Privacy Policy - Cleaners Knightsbridge
This Privacy Policy explains how Cleaners Knightsbridge collects, uses, stores, shares, and protects personal data. It applies to all Cleaners Knightsbridge customers in the area, including current, former, and prospective customers, as well as individuals who enquire about our services, receive quotations, or interact with us in connection with cleaning services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
By using our services or providing personal data to us, you acknowledge that your information may be processed as described in this policy. We only collect and use personal data where we have a valid legal basis and where it is necessary for legitimate business and service purposes.
1. Information We Collect
We may collect and process different types of personal data depending on your interaction with us. This may include:
- Identity data: name, title, and any details you provide to identify yourself.
- Contact data: address, email address, phone number, and service location details.
- Service data: information about the cleaning services requested, scheduled, completed, or cancelled.
- Billing data: payment status, invoice information, and transaction-related details.
- Communication data: records of emails, messages, calls, complaints, feedback, or service enquiries.
- Technical data: limited device or usage information if you interact with our digital systems, such as IP address or browser type, where applicable.
- Access and security data: information needed to arrange entry to premises, where required for service delivery and safety.
We do not intentionally collect special category data unless you choose to provide it and it is necessary for a particular service arrangement. If such data is provided, it will only be processed where lawful and appropriate safeguards are in place.
2. How We Use Personal Data
We use personal data for the following purposes:
- to provide cleaning services and manage bookings;
- to prepare quotations, invoices, and service records;
- to communicate with customers about appointments, changes, or service issues;
- to respond to enquiries, complaints, and feedback;
- to manage payments and maintain financial records;
- to improve service quality, internal operations, and customer experience;
- to comply with legal, accounting, and regulatory obligations;
- to protect our business, staff, customers, and property from fraud, misuse, or other unlawful activity.
We only process data that is relevant, adequate, and limited to what is necessary for these purposes. We do not sell personal data.
3. Lawful Basis for Processing
Under data protection law, we must have a lawful basis for each processing activity. Depending on the circumstance, we rely on one or more of the following legal bases:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes managing bookings, delivering services, handling payments, and carrying out customer support connected to the service.
Legal Obligation
We may process data where necessary to comply with legal and regulatory requirements, such as tax record keeping, accounting obligations, and responding to lawful requests from authorities.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests. This may include maintaining service records, improving operations, preventing fraud, ensuring security, and managing customer relationships. We assess these interests carefully to ensure processing is proportionate and respectful of your privacy.
Consent
In limited situations, we may rely on your consent, particularly where the law requires it. Where consent is used, you have the right to withdraw it at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before consent was withdrawn.
4. Sharing and Processors
We may share personal data with trusted third parties where necessary for service delivery, business administration, or legal compliance. These third parties act either as processors or, in some cases, as independent controllers.
Processors we may use
- Payment processors for handling customer payments securely;
- IT and hosting providers for storing and managing digital records;
- Communication providers for sending service-related messages;
- Accounting or bookkeeping providers for financial administration;
- Scheduling or administrative software providers that support booking management;
- Professional advisers such as accountants, insurers, or legal advisers where necessary.
Where we use processors, we require them to process personal data only on our instructions, to keep it secure, and to comply with applicable data protection law. We do not permit processors to use personal data for their own purposes unless they are acting as independent controllers and have their own lawful basis.
We may also disclose personal data if required by law, court order, regulation, or to protect the rights, property, or safety of our customers, staff, or business.
5. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, tax, or reporting requirements. Retention periods vary depending on the nature of the data and the reason it was collected.
In general:
- customer service records are kept for as long as needed to manage the relationship and resolve queries;
- financial and invoicing records are retained for the period required by law;
- communications may be kept for a reasonable period to support service history and customer care;
- data no longer needed is securely deleted, anonymised, or archived in accordance with our retention practices.
Where retention is based on a legal requirement, we will keep the data for the required duration. Where retention is based on legitimate interests or contract, we will review the need for continued storage and remove data when it is no longer necessary.
6. Data Security
We use appropriate technical and organisational measures to protect personal data against accidental loss, unlawful access, misuse, alteration, or disclosure. These measures may include access controls, limited staff access, secure systems, and procedures designed to reduce the risk of unauthorised processing.
Although we take reasonable steps to safeguard data, no system can be guaranteed to be completely secure. If a data breach occurs and it affects your rights and freedoms, we will act in accordance with our legal obligations, which may include notifying you and the relevant supervisory authority where required.
7. Your Rights
As a data subject under UK GDPR, you have several rights regarding your personal data. These rights may apply in different circumstances and may be subject to legal limitations.
Right of access
You may request confirmation of whether we process your personal data and obtain a copy of the data we hold about you.
Right to rectification
You may ask us to correct inaccurate or incomplete personal data.
Right to erasure
In certain cases, you may request that we delete your personal data. This is not always possible where we must retain information for legal or contractual reasons.
Right to restriction
You may request that we limit how we use your data in specific situations, such as where accuracy is contested.
Right to object
You may object to processing based on legitimate interests. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
Right to data portability
Where processing is based on consent or contract and carried out by automated means, you may request a copy of your data in a structured, commonly used format, where technically feasible.
Rights related to consent
If we rely on consent, you may withdraw it at any time.
To exercise your rights, you should contact us using the usual communication channels provided for service matters. We may need to verify your identity before responding. We aim to respond within one month, unless the request is complex or numerous.
8. International Transfers
Where personal data is transferred outside the United Kingdom, we will ensure appropriate safeguards are in place to protect it in accordance with data protection law. These safeguards may include adequacy regulations, standard contractual clauses, or other legally approved mechanisms.
9. Children’s Data
Our services are intended for adults and household customers. We do not knowingly collect personal data from children except where it is incidental to providing services requested by an adult customer. If we become aware that we have collected data unlawfully from a child, we will take appropriate steps to delete it.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in law, services, or internal practices. Any updates will take effect once published in the revised version. We encourage customers to review this policy periodically so they remain informed about how their information is handled.
11. Contact and Complaints
If you have concerns about how your personal data is handled, you may raise them with us so we can investigate and address the matter appropriately. If you remain dissatisfied, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) or another relevant supervisory authority.
Summary of our commitment: we process personal data lawfully, securely, and only where necessary, ensuring that customers in the Knightsbridge area can use our services with confidence and trust.