Privacy Policy - Northumberland Heath Carpet Cleaners
This Privacy Policy explains how Northumberland Heath Carpet Cleaners collects, uses, stores, shares, and protects personal data when providing carpet cleaning and related services. It applies to all Northumberland Heath Carpet Cleaners customers in the area, including prospective customers, current customers, and anyone who contacts us about our services. We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Northumberland Heath Carpet Cleaners is a local service provider offering carpet cleaning and related domestic and commercial cleaning services. In the context of data protection law, we act as the data controller for the personal data we collect and use about our customers and website or enquiry users where applicable. This means we decide how and why your personal data is processed, and we are responsible for ensuring that such processing is lawful and secure.
2. Personal Data We Collect
We only collect personal data that is necessary for providing our services, managing customer relationships, maintaining records, and meeting legal or business obligations. The categories of personal data we may collect include:
- Identity information such as your name and title.
- Contact information such as address, email address, and telephone number.
- Service information including details about the cleaning services requested, property access notes, and service preferences.
- Payment and billing information such as transaction details, invoicing records, and proof of payment.
- Communication records such as emails, messages, call notes, and complaints or feedback.
- Technical information where relevant, such as basic device or browser data if you interact with our digital systems.
- Special categories of personal data only where strictly necessary and with appropriate safeguards, for example if you voluntarily provide information that reveals health or access needs relevant to service delivery.
We do not intentionally collect more data than we need. We also do not seek unnecessary personal details that are unrelated to cleaning services or business administration.
3. How We Use Your Data
We use personal data for the following purposes:
- To respond to enquiries and provide quotations.
- To schedule, deliver, and manage carpet cleaning services.
- To issue invoices, process payments, and maintain financial records.
- To communicate with you about bookings, service updates, or changes.
- To keep internal records of work completed and customer preferences.
- To resolve complaints, disputes, or service issues.
- To comply with legal and tax obligations.
- To improve our services and manage business operations.
We process data only for specified, explicit, and legitimate purposes. We do not use your data in ways that are incompatible with those purposes.
4. Lawful Basis for Processing
Under GDPR, every use of personal data must have a lawful basis. Northumberland Heath Carpet Cleaners relies on one or more of the following lawful bases:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes providing quotations, confirming bookings, carrying out carpet cleaning services, and handling payments.
Legal Obligation
We may process personal data when required to meet legal obligations, including accounting, tax, record-keeping, and compliance with lawful requests from authorities.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Examples include managing our customer records, improving service quality, preventing fraud, and handling business correspondence.
Consent
In limited cases, we may rely on your consent, particularly where the law requires it or where we process optional information. Where consent is used, it will be freely given, specific, informed, and unambiguous. You may withdraw consent at any time.
5. Data Sharing and Processors
We may share personal data with trusted third parties, known as processors, only where necessary for the purposes described in this policy. These processors act on our instructions and are required to protect your data.
Examples of processors and service providers may include:
- Payment processors for handling card or electronic payments.
- Accounting or bookkeeping providers for financial administration and tax compliance.
- IT and cloud storage providers for secure data hosting, email, and record management.
- Customer communication tools used to manage messages, appointments, or service updates.
- Professional advisers such as accountants or legal advisers where necessary.
We may also disclose personal data where required by law, to enforce our rights, or to protect the rights, property, or safety of our business, customers, or others. We do not sell your personal data.
6. International Transfers
Where any processor stores or accesses personal data outside the UK, we ensure that appropriate safeguards are in place. These safeguards may include adequacy regulations, standard contractual clauses, or other lawful mechanisms designed to protect your data to a standard equivalent to UK GDPR requirements.
7. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods may vary depending on the type of record and the reason for processing.
- Customer and service records may be retained for the duration of the customer relationship and for a reasonable period afterwards.
- Financial and tax records are generally retained for the period required by law.
- Communication records may be retained to support service history, dispute resolution, or business administration.
When data is no longer needed, it is securely deleted, anonymised, or destroyed. We apply retention controls to avoid keeping personal data for longer than necessary.
8. Data Security
We use appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, staff awareness, and careful selection of processors. Although no system can be guaranteed completely secure, we take data protection seriously and review our safeguards as appropriate.
9. Your Rights
As a data subject under GDPR, you have important rights in relation to your personal data. Subject to legal exceptions, these rights include:
- The right of access – to request a copy of the personal data we hold about you.
- The right to rectification – to ask us to correct inaccurate or incomplete information.
- The right to erasure – to request deletion of your data in certain circumstances.
- The right to restrict processing – to ask us to limit how your data is used in certain situations.
- The right to object – to object to processing based on legitimate interests or direct marketing.
- The right to data portability – to receive certain data in a structured, commonly used format.
- The right to withdraw consent – where processing is based on consent, you may withdraw it at any time.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you are unhappy with how your data is handled. We encourage you to raise any concerns with us first so we can try to resolve them promptly and fairly.
10. Children’s Data
Our services are generally intended for adults. We do not knowingly collect personal data from children except where it is necessary and lawful in the context of providing services to a household or property. If we become aware that we have collected data improperly, we will take steps to delete it or process it in accordance with the law.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in the law, our services, or how we process personal data. Any updates will take effect when published in the revised version. We recommend reviewing this policy periodically so you remain informed about how your information is used.
12. Summary of Our Commitment
At Northumberland Heath Carpet Cleaners, we are committed to using your personal data responsibly, transparently, and lawfully. We only collect data that is needed to provide our services, we use appropriate lawful bases for processing, we share data only with trusted processors where necessary, and we keep data only for as long as required. We respect your rights and aim to make data protection simple, clear, and fair for every customer in the Northumberland Heath area.