Privacy Policy - Highbury Carpet Cleaners
Highbury Carpet Cleaners is committed to protecting the privacy and personal data of all customers in area who use our services. This Privacy Policy explains how we collect, use, store, share, and protect personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all Highbury Carpet Cleaners customers in area, including individuals who request quotations, book services, receive cleaning treatments, or communicate with us in relation to our services.
1. Who We Are
Highbury Carpet Cleaners provides professional carpet cleaning and related cleaning services to domestic and commercial customers. For the purposes of data protection law, we are the data controller of the personal information we collect and process about our customers in area. This means we decide how and why your personal data is used.
2. Information We Collect
We collect only the information necessary to provide our services properly, manage our business, and meet legal and contractual obligations. The categories of personal data we may collect include:
- Identity information such as your name and, where relevant, the name of your business or household contact.
- Contact information such as your address, telephone number, and email address.
- Service details such as the type of cleaning requested, property access notes, appointment preferences, and service history.
- Payment information such as payment method, transaction references, and billing records. We do not store full card details where a third-party payment provider handles payment processing.
- Communication records including emails, messages, call notes, complaints, feedback, and any correspondence related to our services.
- Technical information where applicable, such as limited website or device data if you contact us through digital channels. This may include IP-related or browser information used for security and operational purposes.
We do not intentionally collect special category data unless it is provided voluntarily and is necessary for a specific request, for example where it may affect cleaning methods, safety, or access arrangements. If such information is supplied, it will be handled with additional care and only where lawful to do so.
3. How We Use Your Data
We use personal data for the following purposes:
- To provide quotes and manage bookings.
- To carry out carpet cleaning and related services.
- To communicate with you before, during, and after service delivery.
- To process payments, refunds, and invoice records.
- To maintain service quality, customer records, and business administration.
- To handle complaints, disputes, and follow-up requests.
- To meet legal, accounting, and regulatory obligations.
- To improve our services and ensure safe and efficient operations.
We will only use your personal data for the purposes for which it was collected unless we reasonably believe we need to use it for a compatible purpose or another purpose permitted by law.
4. Lawful Basis for Processing
Under GDPR, we must have a lawful basis to process personal data. Highbury Carpet Cleaners relies on the following lawful bases where appropriate:
a) Contract
We process your personal data when it is necessary to enter into or perform a contract with you. This includes providing quotations at your request, confirming bookings, carrying out cleaning services, and managing related customer administration.
b) Legal Obligation
We may process and retain certain data to comply with legal requirements, including tax, accounting, record-keeping, consumer protection, and regulatory obligations.
c) Legitimate Interests
We may process personal data where it is in our legitimate interests to do so and where those interests are not overridden by your rights and freedoms. This may include managing customer relations, improving service delivery, maintaining business records, preventing fraud, and ensuring the security of our operations.
d) Consent
In limited cases, we may rely on your consent, for example where you voluntarily agree to receive certain non-essential communications. Where consent is used, you may withdraw it at any time.
We will never use your data in a way that is unfair, unexpected, or unnecessarily intrusive.
5. Data Sharing and Processors
We may share personal data with trusted third parties only when necessary and only to the extent required for the operation of our business and the delivery of our services. These third parties may act as processors on our behalf. Processors may include:
- Payment service providers that securely handle transactions.
- Accounting or bookkeeping providers that assist with financial records.
- IT, cloud storage, and communication service providers that support our business systems.
- Scheduling or customer management tools used to organise appointments and service records.
- Professional advisers, such as accountants or legal advisers, where necessary.
All processors are required to handle personal data securely, only on our instructions, and in compliance with applicable data protection law. We do not sell your personal data.
We may also disclose data where required by law, by a court order, or to protect our rights, property, staff, customers, or the public.
6. International Transfers
Where any processor stores or accesses data outside the UK, we will ensure appropriate safeguards are in place so that your personal data remains protected to the standard required by law. These safeguards may include UK adequacy regulations, standard contractual clauses, or equivalent legal protections.
7. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, or reporting obligations. The retention period depends on the type of data and the reason it was collected.
- Customer service and booking records are generally retained for a period that supports service administration and customer support.
- Financial and invoicing records are retained for the period required by tax and accounting law.
- Communication records may be retained while they remain relevant to service history, dispute resolution, or legal defence.
When personal data is no longer needed, it will be securely deleted, anonymised, or otherwise disposed of in a safe manner. Retention is limited to what is necessary, and we review records periodically to ensure they are not kept longer than required.
8. Data Security
We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and limited access to information on a need-to-know basis.
Although no system can be guaranteed to be completely secure, we work to maintain a high standard of data protection and continually assess our procedures to keep information safe.
9. Your Rights
As a data subject under GDPR, you have a number of rights in relation to your personal data. These include:
- The right of access – to request a copy of the personal data we hold about you.
- The right to rectification – to ask us to correct inaccurate or incomplete information.
- The right to erasure – to request deletion of your personal data in certain circumstances.
- The right to restrict processing – to limit how we use your data in certain situations.
- The right to data portability – to receive certain data in a structured, commonly used format where applicable.
- The right to object – to object to processing based on legitimate interests or direct marketing.
- The right to withdraw consent – where processing is based on consent, you may withdraw it at any time.
These rights are not absolute, and in some cases we may be entitled or required to continue processing your data despite a request. If this happens, we will explain our reasons clearly.
You also have the right to raise a concern with the relevant data protection authority if you believe your data protection rights have been infringed.
10. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children except where it is necessary in connection with a household booking or service arrangement made by an adult customer. If we become aware that we have collected data from a child without appropriate authority, we will take steps to delete it where required.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, business practices, or service arrangements. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers in area to review this policy periodically so they remain informed about how their information is handled.
12. Contacting Us About Privacy
If you wish to exercise your rights, raise a concern, or ask a question about this Privacy Policy, you may contact us through the usual customer service channels used for our business. We will respond to privacy matters in a reasonable timeframe and in accordance with applicable law.
Summary of our commitment: Highbury Carpet Cleaners processes personal data lawfully, fairly, and transparently, uses it only for legitimate business purposes, shares it only with trusted processors when necessary, keeps it only as long as needed, and respects your rights under GDPR.