Privacy Policy - Kennington Carpet Cleaners
Kennington Carpet Cleaners is committed to protecting the privacy and personal data of all customers in our area. This Privacy Policy explains how we collect, use, store, share, and protect personal information when we provide carpet cleaning and related services. It applies to all Kennington Carpet Cleaners customers in the area, including individuals who contact us, request a quote, book a service, or use any of our cleaning services.
We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is intended to help you understand what information we collect, why we collect it, and what rights you have over your data.
1. Information We Collect
We collect only the personal data that is necessary to provide our services, manage our business, and comply with legal obligations. The type of information we may collect includes:
- Identity details such as your name.
- Contact details such as your address, email address, and phone number.
- Service details such as information about the cleaning services requested, property access notes, preferred appointment times, and service history.
- Billing and payment information such as invoice details, transaction references, and payment status.
- Communication records such as emails, messages, feedback, complaints, or notes from phone calls.
- Technical data such as basic website or device information if you contact us through digital channels, where applicable.
We generally do not seek to collect special category data. However, if you voluntarily provide information that may reveal health conditions, access needs, or other sensitive details, we will only use it where necessary and with appropriate care.
2. How We Use Your Personal Data
We use personal data for the following purposes:
- To provide quotes, schedule appointments, and deliver carpet cleaning services.
- To manage customer accounts, bookings, and service records.
- To communicate with you about your appointment, service updates, or invoice matters.
- To handle complaints, queries, and after-service support.
- To improve our services, customer experience, and operational efficiency.
- To meet legal, tax, accounting, and insurance obligations.
- To prevent fraud, misuse, or other unlawful activity.
We only use your personal data where we have a valid lawful basis to do so. We do not use personal data for purposes that are incompatible with the reasons it was collected unless we have a lawful basis to do so and you would reasonably expect such use.
3. Lawful Basis for Processing
Under the UK GDPR, we must identify a lawful basis for processing your personal data. Depending on the situation, we rely on one or more of the following:
Contract
We process your personal data when it is necessary to enter into or perform a contract with you. This includes preparing quotes, confirming bookings, providing cleaning services, issuing invoices, and dealing with service-related communication.
Legitimate Interests
We may process your data where it is necessary for our legitimate business interests, provided your rights and interests do not override those interests. This may include record-keeping, customer service, service quality improvement, fraud prevention, and business administration. We always consider the impact on your privacy before relying on this basis.
Legal Obligation
We may need to process and retain certain information to comply with legal obligations, such as tax, accounting, employment, insurance, or regulatory requirements.
Consent
Where required, we will ask for your consent before processing certain data. For example, if we ever use optional marketing communications or collect particularly sensitive information outside the normal service process, we will only proceed if you have given clear permission. You may withdraw consent at any time where consent is the basis of processing.
4. Data Sharing and Processors
We do not sell your personal data. However, we may share it with trusted third parties where necessary to run our business and provide our services. These third parties may act as data processors or independent controllers depending on the service they provide.
Examples of processors or service providers may include:
- Payment processors that handle card or bank transactions securely.
- IT and cloud service providers that store customer records, emails, or scheduling information.
- Accounting or bookkeeping providers that help manage invoicing and financial records.
- Customer communication providers that help us send appointment confirmations or respond to enquiries.
- Professional advisers such as insurers, lawyers, or auditors where necessary.
We only share personal data with processors that provide adequate safeguards and act under written agreements requiring them to protect your data, use it only for specified purposes, and process it in accordance with applicable data protection law.
In limited circumstances, we may also disclose information where required by law, to comply with a legal request, or to protect our rights, property, staff, customers, or the public.
5. Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, and reporting requirements. Retention periods may vary depending on the nature of the data and the reason it is held.
As a general approach:
- Customer service records may be kept for the duration of the relationship and for a reasonable period afterwards.
- Invoice and payment records are usually retained for the period required by tax and accounting law.
- Communication records may be held for a period necessary to resolve disputes, manage complaints, or maintain business records.
- Consent-based records are kept until consent is withdrawn or the data is no longer needed.
When personal data is no longer required, it is securely deleted, anonymised, or destroyed.
6. Data Security
We take appropriate technical and organisational measures to protect personal data from accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures may include access controls, password protection, secure storage, staff confidentiality obligations, and limited access to personal information on a need-to-know basis.
While we take data security seriously, no system can be guaranteed to be completely secure. If a data breach occurs and it is likely to result in a risk to your rights and freedoms, we will take appropriate action in line with legal requirements.
7. Your Rights
As a data subject under UK GDPR, you have several rights regarding your personal data. These include:
- The right of access – to request a copy of the personal data we hold about you.
- The right to rectification – to ask us to correct inaccurate or incomplete data.
- The right to erasure – to request deletion of your data in certain circumstances.
- The right to restrict processing – to ask us to limit how we use your data in certain situations.
- The right to object – to object to processing based on legitimate interests or direct marketing.
- The right to data portability – to receive certain data in a structured, commonly used format where applicable.
- The right to withdraw consent – where processing is based on consent.
You also have the right to lodge a complaint with the relevant supervisory authority if you believe your data protection rights have been infringed. We encourage you to raise any concerns with us first so we can try to resolve them promptly and fairly.
8. Children’s Data
Our services are not directed to children, and we do not knowingly collect personal data from children except where it is provided by a parent, guardian, or another authorised adult as part of a service arrangement. If we become aware that we have collected data inappropriately, we will take steps to remove it where required.
9. International Transfers
Where personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place to protect it. This may include using countries with adequate data protection standards or implementing contractual protections approved under applicable law.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in the law, our services, or our data practices. Any updated version will apply from the date it is published. We encourage customers to review this policy periodically so they remain informed about how their information is used.
11. Summary of Our Commitment
Kennington Carpet Cleaners will always aim to handle personal data lawfully, fairly, and transparently. We collect only what we need, keep it for only as long as necessary, and share it only with trusted processors or where required by law. We respect your privacy and are committed to safeguarding the data of all customers in the area.
This Privacy Policy is intended to provide a clear explanation of how personal information is handled in the course of our services.