Privacy Policy - Crofton Park Carpet Cleaners

Effective date: This Privacy Policy applies to all Crofton Park Carpet Cleaners customers in the local area and explains how we collect, use, store, share, and protect personal data when we provide carpet cleaning and related services. We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Crofton Park Carpet Cleaners provides professional carpet cleaning and related household cleaning services. In the course of delivering our services, we may process personal data relating to customers, property occupants, account holders, and individuals who contact us to enquire about our services. This policy explains what information we collect and how we use it.

2. Personal Data We Collect

We only collect personal data that is necessary for legitimate business and service delivery purposes. The types of information we may collect include:

  • Identity details such as your name and title.
  • Contact details such as your phone number, email address, and service address.
  • Booking information including appointment dates, service preferences, and cleaning requirements.
  • Payment information such as payment method, transaction status, and billing records. We do not intentionally store full card details where payment processors handle these securely.
  • Property and service details such as carpet type, stain concerns, access instructions, and relevant notes needed to complete the service properly.
  • Communication records including messages, call notes, complaint history, and correspondence relating to estimates, bookings, or follow-up support.
  • Technical data in limited circumstances, such as basic website or device information if you contact us through digital systems.

We do not intentionally collect special category data unless you choose to share it with us and it is necessary for a specific request, such as access needs or health-related instructions relevant to service delivery. Where such information is provided, we treat it with additional care and only use it where lawful.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To manage enquiries and provide quotations.
  • To book, confirm, amend, and deliver carpet cleaning services.
  • To communicate about appointments, changes, delays, and aftercare.
  • To process payments, refunds, and invoices.
  • To maintain service records and customer history.
  • To handle complaints, customer support requests, and disputes.
  • To improve our services, training, quality control, and business operations.
  • To meet legal, tax, accounting, and regulatory requirements.
  • To protect our business, staff, and customers from fraud, misuse, or unlawful activity.

We only use your personal data in ways that are compatible with the purposes for which it was collected, unless we have a lawful reason to use it differently.

4. Lawful Basis for Processing

Under the UK GDPR, we must have a lawful basis to process personal data. Depending on the context, Crofton Park Carpet Cleaners relies on one or more of the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes arranging services, confirming appointments, invoicing, and delivering the cleaning work you requested.

Legal Obligation

We may process and retain certain records to comply with legal obligations, such as tax laws, accounting rules, insurance requirements, and other regulatory duties.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided these interests do not override your rights and freedoms. Examples include managing business operations, responding to enquiries, preventing fraud, improving service quality, and maintaining customer records.

Consent

In some situations, we may rely on your consent, especially for optional communications or where you choose to provide particular information. Where consent is used, you may withdraw it at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.

5. Sharing and Processors

We may share personal data only where necessary and only with trusted third parties acting as processors or independent controllers. These parties are required to handle data securely and in accordance with data protection law.

Processors may include:

  • Payment processors that handle card payments or electronic transactions securely.
  • Booking and scheduling systems used to manage appointments and service records.
  • IT and cloud service providers that store email, customer records, or business files.
  • Accounting and bookkeeping providers used for invoicing, tax reporting, and financial administration.
  • Customer communication tools used to send booking confirmations or service updates.
  • Professional advisers such as insurers, legal advisers, or auditors where needed.

We may also disclose data if required by law, court order, or a lawful request from a public authority. If our business were ever restructured, sold, or transferred, customer data may be shared with relevant parties under appropriate safeguards.

We do not sell your personal data.

6. International Transfers

Where any processor stores or accesses data outside the UK, we take appropriate measures to protect it. These may include approved contractual safeguards, adequacy regulations, or other lawful transfer mechanisms. We ensure that personal data remains protected to a standard consistent with UK GDPR requirements.

7. Data Retention

We keep personal data only for as long as necessary for the purposes described in this policy, including to meet legal, accounting, and business requirements. Retention periods may vary depending on the type of information and the reason it was collected.

  • Customer and booking records are typically retained for the period needed to manage service history and resolve follow-up issues.
  • Financial and invoice records are retained for the period required by tax and accounting laws.
  • Communication records may be kept for a reasonable period to support customer service and dispute handling.
  • Consent records may be retained to demonstrate compliance.

When data is no longer needed, we securely delete, anonymise, or archive it in line with our retention procedures. Retention is kept under review so that we do not store information longer than necessary.

8. Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures may include access controls, secure storage, staff confidentiality obligations, and careful handling of customer records.

Although we work hard to protect your information, no system can be guaranteed completely secure. If a personal data breach occurs, we will take steps required by law, including assessing risk and notifying the relevant authorities and affected individuals where necessary.

9. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to legal limitations or exemptions, but we will always respond appropriately and within the required timeframes.

  • Right of access – you may request a copy of the personal data we hold about you.
  • Right to rectification – you may ask us to correct inaccurate or incomplete information.
  • Right to erasure – you may request deletion of your data in certain circumstances.
  • Right to restriction – you may ask us to limit how we use your data in certain situations.
  • Right to object – you may object to processing based on legitimate interests or direct marketing.
  • Right to data portability – you may request that certain information be provided to you or transferred to another controller.
  • Right to withdraw consent – where we rely on consent, you may withdraw it at any time.

You also have the right to raise concerns with the Information Commissioner's Office (ICO) if you believe your data protection rights have been infringed.

10. Children’s Data

Our services are intended for adults and household customers. We do not knowingly collect personal data directly from children in a way that is not necessary for the provision of our services. If we become aware that we have inadvertently collected such information, we will take appropriate steps to delete or safeguard it.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, our practices, or our services. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their data is handled.

12. Summary of Our Approach

Crofton Park Carpet Cleaners is committed to respecting your privacy and processing personal data fairly, lawfully, and transparently. We collect only the information needed to provide our services, use it for clear and legitimate purposes, retain it only for appropriate periods, and share it only with trusted processors or where required by law. If you are a customer in our service area, this policy explains your rights and how we protect your information with care and professionalism.

Crofton Park Carpet Cleaners

GDPR-compliant Privacy Policy for Crofton Park Carpet Cleaners covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.