Cleaners E3 is committed to handling personal data responsibly and transparently. We collect only the information needed to provide our services, rely on lawful bases for processing, keep data only for as long as necessary, use trusted processors under strict controls, and respect your GDPR rights. This policy applies to all Carpet Cleaners E3 customers in the area and is designed to ensure privacy is protected at every stage of our service relationship.