Privacy Policy - Cleaners Brompton
This Privacy Policy explains how Cleaners Brompton collects, uses, stores, shares, and protects personal data. It applies to all Cleaners Brompton customers in the area, including current, former, and prospective customers who enquire about, book, or receive cleaning services. We are committed to handling personal data in a lawful, fair, and transparent way and to respecting your privacy rights under the UK GDPR and the Data Protection Act 2018.
1. Who we are
For the purposes of data protection law, Cleaners Brompton acts as the data controller in relation to the personal data we collect for the provision of our cleaning services, customer support, administration, and related business activities. This means we determine why and how your personal data is processed.
This policy applies where we decide how your information is used, including when you request a quote, make a booking, receive a service, communicate with us, or otherwise interact with our business.
2. Personal data we collect
We only collect personal data that is relevant and necessary for the services we provide. The categories of data may include:
- Identity details such as your name and title.
- Contact details such as telephone number, email address, and service address.
- Booking information such as service type, preferred dates and times, access instructions, and cleaning preferences.
- Payment and billing information such as payment records, invoices, and transaction references.
- Communication records including emails, messages, complaints, feedback, and notes relating to your service.
- Service history including past bookings, frequency of services, and customer preferences.
- Technical information where applicable, such as basic device or browsing data collected through website forms or analytics tools.
We do not intentionally collect special category data unless it is strictly necessary and you choose to provide it, for example where it is relevant to a health or access requirement for service delivery. Where special category data is processed, we apply additional safeguards.
3. How we collect your data
We may collect personal data directly from you when you:
- submit an enquiry or request a quotation;
- make or amend a booking;
- communicate with us by phone, email, or message;
- provide instructions, preferences, or feedback;
- make a payment or request an invoice;
- respond to a complaint or service follow-up.
We may also receive information from third parties where necessary to provide our services, such as payment processors, booking platforms, or referral partners, but only where this is lawful and appropriate.
4. Lawful basis for processing
We process personal data only when we have a valid legal basis to do so. Depending on the specific activity, our lawful bases may include:
Contract
We process your personal data when it is necessary to enter into or perform a contract with you, such as arranging and delivering cleaning services, managing bookings, and handling payments.
Legal obligation
We may process certain information where needed to comply with legal obligations, including accounting, tax, record-keeping, and regulatory requirements.
Legitimate interests
We may use personal data where it is necessary for our legitimate business interests and those interests are not overridden by your rights and freedoms. This can include service administration, improving operations, preventing fraud, maintaining business records, and responding to customer queries or complaints.
Consent
In limited cases, we rely on your consent, for example where you agree to receive certain types of marketing communications or where special category data is provided voluntarily and processing requires consent. You may withdraw consent at any time if it is the basis for processing.
5. How we use your information
We use your personal data for the following purposes:
- to provide cleaning services and manage customer relationships;
- to confirm bookings, changes, and cancellations;
- to communicate with you about your service;
- to process payments and issue invoices;
- to maintain internal records and business accounts;
- to handle complaints, disputes, and service quality matters;
- to improve our services, operations, and customer experience;
- to comply with legal and regulatory obligations;
- to protect our business, staff, and customers from misuse or fraud.
We will not use your data in ways that are incompatible with the purposes described in this policy unless we have a lawful basis to do so.
6. Data retention
We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, or reporting requirements. Retention periods depend on the type of data and the purpose of processing.
In general:
- Customer and service records are retained for the period needed to manage the relationship and resolve disputes.
- Financial and tax records are kept for the time required by law and standard accounting practices.
- Communication records are retained for a reasonable period to support customer service, complaint handling, and operational review.
- Marketing preferences are retained until you change your preference or withdraw consent, where consent applies.
When data is no longer needed, we will securely delete, anonymise, or archive it in line with our retention procedures.
7. Processors and third parties
We may share personal data with carefully selected processors and service providers who help us operate our business. These third parties only process data on our instructions and must protect it in accordance with applicable data protection law.
Examples of processors may include:
- payment processing providers;
- booking and scheduling systems;
- email, messaging, and customer communication tools;
- cloud storage and IT support providers;
- accounting, invoicing, or bookkeeping systems;
- customer review or feedback platforms.
We may also disclose personal data to professional advisers, insurers, legal authorities, or public bodies where required by law, where necessary to establish or defend legal claims, or where disclosure is otherwise lawful and proportionate.
We do not sell your personal data.
8. International transfers
Where any processor or service provider stores or accesses data outside the UK, we ensure appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms designed to protect your information to the required standard.
9. Data security
We use appropriate technical and organisational measures to safeguard personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures may include access controls, secure storage, staff confidentiality obligations, and limited data sharing on a need-to-know basis.
While we take data security seriously, no system can be guaranteed to be completely secure. If a personal data breach occurs and we are legally required to do so, we will notify you and the relevant authorities without undue delay.
10. Your rights
Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to conditions and exceptions, but we will always consider your request carefully.
Right of access
You can request a copy of the personal data we hold about you and information about how we use it.
Right to rectification
You can ask us to correct inaccurate or incomplete personal data.
Right to erasure
In certain circumstances, you can request that we delete your personal data.
Right to restrict processing
You can ask us to limit how we use your data in specific situations.
Right to object
You can object to processing based on legitimate interests or to direct marketing, where applicable.
Right to data portability
Where processing is based on consent or contract and carried out by automated means, you may have the right to receive your data in a structured, commonly used format and to request transfer to another controller.
Right to withdraw consent
Where we rely on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
To exercise any of these rights, you may make a request using the details made available through our normal business channels. We may need to verify your identity before responding.
11. Children’s data
Our services are intended for adults. We do not knowingly collect personal data from children unless it is necessary in connection with a service request made by an adult customer and is appropriate for that purpose. If we become aware that we have collected data in error, we will take appropriate steps to delete it.
12. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage you to review this policy periodically to stay informed about how we protect your personal data.
13. How complaints are handled
If you have concerns about how your personal data has been handled, you should raise them through our normal customer service process so we can review and address the issue. You also have the right to complain to the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.
Cleaners Brompton is committed to processing personal data responsibly, securely, and lawfully. We respect the confidentiality of customer information and aim to ensure that all personal data relating to customers in the area is handled in a way that is proportionate, transparent, and consistent with applicable privacy law.