Privacy Policy - Southborough Carpet Cleaners

Privacy Policy

This Privacy Policy explains how Southborough Carpet Cleaners collects, uses, stores, shares, and protects personal data when providing carpet cleaning and related services. It applies to all Southborough Carpet Cleaners customers in area, including individuals and businesses that request quotations, make bookings, receive services, or otherwise interact with us in connection with our work.

We are committed to handling personal data in a lawful, fair, and transparent manner, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We only process personal data where we have a valid legal basis and only for the purposes described in this policy.

1. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity information: name, title, and where relevant, business name.
  • Contact details: postal address, email address, and telephone number.
  • Service information: details about the property, rooms, carpets, upholstery, stains, or cleaning requirements.
  • Booking and transaction data: appointment details, service history, payment status, invoices, and receipts.
  • Communication records: messages, correspondence, complaints, and feedback.
  • Technical information: limited information collected through digital systems, such as device or browser data, if applicable.
  • Special category data: generally, we do not seek to collect sensitive personal data. If such data is voluntarily provided, for example in relation to access needs or health-related cleaning concerns, we will only process it where strictly necessary and with appropriate safeguards.

We collect personal data directly from you where possible. This may occur when you request a quote, make an enquiry, place a booking, complete a service agreement, make payment, or contact us regarding a completed service. In some cases, we may receive information from third parties such as property managers, landlords, letting agents, or household members acting on your behalf.

2. How We Use Personal Data

We use personal data only where it is necessary for legitimate business purposes and permitted by law. Typical uses include:

  • providing carpet cleaning and related services;
  • managing bookings, appointments, and follow-up actions;
  • preparing quotations, invoices, and payment records;
  • communicating with customers about service delivery;
  • handling complaints, disputes, and service queries;
  • maintaining business, legal, and accounting records;
  • improving our services, operational planning, and customer care;
  • meeting legal, tax, insurance, and regulatory obligations.

We do not use personal data for purposes that are incompatible with the original reason it was collected unless we have a lawful basis to do so and have informed you where required.

3. Lawful Basis for Processing

We rely on one or more of the following lawful bases under UK GDPR:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing bookings, delivering services, issuing invoices, and handling related customer communications.

Legal obligation

We may process personal data where necessary to comply with legal obligations, including tax, accounting, recordkeeping, insurance, and any lawful request from authorities.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This may include service administration, responding to enquiries, improving operations, preventing fraud, and retaining basic business records.

Consent

Where required by law, we will rely on your consent. If we request consent, you may withdraw it at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before withdrawal.

Vital interests and public task

These bases are unlikely to apply to most carpet cleaning services, but may be relevant in exceptional circumstances.

4. Data Sharing and Processors

We may share personal data with trusted third parties that help us operate our business. These third parties act as data processors or, in some cases, independent controllers. We require appropriate safeguards and contractual terms where processing is carried out on our behalf.

Examples of processors and service providers may include:

  • IT and cloud service providers that host or store business records;
  • accounting and bookkeeping providers that support financial administration;
  • payment service providers that process transactions;
  • customer communication tools used to manage emails, messages, or scheduling;
  • professional advisers such as insurers, auditors, legal advisers, or tax advisers;
  • subcontractors or operational partners who assist with service delivery where necessary.

We may also disclose personal data where required by law, to respond to lawful requests, to protect our rights, or to prevent fraud or misuse of our services.

We do not sell personal data.

5. International Transfers

If any processor stores or accesses data outside the United Kingdom, we will ensure that appropriate legal safeguards are in place, such as an adequacy regulation, approved standard contractual clauses, or another lawful transfer mechanism recognised under data protection law.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, and to meet legal, accounting, insurance, or reporting obligations. Retention periods depend on the type of information and the context in which it is used.

  • Quotation and enquiry records: retained for a reasonable period to manage follow-up, customer history, and business administration.
  • Service and booking records: retained for the duration needed to provide services and deal with related queries or disputes.
  • Financial records: retained for the period required by tax and accounting law.
  • Complaint or claim-related records: retained as long as needed to resolve the matter and defend legal claims.

When data is no longer needed, we will delete, anonymise, or securely destroy it.

7. Data Security

We take appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, disclosure, alteration, or destruction. These measures may include access controls, secure storage, staff confidentiality obligations, and limited access to customer records on a need-to-know basis.

Although we work hard to protect your data, no system can be guaranteed completely secure. If a personal data breach occurs and it poses a risk to your rights and freedoms, we will take appropriate steps in line with applicable law.

8. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to certain conditions and exemptions.

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete information.
  • Right to erasure: you may request deletion of your personal data in certain circumstances.
  • Right to restriction: you may ask us to limit processing in certain situations.
  • Right to data portability: you may request that certain information be provided in a structured, commonly used format.
  • Right to object: you may object to processing based on legitimate interests or to direct marketing where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

If you wish to exercise any of these rights, we will respond in accordance with legal requirements. We may need to verify your identity before acting on a request.

9. Marketing and Communications

We will only send marketing communications where permitted by law. You may opt out of such communications at any time. Transactional or service-related messages, such as appointment confirmations or important updates, may still be sent where necessary for service delivery.

10. Children’s Data

Our services are intended for adults. We do not knowingly collect children’s personal data except where it is incidentally provided in connection with a household booking or property access arrangement. If we become aware that we have collected data unlawfully, we will take appropriate steps to delete it.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, business practices, or service operations. The most current version will apply to your use of our services from the date it is published or otherwise made available.

12. Complaints

If you have concerns about how we handle personal data, you have the right to raise a complaint with the relevant supervisory authority. You may also contact us directly to seek resolution of any issue. We encourage you to do so first so that we can try to address your concerns promptly and fairly.

13. Summary of Key Points

  • Southborough Carpet Cleaners collects only the personal data needed to provide and administer services.
  • We process data under lawful bases such as contract, legal obligation, legitimate interests, and where needed, consent.
  • We share data only with trusted processors or where required by law.
  • We retain data only for as long as necessary and then delete or anonymise it.
  • You have important rights over your personal data, including access, correction, deletion, and objection.

This Privacy Policy is intended to provide a clear and fair explanation of our data practices. We are committed to protecting your privacy and handling your personal data responsibly.

Southborough Carpet Cleaners

GDPR-compliant privacy policy for Southborough Carpet Cleaners covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.