Nunhead Carpet Cleaners Privacy Policy

This Privacy Policy explains how Nunhead Carpet Cleaners collects, uses, stores, and protects personal data relating to customers and prospective customers within our service area. It is intended to provide clear information in accordance with the UK General Data Protection Regulation and the Data Protection Act 2018.

By engaging our services or contacting us about our services, you acknowledge that you have read this Privacy Policy and understood how we process your personal data.

Scope of this Privacy Policy

This Privacy Policy applies to all Nunhead Carpet Cleaners customers and prospective customers within our service area, including individuals making enquiries, booking appointments, or otherwise interacting with us in relation to carpet and upholstery cleaning or related services.

It covers data collected through our website, by telephone, in person, and in any other direct communication with us where we act as the data controller.

Personal Data We Collect

We may collect and process the following categories of personal data, depending on how you interact with us:

Identification and contact details, such as name, address, property type or access details, and general location information relevant to providing our services.

Communication details, including any information you provide in enquiries, messages, or feedback, as well as appointment notes.

Booking and service data, such as dates and times of bookings, records of services provided, specific cleaning requirements, and any before and after observations relating to the service.

Payment and transaction data, including information about payments made, payment method type, and related billing information. We do not store full card details if payment is processed through a secure third party.

Technical data, where applicable, such as basic information about how you use our website or digital services, for example device type and pages visited. This may be collected through standard website technologies and is used to improve our services.

Marketing preferences, including whether you have consented to receive marketing communications and your stated preferences about how we contact you.

How We Collect Personal Data

We collect personal data in several ways:

Directly from you when you contact us, request a quote, book a service, provide feedback, or communicate with us by any means.

From service delivery activities at your premises, where we may record relevant details to deliver and improve our services safely and effectively.

Automatically from your use of our website or digital services, where technical data may be captured through cookies or similar technologies, subject to applicable consent requirements.

Lawful Bases for Processing

We only process your personal data where we have a lawful basis under data protection law. Depending on the circumstances, we may rely on the following lawful bases:

Contract: We process personal data to take steps at your request prior to entering into a contract and to perform our contract with you. This includes providing quotes, confirming bookings, delivering cleaning services, arranging access to your property, and managing payments.

Legal obligation: We may process personal data to comply with legal or regulatory requirements, such as tax, accounting, and record-keeping obligations.

Legitimate interests: We may process personal data when it is necessary for our legitimate interests or those of a third party, and where these interests are not overridden by your rights and interests. Our legitimate interests include running and improving our business, responding to enquiries, preventing fraud, ensuring security, training staff, and maintaining appropriate records of services provided.

Consent: In certain situations, we may ask for your consent to use your personal data, for example for specific types of marketing or the use of non-essential cookies. Where we rely on consent, you can withdraw it at any time.

How We Use Personal Data

We use personal data for the following purposes:

To provide and manage our carpet and upholstery cleaning services, including handling enquiries, providing quotes, booking appointments, and carrying out work at your property.

To communicate with you about your bookings, changes to appointments, follow-up after services, and responses to queries or complaints.

To process payments, issue invoices and receipts, and manage our accounts and financial records in line with legal and regulatory requirements.

To customise and improve our services, including reviewing service records, training staff, and refining our processes based on customer feedback and service outcomes.

To send you service-related messages and, where permitted, information about similar services you may be interested in. You can opt out of marketing communications at any time.

To ensure the security of our staff, customers, systems, and property, and to detect and prevent fraud or misuse of our services.

To comply with applicable laws, regulatory requirements, and lawful requests from authorities, where necessary.

Data Sharing and Processors

We do not sell your personal data. However, we may share data with selected third parties where necessary for the purposes described above, including:

Service providers acting as data processors who provide services such as payment processing, booking management tools, customer relationship management systems, IT support, data storage, or secure document destruction. These providers are only permitted to process your personal data in accordance with our instructions and must implement appropriate security measures.

Professional advisers, such as accountants or legal advisers, where such sharing is necessary for the provision of professional services and to meet our legal obligations.

Authorities, regulators, law enforcement agencies, or courts, where required by law or where necessary to establish, exercise, or defend legal claims.

Where data processors are based outside the United Kingdom or the European Economic Area, we will ensure appropriate safeguards are in place in accordance with data protection laws, such as standard contractual clauses or equivalent protections.

Data Retention

We keep personal data only for as long as is necessary for the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.

As a general guide, we retain basic customer and service information for a period aligned with limitation periods for legal claims and statutory record-keeping requirements, after which it is securely deleted or anonymised.

Where we rely on your consent, data will be retained only as long as your consent remains valid or until you withdraw it, whichever occurs first, unless we have another lawful basis for continuing to retain the data.

Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or damage. These measures may include access controls, secure storage solutions, staff training, and procedures for handling and reporting data security incidents.

While we strive to protect your personal data, no method of transmission or storage is completely secure. We continually review and update our security measures in line with best practice and legal requirements.

Your Data Protection Rights

Under data protection law, you have a number of rights in relation to your personal data, subject to certain conditions and exemptions:

Right of access: You have the right to request confirmation as to whether we process your personal data and to receive a copy of that data, along with information about how it is used.

Right to rectification: You have the right to request that inaccurate or incomplete personal data be corrected or updated.

Right to erasure: In some circumstances, you may request that we delete your personal data, for example where it is no longer necessary for the purposes for which it was collected or where you withdraw consent and no other lawful basis applies.

Right to restriction of processing: You may request that we restrict the processing of your personal data in certain situations, such as while its accuracy is being verified or where you have objected to processing based on legitimate interests.

Right to object: You have the right to object to processing based on legitimate interests and to direct marketing at any time. If you object to marketing, we will stop sending you marketing communications.

Right to data portability: Where processing is based on consent or contract and carried out by automated means, you may request that we provide your personal data in a structured, commonly used, machine-readable format and transmit it to another controller where technically feasible.

Right to withdraw consent: Where we rely on your consent for processing, you may withdraw that consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

Exercising Your Rights and Complaints

If you wish to exercise any of your rights or have questions about how we handle your personal data, you can contact us using the contact details available through our usual communication channels. We may need to verify your identity before responding to your request to protect your privacy and security.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you are unhappy with how we have handled your personal data. We encourage you to contact us first so that we can try to resolve your concerns.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. Any significant changes will be made available through our normal communication channels. The date of the most recent version will be indicated within the policy or accompanying information.

Your continued use of our services after any update to this Privacy Policy will constitute your acknowledgement of the updated terms.