Privacy Policy - Carpetcleaning Barnes
Last updated: This Privacy Policy explains how Carpetcleaning Barnes collects, uses, stores, shares, and protects personal data. It applies to all Carpetcleaning Barnes customers in the area, including prospective customers, household clients, and commercial clients who request or receive our cleaning services.
1. Introduction
We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy sets out the types of personal data we collect, the reasons we collect it, the lawful bases we rely on, how long we retain it, which third parties may process it on our behalf, and the rights you have regarding your personal data.
For the purposes of data protection law, Carpetcleaning Barnes acts as the data controller for personal data collected in connection with our services.
2. Personal Data We Collect
We collect only the information needed to provide and manage our services, respond to enquiries, and comply with legal obligations. The data we may collect includes:
- Identity data: name, title, and any other information you provide when making a booking or enquiry.
- Contact data: address, email address, telephone number, and service location details.
- Service data: information about the cleaning services requested, appointment details, service preferences, access instructions, and records of work completed.
- Billing data: payment status, invoices, transaction references, and limited payment-related information.
- Communication data: correspondence with us by phone, email, text message, or other communication methods.
- Technical data: basic information such as device type, browser type, and log data if you interact with online forms or digital systems we use.
- Special category data: we do not usually collect special category data. If you voluntarily share information relating to health, access needs, or other sensitive matters, we will only use it where necessary and lawful.
We do not intentionally collect more data than is necessary. Where possible, we ask you not to share unnecessary personal information.
3. How We Use Personal Data
We use personal data for the following purposes:
- to respond to enquiries and provide quotes;
- to schedule, deliver, and manage carpet cleaning services;
- to confirm bookings and service updates;
- to process invoices and payments;
- to maintain our business records;
- to handle complaints, queries, and follow-up requests;
- to meet legal, accounting, and insurance obligations;
- to protect our business, staff, and customers from fraud or misuse;
- to improve our services and customer experience.
We do not use personal data for automated decision-making that produces legal or similarly significant effects. If this changes in the future, we will update this policy and provide further information where required.
4. Lawful Basis for Processing
We only process personal data where we have a valid lawful basis under UK GDPR. Depending on the situation, we rely on one or more of the following grounds:
Contract
We process your data where it is necessary to enter into or perform a contract with you. This includes arranging appointments, delivering services, and managing payments.
Legal Obligation
We may process and retain certain records to comply with tax, accounting, consumer, and business record-keeping laws.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Examples include service administration, record keeping, fraud prevention, business improvement, and internal auditing.
Consent
Where required, we rely on your consent, for example if you choose to receive certain non-essential communications. You may withdraw consent at any time, without affecting processing already carried out lawfully before withdrawal.
Vital Interests
In rare situations, we may process data to protect someone’s vital interests, such as where information is necessary in an emergency.
5. Data Retention
We keep personal data only for as long as necessary for the purpose for which it was collected, or for as long as required by law. Retention periods may vary depending on the type of record and the reason it is held.
- Customer enquiry records: retained for a reasonable period after the enquiry ends, unless a longer period is needed.
- Service and booking records: retained for the duration of the customer relationship and for a period afterwards to support follow-up, service history, and dispute handling.
- Financial and tax records: retained for the period required by applicable accounting and tax laws.
- Complaint or dispute records: retained until the matter is fully resolved and for any further period needed to defend legal claims.
When personal data is no longer required, we will securely delete, anonymise, or archive it in a way that prevents unauthorised access.
6. Data Sharing and Processors
We may share personal data with trusted third parties that help us run our business and provide our services. These parties act as processors or, in some cases, separate controllers. We require appropriate data protection safeguards before sharing information.
Examples of processors may include:
- IT and cloud service providers: who host systems, email, storage, or customer records.
- Administrative software providers: who assist with scheduling, invoicing, and record management.
- Payment service providers: who handle payment processing where applicable.
- Professional advisers: such as accountants, insurers, legal advisers, or auditors, where necessary.
- Service support providers: who help with business operations, maintenance, or communication systems.
We may also disclose personal data where required by law, court order, regulatory request, or to protect our legal rights, safety, or property. We do not sell personal data.
7. International Transfers
In some cases, processors may store or access personal data outside the UK. Where this occurs, we take steps to ensure an adequate level of protection, such as using approved contractual safeguards or relying on recognised lawful transfer mechanisms.
8. Data Security
We use appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include restricted access, password protection, secure storage, and staff awareness procedures. While no system can be guaranteed completely secure, we take reasonable steps to reduce the risk of data incidents.
9. Your Rights
Under data protection law, you have several rights in relation to your personal data. These rights may be subject to conditions and exemptions. They include:
- Right of access: you may request a copy of the personal data we hold about you.
- Right to rectification: you may ask us to correct inaccurate or incomplete information.
- Right to erasure: you may request deletion of your personal data in certain circumstances.
- Right to restrict processing: you may ask us to limit how we use your data in certain cases.
- Right to object: you may object to processing based on legitimate interests or direct marketing.
- Right to data portability: you may request that certain information be provided in a structured, commonly used format.
- Right to withdraw consent: where we rely on consent, you may withdraw it at any time.
If you wish to exercise any of these rights, we will respond in accordance with applicable law. We may need to verify your identity before acting on your request.
10. Complaints
If you have concerns about how we handle your personal data, you may raise them with us so that we can review and address the issue. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data protection rights have been infringed.
11. Third-Party Links and Services
Our services may involve third-party tools or systems used for administration, communication, or payment processing. This Privacy Policy does not cover the privacy practices of external organisations that we do not control. We encourage you to review their privacy notices where relevant.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect legal, operational, or service changes. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically.
13. Summary of Key Points
In short: we collect only the personal data needed to deliver carpet cleaning services, manage administration, and meet legal obligations. We rely on lawful bases such as contract, legal obligation, legitimate interests, and consent where appropriate. We retain data only as long as necessary, share it only with trusted processors or where required by law, and respect your data protection rights.
This policy applies to all Carpetcleaning Barnes customers in the area.
