Privacy Policy - Roehampton Carpet Cleaners
Effective date: This Privacy Policy explains how Roehampton Carpet Cleaners collects, uses, stores, shares, and protects personal data. It applies to all Roehampton Carpet Cleaners customers in the area, including prospective customers, current customers, and anyone who communicates with us in relation to our services.
1. Introduction
Roehampton Carpet Cleaners is committed to protecting personal data and respecting privacy. We process information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy sets out what data we collect, why we collect it, the lawful basis we rely on, how long we keep it, who may process it on our behalf, and the rights available to individuals under data protection law.
By using our services, making an enquiry, or otherwise interacting with Roehampton Carpet Cleaners, you acknowledge that we may process your personal data as described in this policy. We will only use personal data in a fair, lawful, and transparent way.
2. Data we collect
We collect only the personal data that is necessary for the provision and management of our services. The categories of data we may collect include:
- Identity information: name, title, and any relevant details needed to identify you.
- Contact information: address, email address, telephone number, and other communication details.
- Service and booking information: details of the carpet cleaning service requested, property access notes, appointment preferences, and service history.
- Payment information: limited payment-related data necessary to process transactions, issue invoices, and maintain financial records. We do not intentionally store sensitive card data unless required by secure payment processes.
- Communication records: messages, correspondence, complaints, feedback, and notes from conversations related to service delivery.
- Technical information: basic device or usage data if collected through electronic communications, such as IP address or browser details, where needed for security or service improvement.
- Operational information: records of visits, quotations, completed work, cancellations, and follow-up actions.
We do not seek to collect special category data unless it is necessary and there is a lawful basis for doing so. If such data is ever provided to us incidentally, it will be handled with increased care and only used where permitted by law.
3. How we use personal data
We use personal data to operate our business and provide services efficiently. Typical uses include:
- processing enquiries and providing quotations;
- managing bookings, appointments, and service delivery;
- communicating with customers about scheduled work or changes;
- issuing invoices, recording payments, and maintaining accounts;
- handling complaints, queries, and customer support;
- maintaining internal records and service history;
- meeting legal, tax, accounting, and insurance obligations;
- protecting our business, staff, customers, and property from fraud, misuse, or security incidents.
We will not use your personal data for purposes that are incompatible with the original reason it was collected unless we have a valid lawful basis and, where required, your consent.
4. Lawful basis for processing
Under UK GDPR, we must have a lawful basis for each use of personal data. Roehampton Carpet Cleaners relies on the following lawful bases:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes managing bookings, delivering cleaning services, preparing invoices, and communicating about the service you requested.
Legal obligation
We process personal data where needed to comply with legal obligations, such as tax records, accounting requirements, fraud prevention, and responding to lawful requests from authorities.
Legitimate interests
We may process personal data where it is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests. This may include record keeping, customer service improvement, operational management, and security monitoring. We ensure that any reliance on legitimate interests is proportionate and limited to what is reasonably necessary.
Consent
In limited situations, we may rely on your consent, for example where the law requires it for a particular type of communication or optional marketing activity. Where we rely on consent, you can withdraw it at any time. Withdrawal of consent will not affect processing carried out before consent was withdrawn.
5. Sharing personal data and processors
We do not sell personal data. We may share information only where necessary and appropriate for running our business or meeting legal obligations. This may include trusted third parties acting as processors on our behalf. These processors only handle data according to our instructions and are required to keep it secure and confidential.
Examples of processors may include:
- IT and cloud service providers: for secure data storage, email, scheduling, and document management;
- payment service providers: for handling card or electronic payments securely;
- accounting and bookkeeping providers: for invoicing, tax records, and financial administration;
- customer communication tools: for sending appointment reminders or service-related messages;
- professional advisers: such as insurers, legal advisers, or auditors where necessary;
- public authorities: where disclosure is required by law or necessary to protect legal rights.
Where processors are used, we take reasonable steps to ensure appropriate contractual safeguards, security measures, and confidentiality obligations are in place. If personal data is transferred outside the UK, we will only do so where appropriate safeguards are available and the transfer complies with data protection law.
6. Data retention
We keep personal data only for as long as necessary for the purpose for which it was collected, and for any additional period required by law, regulation, or legitimate business need. Retention periods may vary depending on the category of information and the reason for processing.
In general, we apply the following retention approach:
- customer and booking records: kept for the duration of the business relationship and a reasonable period afterwards to manage follow-up, disputes, and service history;
- financial and tax records: retained for the legally required period;
- communication records: retained as long as needed to respond to issues, evidence agreements, or maintain continuity of service;
- technical or security logs: retained only for the period necessary for monitoring, troubleshooting, or security purposes.
When personal data is no longer needed, we will securely delete, destroy, or anonymise it. We do not keep data longer than necessary.
7. Data security
We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff awareness, password protection, and restricted access to data on a need-to-know basis.
Although no system can be guaranteed to be completely secure, we regularly review our procedures to reduce risks and improve resilience. If a personal data breach occurs and it is likely to present a risk to your rights and freedoms, we will respond in line with applicable legal requirements.
8. Your rights
Under data protection law, you have a number of rights in relation to your personal data. These rights may be exercised in certain circumstances and may be subject to legal limitations. They include:
- Right of access: you may request confirmation of whether we process your data and obtain a copy of it;
- Right to rectification: you may ask us to correct inaccurate or incomplete data;
- Right to erasure: you may request deletion of your data where there is no legal reason to keep it;
- Right to restriction: you may ask us to limit processing in certain circumstances;
- Right to data portability: you may request certain data in a structured, commonly used format where applicable;
- Right to object: you may object to processing based on legitimate interests or direct marketing;
- Right to withdraw consent: where processing relies on consent, you may withdraw it at any time;
- Right to complain: you may lodge a complaint with the relevant data protection authority if you believe your rights have been infringed.
We will assess requests carefully and respond within the timeframes required by law. In some cases, we may need to retain certain data despite a request, where we have a legal obligation or another lawful ground to do so.
9. Children’s data
Our services are not directed at children, and we do not knowingly collect personal data from children except where necessary in connection with a household service and lawfully provided by an adult responsible for the booking. If we become aware that we have collected data from a child unlawfully, we will take steps to delete it promptly.
10. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in law, business practices, or service operations. Any updated version will apply from the date it takes effect. We encourage customers to review this policy periodically so they remain informed about how their personal data is handled.
11. Summary of principles
Roehampton Carpet Cleaners processes personal data lawfully, fairly, and transparently. We collect only what is necessary, use it for legitimate business and contractual purposes, keep it securely, retain it only as long as needed, and allow individuals to exercise their rights under data protection law.
By using Roehampton Carpet Cleaners services in the area, you confirm that you have read and understood this Privacy Policy.