Privacy Policy - Cranford Carpet Cleaners
Cranford Carpet Cleaners is committed to protecting the privacy of all customers in our area. This Privacy Policy explains how we collect, use, store, share, and protect personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all Cranford Carpet Cleaners customers in area, including prospective customers, current customers, and individuals who make an enquiry for our services.
1. Who We Are
Cranford Carpet Cleaners provides carpet, upholstery, rug, and related cleaning services to homes and businesses in our service area. For the purposes of data protection law, Cranford Carpet Cleaners is the data controller of the personal data described in this Policy. This means we determine the purposes and means of processing your personal data.
2. Personal Data We Collect
We only collect personal data that is relevant and necessary for delivering our services, managing our customer relationships, and meeting our legal obligations. The types of data we may collect include:
- Identity data such as your name, title, and business name where applicable.
- Contact data such as your address, email address, and telephone number.
- Service data such as the type of cleaning requested, property details, appointment dates, service history, and notes about the work completed.
- Payment data such as transaction records and payment status. We do not store full card details unless required by a payment provider under secure processing arrangements.
- Communication data such as messages, enquiries, feedback, complaints, and records of correspondence with us.
- Technical data such as limited website or device information if you interact with our online forms or digital booking tools, where applicable.
We do not intentionally collect special category data unless it is strictly necessary and you have provided it voluntarily, or unless we are required to process it for a specific lawful reason. If such information is shared with us inadvertently, we will handle it with additional care and only for the purpose for which it was provided.
3. How We Use Your Data
We use personal data for the following purposes:
- To respond to enquiries and provide quotes.
- To arrange, deliver, and manage cleaning services.
- To process payments and issue invoices or receipts.
- To communicate about appointments, updates, and service matters.
- To maintain records of services provided.
- To handle complaints, feedback, or disputes.
- To comply with legal, tax, accounting, and regulatory obligations.
- To improve our services, processes, and customer experience.
We only use your data where we have a valid lawful basis to do so. We do not sell personal data to third parties.
4. Lawful Basis for Processing
Under the UK GDPR, we must have a lawful basis for each type of processing. Cranford Carpet Cleaners relies on the following lawful bases:
Contract
We process your personal data where it is necessary to take steps at your request before entering into a contract or to perform a contract with you. This includes booking services, providing quotes, carrying out cleaning work, issuing invoices, and managing service-related communication.
Legitimate Interests
We may process your data where it is necessary for our legitimate business interests and where your interests and fundamental rights do not override those interests. This may include maintaining customer records, managing business administration, preventing fraud, improving service quality, and handling general customer communications. We always consider whether the impact on your privacy is proportionate.
Legal Obligation
We may process and retain certain information where needed to comply with legal obligations, such as tax requirements, accounting rules, or lawful requests from authorities.
Consent
In some situations, we may rely on your consent, for example where it is required for certain optional communications or specific data uses. When consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
5. Sharing Your Data and Processors
We may share personal data with trusted third parties when necessary to operate our business and provide our services. These third parties act as processors or, in some cases, independent controllers. We only share the minimum data necessary and require appropriate safeguards.
Examples of processors and recipients may include:
- Booking and administration service providers who help manage appointments, records, or communications.
- Payment processors who securely handle card or electronic payments.
- Accounting and bookkeeping providers who support financial record keeping and compliance.
- IT and cloud storage providers who help us store and protect business data.
- Professional advisers such as accountants, insurers, or legal advisers where needed.
- Public authorities where disclosure is required by law or necessary to protect rights, safety, or legal interests.
Where processors are used, they are bound by data processing terms requiring them to process your data only on our instructions, keep it secure, and comply with applicable data protection law.
6. International Transfers
Where any service provider stores or processes data outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms recognised under data protection law.
7. Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected, including the fulfilment of service obligations, legal compliance, dispute resolution, and business record keeping.
Retention periods may vary depending on the type of record, but generally we follow these principles:
- Customer enquiry records are kept for a reasonable period after the enquiry, unless they become part of an ongoing customer relationship.
- Service and booking records are retained for the duration of the relationship and for a period afterwards to handle follow-up questions, complaints, or claims.
- Financial and tax records are retained for the period required by law.
- Communication records may be kept where needed to evidence instructions, resolve disputes, or improve service delivery.
When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.
8. Data Security
We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and careful supplier selection. While we work hard to protect your data, no system can be guaranteed completely secure.
9. Your Rights
Under data protection law, you have a number of rights in relation to your personal data. Subject to legal limits, these rights include:
- Right of access – you can request a copy of the personal data we hold about you.
- Right to rectification – you can ask us to correct inaccurate or incomplete data.
- Right to erasure – you can request deletion of your data in certain circumstances.
- Right to restriction – you can ask us to limit how we use your data in certain cases.
- Right to data portability – you can request that certain data be provided in a structured, commonly used format.
- Right to object – you can object to processing based on legitimate interests, including direct marketing where applicable.
- Right to withdraw consent – where we rely on consent, you may withdraw it at any time.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data rights have been infringed. We encourage you to raise concerns with us first so we can try to resolve them promptly.
10. Children’s Data
Our services are aimed at adult customers and businesses. We do not knowingly collect personal data from children unless it is necessary in the context of a household service request and provided by an adult. If we become aware that we have collected children’s data inappropriately, we will take steps to delete it where appropriate.
11. Automated Decision-Making
We do not use fully automated decision-making or profiling that produces legal or similarly significant effects about you. Any decisions about services, scheduling, or customer support are made by our staff.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or service arrangements. The latest version will apply to your data from the date it is published or otherwise made available. We encourage you to review it periodically.
13. Summary of Our Commitment
Cranford Carpet Cleaners respects your privacy and uses personal data responsibly, fairly, and transparently. We collect only what we need, use it for clear and lawful purposes, and retain it only as long as necessary. We work with trusted processors under contract, and we support your rights under data protection law. This policy applies to all Cranford Carpet Cleaners customers in area.
Last updated: This policy is maintained in line with applicable UK data protection requirements.