Privacy Policy - Brent Carpet Cleaners
This Privacy Policy explains how Brent Carpet Cleaners collects, uses, stores, shares, and protects personal data when providing carpet cleaning and related services. It applies to all Brent Carpet Cleaners customers in the area, including residential and commercial clients, prospective customers, and people who contact us for a quote, booking, or service enquiry. We are committed to handling personal information in a lawful, fair, transparent, and secure manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Brent Carpet Cleaners is the data controller for the personal data described in this policy. This means we decide why and how personal data is processed in connection with our services. We only process personal data for specified purposes and only when we have a valid lawful basis to do so.
2. Personal Data We Collect
We collect only the information needed to provide and manage our services, operate our business, and meet legal obligations. Depending on your interaction with us, we may collect the following categories of personal data:
- Identity information such as name and title.
- Contact details such as address, email address, and telephone number.
- Booking and service information such as service type, property access details, preferred appointment times, and cleaning instructions.
- Payment-related information such as payment confirmation or invoice details. We do not store full card details where payment is processed by a third-party payment provider.
- Communication records including enquiries, complaints, feedback, and messages exchanged with our team.
- Technical information that may be collected if you interact with our digital systems, such as device type or basic usage data.
- Special category data only where you voluntarily provide it and only if it is necessary, for example, access needs or health-related information relevant to safe service delivery. Where this occurs, we apply additional safeguards.
3. How We Use Personal Data
We use personal data for legitimate business and service purposes, including:
- responding to enquiries and providing quotations;
- arranging, confirming, and delivering cleaning services;
- managing invoices, payments, and accounting records;
- handling customer service issues, complaints, or follow-up requests;
- maintaining our business records and service history;
- improving our services, training staff, and monitoring quality;
- meeting legal, regulatory, tax, and insurance requirements; and
- protecting our business, staff, customers, and property from fraud or misuse.
We do not sell personal data. We only share it when necessary for service delivery, legal compliance, or business operations as described in this policy.
4. Lawful Basis for Processing
Under data protection law, we must have a lawful basis to process personal data. Brent Carpet Cleaners relies on the following lawful bases, depending on the situation:
4.1 Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes handling bookings, delivering cleaning services, issuing invoices, and managing customer requests related to the service.
4.2 Legal Obligation
We may process personal data where required to comply with legal obligations, such as tax record keeping, accounting requirements, fraud prevention, health and safety duties, and lawful requests from authorities.
4.3 Legitimate Interests
We may process personal data where it is necessary for our legitimate business interests, provided these interests are not overridden by your rights and freedoms. This may include managing our operations, improving services, preventing misuse, and maintaining internal records. When relying on legitimate interests, we assess the impact on your privacy.
4.4 Consent
In limited situations, we may rely on your consent, especially for certain optional communications or if you provide special category information that is not otherwise required. Where consent is used, you can withdraw it at any time.
5. Sharing and Processors
We may share personal data with trusted third parties who act as processors or independent controllers. Processors only act on our instructions and are required to keep data secure and use it only for authorised purposes.
Examples of processors and recipients may include:
- Payment processors that handle card or electronic payments securely.
- Accounting and invoicing providers used for bookkeeping, tax, and financial administration.
- Scheduling or customer management systems that help manage bookings and service records.
- IT and cloud service providers that store or support business data securely.
- Professional advisers such as accountants, insurers, or legal advisers where needed.
- Regulators, law enforcement, or public authorities where disclosure is required by law.
We ensure appropriate data processing agreements are in place with processors, and we only transfer data where necessary and proportionate.
6. International Transfers
Where any third-party provider stores or processes data outside the UK, we take steps to ensure appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms designed to protect your personal data.
7. Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, or reporting requirements. Retention periods vary depending on the type of information and why it is held.
- Customer booking and service records are usually retained for a period needed to manage service history and resolve disputes.
- Financial and tax records are kept for the period required by law.
- Communication records may be retained for a reasonable time to support customer service and business administration.
- Data collected on the basis of consent is kept until consent is withdrawn or the data is no longer needed.
When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.
8. Data Security
We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and limited access to personal data on a need-to-know basis. While no system can be guaranteed completely secure, we work to keep data protected and to reduce privacy risks.
9. Your Rights
Under data protection law, you have several rights regarding your personal data. These rights may be limited in some circumstances, but we will always explain if a request cannot be fully met.
- Right of access – you can request a copy of the personal data we hold about you.
- Right to rectification – you can ask us to correct inaccurate or incomplete data.
- Right to erasure – you can request deletion of your data in certain situations.
- Right to restrict processing – you can ask us to limit how your data is used in some cases.
- Right to object – you can object to processing based on legitimate interests or direct marketing.
- Right to data portability – you can request that certain data be provided in a reusable format where applicable.
- Right to withdraw consent – where we rely on consent, you may withdraw it at any time.
If you exercise any of these rights, we may need to verify your identity before responding. This helps protect your data from unauthorised disclosure.
10. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children except where necessary in relation to a service booking or where supplied by an adult customer. If we become aware that we have collected data from a child inappropriately, we will take steps to remove it.
11. Automated Decision-Making
We do not use automated decision-making or profiling in a way that produces legal or similarly significant effects on individuals. Any decisions about services are made by our staff using relevant service information and professional judgement.
12. Complaints and Concerns
If you are concerned about how your personal data is handled, you have the right to raise a complaint with the relevant supervisory authority. We encourage you to contact us first so we can try to resolve the issue promptly and fairly. We take privacy concerns seriously and will investigate them carefully.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. The most recent version will apply to all customers in the area. We recommend reviewing this policy periodically to stay informed about how we protect your personal data.
14. Summary
Brent Carpet Cleaners processes personal data only when necessary and only on a lawful basis. We collect limited information to provide services, manage bookings, handle payments, meet legal duties, and improve our operations. We share data only with trusted processors and other parties where necessary, keep it only for as long as required, and respect your rights under data protection law. Our aim is to handle every customer’s information responsibly, securely, and transparently.