Privacy Policy - Greenwich Carpet Cleaners
Greenwich Carpet Cleaners is committed to protecting the privacy and personal data of all customers in our area. This Privacy Policy explains how we collect, use, store, share, and protect personal information in accordance with the UK GDPR and the Data Protection Act 2018. It applies to all Greenwich Carpet Cleaners customers in the area, including anyone who requests, receives, or enquires about our cleaning services.
1. Who We Are
For the purposes of data protection law, Greenwich Carpet Cleaners acts as the data controller for the personal data we process in connection with our services. This means we determine why and how your personal information is used. We only process personal data where we have a lawful basis to do so and only for legitimate business and service-related purposes.
2. Personal Data We Collect
We collect only the information needed to provide our services, manage bookings, communicate with customers, and meet our legal obligations. Depending on the nature of your enquiry or booking, we may collect the following categories of personal data:
- Identity information such as your name.
- Contact details such as address, phone number, and email address.
- Service details including property type, preferred dates, cleaning requirements, and notes relevant to the job.
- Payment and transaction information where needed to process invoices, payments, or refunds.
- Communication records including messages, booking requests, complaints, or service feedback.
- Technical information if you contact us electronically, such as basic device or usage data supplied through communication tools.
We do not intentionally collect special category data unless it is strictly necessary and you choose to provide it, for example if it is relevant to access needs or to help us carry out a requested service safely. Where special category data is involved, we will apply additional safeguards and only process it when permitted by law.
3. How We Use Your Data
We use personal data to operate our business and deliver services effectively. This may include:
- Handling enquiries and providing quotations.
- Managing bookings, appointments, and service delivery.
- Communicating before, during, and after a service.
- Issuing invoices and processing payments.
- Resolving complaints, disputes, or service issues.
- Keeping internal records for accounting and business administration.
- Meeting legal, tax, and regulatory obligations.
- Improving our services, processes, and customer experience.
We will not use your personal data for purposes that are incompatible with the reason it was collected unless we have a valid lawful basis to do so.
4. Lawful Basis for Processing
Under GDPR, we must identify a lawful basis for each type of processing. Greenwich Carpet Cleaners relies on the following lawful bases where appropriate:
Contract
We process data where it is necessary to enter into or perform a contract with you. For example, we need your contact and service details to arrange and complete a cleaning appointment.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests and where your rights do not override those interests. This includes managing customer records, responding to enquiries, improving service quality, and protecting our business from fraud or misuse. We always consider whether our interests are balanced against your privacy rights.
Legal Obligation
We may process and retain data where required to comply with legal obligations, such as tax, accounting, or record-keeping duties.
Consent
In limited situations, we may rely on your consent, for example if you choose to receive certain optional communications. Where consent is used, you may withdraw it at any time. This will not affect the lawfulness of processing carried out before consent was withdrawn.
5. Data Sharing and Processors
We do not sell your personal data. We may share information only where necessary and only with trusted third parties who assist us in delivering our services. These third parties act as processors or independent controllers depending on the service provided.
Examples of processors may include:
- Payment service providers who process transactions securely.
- Booking, scheduling, or customer management systems used to organise appointments and records.
- IT and cloud service providers who store or support business data.
- Professional advisers such as accountants or legal advisers when necessary for compliance and business administration.
Where processors handle personal data on our behalf, they are required to follow our instructions, keep information secure, and process it only for the agreed purpose. We take reasonable steps to ensure that any third party handling personal data provides appropriate security and privacy protections.
We may also share information if required by law, court order, or lawful request from a regulator or public authority.
6. Data Retention
We keep personal data only for as long as necessary to fulfil the purpose for which it was collected, including to meet legal, accounting, or reporting requirements. Retention periods vary depending on the type of information and the reason it is held.
In general, we retain customer records for a period that allows us to:
- Manage service history and follow-up requests.
- Resolve disputes or complaints.
- Meet tax and accounting obligations.
- Demonstrate compliance with legal requirements.
When personal data is no longer needed, we will securely delete, anonymise, or archive it in accordance with our retention practices. If we rely on consent and you withdraw it, we will stop the relevant processing unless another lawful basis applies.
7. Data Security
We use appropriate technical and organisational measures to protect personal data from accidental loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures may include access controls, secure storage, staff confidentiality obligations, and limited access to records on a need-to-know basis.
While no system can be guaranteed as completely secure, we continuously review our practices to reduce risk and improve protection.
8. Your Rights Under GDPR
As a customer or data subject, you have rights over your personal data. Subject to legal limits and verification of identity, you may have the right to:
- Access the personal data we hold about you.
- Rectification of inaccurate or incomplete information.
- Erasure of your data in certain circumstances.
- Restriction of processing in certain situations.
- Object to processing based on legitimate interests.
- Data portability where processing is based on consent or contract and carried out by automated means.
- Withdraw consent at any time where consent is the lawful basis.
If you exercise any of these rights, we may need to retain limited information where required by law or where necessary to defend legal claims. We will respond to valid requests within the time limits required by law.
9. Children’s Data
Our services are intended for adult customers or for bookings made by adults on behalf of a household or property. We do not knowingly collect personal data from children except where it is incidental and necessary for service provision, and only with appropriate safeguards.
10. International Transfers
If personal data is transferred outside the UK, we will ensure suitable safeguards are in place so that the information remains protected to a standard consistent with UK data protection law. This may include the use of approved transfer mechanisms and contractual protections.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal duties, or data protection practices. Any updated version will apply from the date it is published. We encourage customers to review this policy periodically to stay informed about how personal data is handled.
12. Summary of Our Commitment
Greenwich Carpet Cleaners respects your privacy and handles personal data responsibly. We collect only what is necessary, use it for clear and lawful purposes, share it only with trusted processors where needed, and retain it only for as long as required. We also respect your GDPR rights and aim to make our practices transparent, secure, and fair for every customer in our area.