Privacy Policy - Southall Carpet Cleaners

Effective for all Southall Carpet Cleaners customers in the Southall area. This Privacy Policy explains how Southall Carpet Cleaners collects, uses, stores, shares, and protects personal data when providing carpet cleaning and related services. It applies to all customers, prospective customers, and individuals whose information is processed in connection with our services in the Southall area.

1. Introduction

Southall Carpet Cleaners is committed to protecting personal data and respecting privacy rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We only process personal data where we have a lawful basis to do so, and we use appropriate technical and organisational measures to keep information secure.

This policy explains what information we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights individuals have in relation to their personal data.

2. Data We Collect

We may collect and process the following categories of personal data:

  • Identity data such as your name and, where relevant, business name.
  • Contact data such as address details, phone number, and email address.
  • Service data such as service type requested, property access notes, booking times, and cleaning preferences.
  • Payment data such as payment method, transaction status, and billing records. We do not store full card details where card payments are handled by a secure payment provider.
  • Communication data such as messages, call notes, complaint details, and feedback.
  • Technical data such as basic website or device information if you interact with our digital systems, including IP address, browser type, and usage logs where collected.
  • Photographic or service evidence where before-and-after images are taken for quality control, training, or proof of work, only where appropriate and lawful.

We aim to collect only the data necessary to provide our services effectively and lawfully. We do not intentionally collect special category data unless it is supplied by you and is necessary for a specific lawful purpose.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To manage enquiries, quotes, and bookings.
  • To provide carpet cleaning and related services.
  • To communicate with customers about appointments, service changes, and aftercare.
  • To process payments, refunds, and account administration.
  • To maintain internal records, quality assurance, and service improvement.
  • To handle complaints, disputes, and insurance-related matters.
  • To comply with legal and regulatory obligations.
  • To prevent fraud, misuse, or unlawful activity.

We will not use your personal data for purposes that are incompatible with the reasons it was collected unless we have a valid lawful basis and, where required, your consent.

4. Lawful Basis for Processing

Under UK GDPR, we rely on one or more of the following lawful bases when processing personal data:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes preparing quotes, confirming appointments, carrying out cleaning services, and handling payment or follow-up steps related to a booking.

Legal Obligation

We may process data to comply with legal duties, such as tax records, accounting requirements, consumer protection obligations, or responding to lawful requests from authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests, provided these interests are not overridden by your rights and freedoms. This may include service administration, maintaining secure records, preventing fraud, improving service quality, and dealing with customer queries.

Consent

In limited cases, we may ask for your consent, for example if we wish to use optional marketing communications or certain non-essential photographs. Where consent is relied upon, you can withdraw it at any time.

We carefully assess the lawful basis before processing any personal data and only retain or use data where a valid basis exists.

5. Sharing Data and Processors

We may share personal data with trusted third parties where necessary to provide our services or meet legal obligations. These third parties act as processors or independent controllers depending on the circumstances.

Processors

Processors may include:

  • Payment service providers that securely handle card or online payments.
  • Booking, scheduling, or customer management software providers.
  • IT and cloud storage providers that host secure business systems.
  • Accountants or bookkeeping providers supporting financial record keeping.
  • Communication service providers used for email, messaging, or telephone systems.

Where we use processors, they are required to process personal data only on our instructions, to keep it secure, and to comply with applicable data protection law.

Other disclosures

We may also share personal data with:

  • Insurance providers or claims handlers where necessary.
  • Legal advisers, regulators, or law enforcement where required or permitted by law.
  • Successor businesses or advisers in the event of a business transfer, restructuring, or sale, subject to appropriate safeguards.

We do not sell personal data.

6. Retention of Personal Data

We keep personal data only for as long as necessary for the purpose for which it was collected, including to meet legal, accounting, and reporting requirements. Retention periods depend on the type of information and the reason for processing.

Typical retention approach

  • Customer booking and service records: retained for a reasonable period after the service is completed so we can manage follow-up queries, disputes, or repeat bookings.
  • Financial and tax records: retained in line with legal and accounting obligations.
  • Complaint and dispute records: retained for as long as necessary to resolve the issue and demonstrate proper handling.
  • Marketing consents or preferences: retained until you withdraw consent or opt out, or until no longer needed.

When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you. We review retained data periodically to ensure it is still needed.

7. Security of Personal Data

We use appropriate security measures designed to protect personal data from unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, password protection, and limiting access to staff or contractors who need the information to perform their role.

Although no system can be guaranteed completely secure, we work to maintain a level of protection appropriate to the risks involved.

8. Data Transfers

If personal data is transferred outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations or approved contractual protections, to help keep data protected in accordance with UK GDPR.

9. Your Rights

Individuals have a number of rights regarding their personal data. Subject to certain legal conditions and exceptions, you may have the right to:

  • Access your personal data and request a copy.
  • Rectification of inaccurate or incomplete information.
  • Erasure of personal data in certain circumstances.
  • Restriction of processing in certain circumstances.
  • Object to processing based on legitimate interests or direct marketing.
  • Data portability for data you provided to us in certain situations.
  • Withdraw consent where processing relies on consent.

You also have the right to be informed about how your data is used and, in some cases, to challenge automated decisions if applicable. We do not make decisions solely by automated means that produce legal or similarly significant effects without appropriate safeguards.

10. How to Exercise Your Rights

If you wish to exercise any of your rights, please provide enough information to identify you and describe your request clearly. We may need to verify your identity before responding. We will respond within the time limits required by law, usually within one month, unless the request is complex or numerous.

11. Complaints

If you are concerned about how we process your personal data, you should contact us so that we can review and address the issue. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you believe your data protection rights have been breached.

12. Children’s Data

Our services are intended for adult customers and property holders or authorised representatives. We do not knowingly collect personal data from children except where it is incidental to service delivery and necessary for a lawful purpose. If we become aware that data has been collected unlawfully, we will take appropriate steps to delete or safeguard it.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our practices, or the services we provide. The latest version will apply to all Southall Carpet Cleaners customers in the Southall area from the date it is issued.

By using our services, you acknowledge that you have read and understood this Privacy Policy.

Southall Carpet Cleaners

GDPR-compliant Privacy Policy for Southall Carpet Cleaners covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.