Privacy Policy - Carpetcleaning Finsburypark
This Privacy Policy explains how Carpetcleaning Finsburypark collects, uses, stores, shares, and protects personal data when providing carpet cleaning services to customers in the Finsbury Park area. It applies to all Carpetcleaning Finsburypark customers in the area, including private households, landlords, tenants, letting agents, and commercial clients who request our services. We are committed to handling personal data in a lawful, fair, and transparent manner, in line with the UK GDPR and the Data Protection Act 2018.
1. Data We Collect
We only collect personal data that is necessary for providing our services, managing our business, and meeting legal obligations. The type of data we collect may depend on how you interact with us and what services you request.
Information you provide directly
- Identity details such as your name, title, and any business name you use.
- Contact details such as address, telephone number, and email address.
- Service details such as property access instructions, carpet or upholstery cleaning requirements, preferred appointment times, and any special requests.
- Payment and billing details where needed for invoicing and transaction processing.
- Communication records including messages, complaints, feedback, and service-related correspondence.
Information collected automatically
When you use our online systems or interact with digital communications, we may collect limited technical information such as device type, browser information, and basic usage data. This information is used to maintain service security, improve functionality, and understand how our services are accessed. We do not collect more data than is required for these purposes.
Information from third parties
In some cases, we may receive your personal data from landlords, managing agents, contractors, or other individuals arranging services on your behalf. We may also receive information needed to complete a booking, verify service details, or issue an invoice. Where this occurs, we treat the data with the same care and safeguards as data provided directly by you.
2. How We Use Personal Data
Carpetcleaning Finsburypark uses personal data for specific and limited purposes only. These include:
- Providing carpet cleaning and related cleaning services.
- Managing bookings, scheduling appointments, and confirming service arrangements.
- Processing payments and issuing invoices or receipts.
- Communicating with customers about service updates, changes, or queries.
- Handling complaints, disputes, and customer support matters.
- Maintaining business records and fulfilling accounting and tax obligations.
- Protecting our business, customers, and staff from fraud, misuse, or unlawful activity.
- Improving service quality and operational efficiency.
We do not sell personal data. We also do not use personal data for unrelated purposes without an appropriate legal basis.
3. Lawful Basis for Processing
Under data protection law, we must have a lawful basis to process personal data. Carpetcleaning Finsburypark relies on the following lawful bases where appropriate:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes arranging a booking, delivering cleaning services, managing access details, and handling payment or service-related communications.
Legitimate Interests
We may process personal data where it is necessary for our legitimate business interests, provided those interests do not override your rights and freedoms. This may include maintaining service records, preventing fraud, improving operations, and responding to customer enquiries. We always consider whether the processing is proportionate and necessary.
Legal Obligation
Some data must be retained or processed to meet legal obligations, including accounting, tax, insurance, and regulatory requirements. Where the law requires us to keep records, we do so in accordance with applicable rules.
Consent
In limited situations, we may rely on your consent, for example where we need to send certain optional communications or use information in a way that requires permission. Where consent is used, you can withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.
4. Data Sharing and Processors
We may share personal data only where necessary and only with trusted third parties acting as data processors or independent controllers. These parties must handle data securely and in accordance with data protection law.
Processors we may use
- Payment processors to handle card or electronic transactions securely.
- Booking and administration providers to support appointment scheduling, record keeping, and customer communications.
- IT and cloud service providers to store data, maintain systems, and protect our digital records.
- Accounting or bookkeeping providers to manage invoices, tax records, and financial administration.
- Customer service tools where needed to manage enquiries and complaints efficiently.
We may also disclose data to legal, regulatory, or professional advisers where necessary, and to authorities if required by law. If a service provider acts as a data processor, they may only process your data on our instructions and must implement appropriate security measures. If a recipient is an independent controller, they will be responsible for their own privacy practices.
5. Data Retention
We keep personal data only for as long as necessary for the purpose for which it was collected. The retention period depends on the type of data, the service provided, and legal requirements. When the data is no longer needed, we will securely delete, anonymise, or archive it where appropriate.
- Booking and service records are retained for a period necessary to manage the contract, respond to follow-up issues, and maintain business records.
- Financial and tax records are kept for the period required by law.
- Communication records may be retained for a reasonable period to support customer service, dispute resolution, and quality assurance.
Retention is reviewed regularly to ensure we do not keep data longer than needed. Where possible, data is minimised or removed once its purpose has been fulfilled.
6. Data Security
We use appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures may include access controls, secure storage, staff training, and limiting access to personal data to those who need it for legitimate business purposes. While no system can be guaranteed completely secure, we take reasonable steps to safeguard the data we handle.
7. Your Rights
As a data subject, you have a number of rights under data protection law. These rights may be subject to legal exceptions and restrictions, but we will always consider your request carefully.
- Right of access – you can request a copy of the personal data we hold about you.
- Right to rectification – you can ask us to correct inaccurate or incomplete information.
- Right to erasure – you can request deletion of your data in certain circumstances.
- Right to restriction – you can ask us to limit how we use your data in certain situations.
- Right to object – you can object to processing based on legitimate interests or direct marketing where applicable.
- Right to data portability – you may request your data in a structured, commonly used format where processing is based on consent or contract and carried out by automated means.
- Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.
If you wish to exercise any of these rights, we will respond within the time limits set by law. We may need to verify your identity before taking action, to protect your information.
8. International Transfers
Where personal data is stored or processed outside the UK, we will ensure that appropriate safeguards are in place. This may include the use of approved contractual protections or other lawful transfer mechanisms designed to protect your information to an equivalent standard.
9. Children’s Data
Our services are intended for adults who arrange cleaning services for homes or businesses. We do not knowingly collect personal data from children, and if we become aware that such data has been collected inadvertently, we will take appropriate steps to delete or protect it in line with legal requirements.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in the law, our services, or the way we process personal data. Any changes will take effect when published in the revised policy. We encourage customers to review this policy periodically so they remain informed about how their data is handled.
11. Contact and Complaints
If you have concerns about how your personal data is handled, you have the right to raise a complaint with the relevant supervisory authority. You may also contact us using our usual business channels to discuss a privacy concern, request clarification, or exercise your rights. We will take privacy matters seriously and aim to resolve issues promptly and fairly.
Summary: Carpetcleaning Finsburypark’s GDPR-compliant privacy policy explains data collection, lawful bases, processors, retention, security, and user rights for all customers in the area.