Woolwich Carpet Cleaners Privacy Policy

This Privacy Policy explains how Woolwich Carpet Cleaners collects, uses, stores, and protects personal data relating to our customers and prospective customers in our service area. We are committed to complying with the UK General Data Protection Regulation UK GDPR and all applicable data protection laws. By using our services, you acknowledge that you have read and understood this Privacy Policy.

Scope of this Privacy Policy

This Privacy Policy applies to all customers, prospective customers, and website visitors of Woolwich Carpet Cleaners located in our service area. It covers personal data collected in person, by telephone, via online forms, and through any other method through which you interact with us in relation to carpet cleaning or related services.

Data Controller

Woolwich Carpet Cleaners acts as the data controller for the personal data described in this Privacy Policy. As data controller, we determine the purposes and means of processing your personal data in accordance with the UK GDPR.

Personal Data We Collect

We may collect and process the following categories of personal data when you interact with us or use our services:

Identification and contact details, such as your name, billing address, service address, and any other contact details you choose to provide to us.

Booking and service information, such as preferred dates and times for appointments, details about the property or items to be cleaned, access instructions, and any special requirements you communicate to us.

Communication data, such as the content of your enquiries, feedback, or complaints, and records of our correspondence with you.

Payment related information, such as the amount charged and payment status. We do not store full payment card details, but we may keep limited transaction details required for accounting and legal purposes.

Technical and usage information, such as basic information about how you use our website or online services, including pages visited and the time and date of visits. This may involve the use of cookies or similar technologies where legally permitted.

Lawful Bases for Processing

We process your personal data only when we have a lawful basis under the UK GDPR. Depending on the specific processing activity, one or more of the following lawful bases may apply:

Contractual necessity. We process your data where it is necessary to enter into or perform a contract with you, for example to arrange and deliver carpet cleaning services, provide quotations, and manage your bookings.

Legitimate interests. We may process your data where it is necessary for our legitimate business interests and where your interests and fundamental rights do not override those interests. Examples include improving our services, managing our business operations, and protecting our rights and property.

Legal obligation. We process certain data to comply with legal and regulatory requirements, such as tax, accounting, and record keeping obligations.

Consent. In limited circumstances, we may rely on your explicit consent, for example for certain types of marketing communications where consent is required. You can withdraw your consent at any time.

How We Use Your Personal Data

We use your personal data for the following purposes:

To provide and manage carpet cleaning and related services, including quotations, bookings, confirmations, rescheduling, and on site service delivery.

To communicate with you about your enquiries, bookings, payments, and aftercare, including responding to questions and handling complaints.

To manage our business operations, including accounting, invoicing, reporting, staff and contractor coordination, and internal record keeping.

To improve our services and customer experience, for example by analysing feedback and service outcomes.

To send you information about our services, promotions, or updates where we are permitted to do so by law, including where you have consented or where we have a legitimate interest, and where you have not opted out.

To comply with legal and regulatory requirements, resolve disputes, and enforce our contractual terms.

Data Sharing and Processors

We may share your personal data with carefully selected third parties where necessary for the purposes described above and where this is permitted under the UK GDPR.

Service providers acting as data processors may process data on our behalf, for example providers of booking or scheduling tools, payment processing services, accounting or invoicing systems, cloud storage, and IT support. These processors are only permitted to process your data in accordance with our instructions and must implement appropriate security measures.

Professional advisers, such as accountants, legal advisers, or insurers, may receive limited personal data where necessary to provide their services to us and where legally permitted.

Public authorities or law enforcement bodies may receive your data where we are required or permitted to share it in order to comply with legal obligations or to protect our rights or the rights of others.

We do not sell your personal data to third parties.

International Data Transfers

Where we use service providers located outside the United Kingdom or where data is stored on servers in other countries, we take appropriate steps to ensure that your personal data remains protected. This may include using countries that have been recognised as providing an adequate level of data protection or implementing standard contractual clauses or equivalent safeguards as required by data protection laws.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, and to meet legal, accounting, or reporting requirements.

In general, we may retain customer records, including contact details, booking information, and invoices, for a period aligned with statutory limitation periods and tax regulations. Correspondence and service notes may be kept for a similar period where needed to respond to queries, resolve disputes, or demonstrate service history.

When personal data is no longer required, we will delete it or anonymise it so that it can no longer be linked to an identifiable individual.

Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. These measures may include access controls, secure storage, staff training, and the use of reputable service providers who are required to maintain appropriate security.

While we strive to protect your personal data, no method of transmission or storage is completely secure. You should take care when providing personal data and notify us promptly if you become aware of any actual or suspected unauthorised use of your data in connection with our services.

Your Rights Under the UK GDPR

Under the UK GDPR, you have a number of rights in relation to your personal data. Subject to certain conditions and exemptions, these include:

Right of access. You can request confirmation as to whether we hold personal data about you and, if so, request a copy of that data.

Right to rectification. You can ask us to correct or complete any inaccurate or incomplete personal data we hold about you.

Right to erasure. In certain circumstances, you can request that we delete your personal data, for example where it is no longer necessary for the purposes for which it was collected and we have no legal obligation to retain it.

Right to restriction of processing. You can ask us to restrict our use of your personal data in specific situations, for example while we consider a correction request.

Right to data portability. Where processing is based on consent or contract and carried out by automated means, you may request a copy of your data in a commonly used, machine readable format, or request that we transmit it to another controller where technically feasible.

Right to object. You can object to processing of your personal data where we rely on legitimate interests, including profiling based on those interests. You also have an absolute right to object at any time to the use of your personal data for direct marketing.

Right to withdraw consent. Where we rely on your consent to process personal data, you can withdraw that consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

Exercising Your Rights and Complaints

If you wish to exercise any of your rights or have questions about how we handle your personal data, you can contact us using the contact details provided on our website or in our service documentation. We may need to verify your identity before responding to your request.

You also have the right to lodge a complaint with the UK data protection supervisory authority if you are unhappy with how we handle your personal data. We encourage you to contact us first so that we can seek to resolve any concerns.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. Any updated version will be made available through our usual communication channels. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.