Privacy Policy - Peckham Carpet Cleaners
This Privacy Policy explains how Peckham Carpet Cleaners collects, uses, stores, shares, and protects personal data when providing services to customers in the Peckham area. It applies to all Peckham Carpet Cleaners customers in area, including prospective customers, current customers, and individuals who enquire about our services. We are committed to handling personal information in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Information We Collect
We only collect personal data that is necessary for delivering our cleaning services, managing enquiries, maintaining records, and meeting legal obligations. The types of information we may collect include:
- Identity details such as your name or the name of your business or household contact.
- Contact details such as your address, email address, and telephone number.
- Service details including property access information, carpet or upholstery cleaning preferences, stain or material details, and appointment notes.
- Billing information such as invoice records, payment status, and transaction references. We do not store unnecessary payment card details where these are handled by secure payment processors.
- Communication records such as messages, quotations, complaints, and service updates.
- Technical data where relevant, such as basic website or device usage information if you contact us digitally, subject to the tools used.
We do not seek to collect special category data unless it is voluntarily provided by you and is genuinely necessary for the service. If such information is shared accidentally, we will handle it carefully and only for the purpose for which it was supplied.
2. How We Use Your Data
We use personal data for the following purposes:
- to respond to enquiries and provide quotations;
- to arrange, deliver, and manage carpet cleaning services;
- to confirm appointments and provide service updates;
- to issue invoices and manage payments;
- to keep internal records of work completed;
- to handle complaints, service issues, and follow-up requests;
- to meet legal, tax, and accounting obligations;
- to improve the quality and efficiency of our services;
- to protect our business, customers, and staff from fraud or misuse.
We will only use your personal data for the purposes set out in this policy or for compatible purposes that would reasonably be expected in the context of our services.
3. Lawful Basis for Processing
Under data protection law, we must have a valid lawful basis before processing your personal data. Depending on the circumstances, we rely on the following lawful bases:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes providing quotes, scheduling work, carrying out cleaning services, and managing billing. Without this information, we may be unable to deliver the service you requested.
Legal Obligation
We may process and retain certain personal data where required to comply with legal or regulatory obligations, including accounting, tax, insurance, and record-keeping requirements.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights and freedoms. This may include maintaining service records, preventing fraud, improving operations, and defending legal claims. We always consider the impact on your privacy before relying on this basis.
Consent
In limited situations, we may rely on your consent, for example where you voluntarily agree to receive certain marketing messages or where special category data is provided and processing requires explicit permission. You may withdraw consent at any time, although this will not affect any processing already carried out lawfully before withdrawal.
4. Sharing and Processors
We do not sell your personal data. However, we may share information with trusted third parties where necessary to operate our business and provide services. These third parties act as processors or independent controllers depending on the service they provide.
Examples of processors may include:
- IT and cloud service providers that support data storage, email, scheduling, or administration systems;
- Payment service providers that process card or online payments securely;
- Accounting and bookkeeping providers that help manage invoices, taxes, and financial records;
- Customer communication tools used to send booking confirmations or service updates;
- Professional advisers such as accountants, insurers, or legal advisers where necessary.
Where we use processors, we ensure that appropriate data processing agreements are in place and that they only act on our instructions, keep your data secure, and process it lawfully. We may also disclose information to public authorities, regulators, or law enforcement where required by law.
5. International Transfers
If any processor or service provider stores or accesses data outside the United Kingdom, we will take appropriate safeguards to protect your information. These safeguards may include UK adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms recognised under data protection law.
6. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods depend on the type of data and the reason it was collected.
- Enquiry records are usually kept for a limited period if no service is booked, so we can manage follow-up questions and maintain business records.
- Customer service records are retained for the duration of our relationship and for a reasonable period afterwards.
- Financial and invoice records are retained for the period required by tax and accounting law.
- Complaint or dispute records may be retained for longer where necessary to establish, exercise, or defend legal claims.
When personal data is no longer required, it is securely deleted, anonymised, or otherwise disposed of in a safe manner. We review retention periodically to ensure data is not kept longer than needed.
7. Security of Your Data
We use reasonable technical and organisational measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and limited access to information on a need-to-know basis.
While no system can be guaranteed completely secure, we take data protection seriously and continually review our safeguards to reduce risk. If a data breach occurs that is likely to result in a risk to your rights and freedoms, we will act in accordance with applicable law.
8. Your Rights
Under data protection law, you have rights over your personal data. These rights may apply depending on the circumstances and any legal exemptions available to us. Your rights include:
- Right of access - you may request a copy of the personal data we hold about you.
- Right to rectification - you may ask us to correct inaccurate or incomplete information.
- Right to erasure - you may ask us to delete your data in certain circumstances.
- Right to restriction - you may request that we limit how we use your data in certain situations.
- Right to object - you may object to processing based on legitimate interests or direct marketing.
- Right to data portability - you may request transfer of certain data to you or another controller, where applicable.
- Right to withdraw consent - where processing is based on consent, you may withdraw it at any time.
If you exercise any of these rights, we may need to verify your identity before responding. We will respond within the timescales required by law unless a valid extension applies.
9. Children’s Data
Our services are aimed at adults and business customers. We do not knowingly collect personal data from children unless it is incidentally provided as part of a service booking or household arrangement. If we become aware that we have collected data from a child without appropriate justification, we will take steps to delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data handling practices. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their data is used.
11. Our Commitment
At Peckham Carpet Cleaners, we respect your privacy and aim to process personal information in a fair, lawful, and transparent way. We collect only what we need, retain it only as long as necessary, and share it only where there is a valid reason to do so. By using our services, you acknowledge that your information will be handled in line with this Privacy Policy and applicable data protection law.