Privacy Policy for West Kensington Carpet Cleaning

This Privacy Policy explains how West Kensington Carpet Cleaning collects, uses, stores and protects personal data relating to its customers in the West Kensington area. It also describes the rights that individuals have under the United Kingdom General Data Protection Regulation and related data protection laws. By engaging our carpet cleaning and related services, you acknowledge that you have read and understood this Privacy Policy.

Scope of this Privacy Policy

This Privacy Policy applies to all customers and prospective customers of West Kensington Carpet Cleaning located in our service area, including individuals who contact us to request a quote, make a booking, or enquire about our services. It covers personal data collected through phone calls, written correspondence, online enquiries, and in-person interactions in the course of providing our services.

Data Controller

For the purposes of data protection law, West Kensington Carpet Cleaning is the data controller for the personal data it processes about its customers. As data controller, we determine the purposes and means of processing your personal data and are responsible for ensuring that such processing complies with applicable data protection legislation.

Personal Data We Collect

We only collect personal data that is necessary for the provision of our services, the operation of our business, and compliance with legal obligations. The types of personal data we may collect include, where relevant:

Identification and contact information such as your name, title, residential or business address, and other contact preferences that you provide to us.

Booking and service information such as the date and time of your appointment, type of services requested, property access information that you choose to share, and any special instructions or notes concerning the service.

Payment and billing information such as billing address, details of payments made, and transaction history. Card or bank details may be processed via secure third party payment processors and are not retained by us beyond what is necessary to complete the transaction, unless we are legally required to do so.

Communication records including correspondence relating to quotes, bookings, complaints, feedback and other enquiries, as well as notes of conversations made in the course of providing customer service.

Technical and usage information where applicable, such as basic log data generated when you interact with any online forms or digital tools that we may use to handle enquiries and bookings.

Lawful Basis for Processing

We process personal data only when we have a valid lawful basis under applicable data protection laws. Depending on the specific circumstances, we may rely on the following lawful bases:

Performance of a contract: We need to process your personal data in order to provide our carpet cleaning and related services, to manage your booking, to issue invoices, and to fulfil our contractual obligations to you.

Compliance with legal obligations: We may process certain data to comply with legal and regulatory requirements, such as accounting, tax, and record-keeping obligations.

Legitimate interests: We may process personal data where it is necessary for our legitimate interests, provided that those interests are not overridden by your rights and freedoms. Legitimate interests can include managing our business operations, improving our services, preventing fraud, handling disputes, and ensuring the security of our staff and customers.

Consent: In limited circumstances, we may rely on your explicit consent, for example if we wish to send you certain types of marketing communications. When we rely on consent, you are free to withdraw it at any time.

How We Use Personal Data

We use the personal data we collect for the following purposes:

To provide our carpet cleaning and related services, including scheduling appointments, attending at your premises, and completing the requested work.

To manage customer relationships, including responding to enquiries, issuing quotes, administering bookings, sending confirmations and reminders, and handling cancellations or rescheduling.

To process payments, issue invoices and receipts, and maintain appropriate financial and accounting records.

To respond to feedback, complaints and disputes, and to improve the quality and safety of our services.

To carry out internal management, planning and reporting, including service performance monitoring and business administration.

To comply with applicable legal, regulatory, and insurance obligations, and to establish, exercise or defend legal claims.

Data Sharing and Processors

We do not sell or rent your personal data. However, we may share personal data with selected third parties where necessary for the purposes described in this Privacy Policy and where permitted by law. Such third parties may act as data processors on our behalf and may include:

Payment processing providers that securely process transactions and assist with fraud prevention.

IT and systems support providers who assist in the operation, maintenance and security of our digital systems and communication tools.

Professional advisers such as accountants, legal advisers and insurers who require access to certain information to provide their services to us.

Regulatory bodies, law enforcement agencies, courts or other public authorities, where we are legally obliged or permitted to do so.

When we engage third party processors, we ensure that appropriate contractual safeguards are in place requiring them to only process personal data in accordance with our instructions, to maintain adequate security measures, and to comply with relevant data protection laws.

Data Retention

We retain personal data only for as long as is necessary for the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. In determining appropriate retention periods, we consider the nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, and the purposes for which we process it.

Customer and booking records are generally kept for a period that allows us to manage ongoing relationships, respond to any issues or disputes, and comply with tax and accounting obligations. When personal data is no longer needed, we will either delete it securely or anonymise it so that it can no longer be linked to an identifiable individual.

Data Security

We take reasonable technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. Measures may include access controls, secure storage, staff awareness, and appropriate procedures for handling data breaches.

While we strive to protect personal data, no system can be completely secure. We therefore cannot guarantee absolute security, but we are committed to promptly investigating and responding to any suspected data security incidents, including where necessary notifying affected individuals and relevant authorities.

International Transfers

Our primary operations and data storage are intended to take place within the United Kingdom or the European Economic Area. If it becomes necessary to transfer personal data to a country outside these areas, we will ensure that an adequate level of protection is in place, for example by using standard contractual clauses or other safeguards recognised under applicable data protection laws.

Your Data Protection Rights

As a data subject, you have a number of rights in relation to the personal data that we hold about you, subject to certain conditions and legal limitations. These rights include:

Right of access: You may request confirmation as to whether we process your personal data and, where we do, receive a copy of that data together with certain information about how it is used.

Right to rectification: You may request that inaccurate or incomplete personal data about you is corrected or updated.

Right to erasure: In specific circumstances, you may request that we delete your personal data, for example where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent and there is no other lawful basis for processing.

Right to restriction of processing: You may request that we restrict the processing of your personal data in certain situations, such as while we are verifying its accuracy or assessing an objection.

Right to object: You may object to processing that is based on our legitimate interests, on grounds relating to your particular situation. We will then no longer process your data for that purpose unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or unless the processing is for the establishment, exercise or defence of legal claims.

Right to data portability: Where processing is based on consent or on a contract and is carried out by automated means, you may request to receive the personal data you provided to us in a structured, commonly used and machine-readable format, and to have that data transmitted to another controller where technically feasible.

Right to withdraw consent: Where we rely on your consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing carried out before consent was withdrawn.

You also have the right to lodge a complaint with the relevant data protection supervisory authority if you believe that we have not complied with applicable data protection laws.

Changes to This Privacy Policy

We may update or amend this Privacy Policy from time to time to reflect changes in our practices, legal requirements or other factors. Any updated version will be made available through our usual communication channels, and the revised policy will apply from the date of publication. We encourage you to review this Privacy Policy periodically to stay informed about how we handle personal data.