Ilford Carpet Cleaners Privacy Policy

This Privacy Policy explains how Ilford Carpet Cleaners collects, uses, stores and protects personal data relating to our customers in the Ilford area. It also explains your rights under the UK General Data Protection Regulation and the Data Protection Act 2018.

Ilford Carpet Cleaners is the data controller for the personal data described in this Privacy Policy. By using our carpet and upholstery cleaning services, making an enquiry, or visiting our website, you acknowledge that you have read and understood this Policy.

Scope of this Privacy Policy

This Privacy Policy applies to all customers and prospective customers of Ilford Carpet Cleaners in the Ilford area, including individuals, households, landlords, tenants and business representatives who contact us or use our services. It covers personal data collected online, by telephone, in person and through any other communication channels we use.

Types of Personal Data We Collect

We only collect personal data that is relevant and necessary for providing our services and managing our business. Depending on how you interact with us, we may collect the following categories of information:

Contact and identity details, such as your name, address, property access details, and any contact preferences you provide.

Communication records, such as enquiries, messages, and any information you choose to share when you contact us about our services.

Service information, such as details about the property or premises to be cleaned, the type of services requested, dates and times of appointments, and any instructions you provide.

Billing and payment information, such as records of services supplied, invoices issued and payment status. Actual payment card details are processed by secure payment providers and are not stored by us.

Technical and usage data, such as basic information about how you interact with our website or online forms, including the pages you view, the time and date of access, and approximate location based on your device or browser settings.

Feedback and reviews, such as comments you provide about our services, satisfaction ratings and testimonials you consent to share.

Lawful Bases for Processing Personal Data

We process personal data only when we have a lawful basis to do so under the UK GDPR. Depending on the circumstances, we may rely on one or more of the following lawful bases:

Performance of a contract: to provide carpet cleaning and related services, manage bookings, confirm appointments, handle payments and respond to your requests before and after a service is carried out.

Legitimate interests: to manage and improve our business operations, maintain accurate records, respond to enquiries, prevent fraud or misuse, and promote our services in a way that is proportionate and respects your privacy. When we rely on this basis, we carefully balance our interests with your rights and freedoms.

Legal obligations: to comply with legal and regulatory requirements, including tax and accounting rules, and to respond to lawful requests from authorities.

Consent: where required for certain marketing activities or for using specific types of cookies or similar technologies. When we rely on consent, you may withdraw it at any time, and this will not affect the lawfulness of processing before the withdrawal.

How We Use Your Personal Data

We use the personal data we collect for the following purposes:

To provide our services, including arranging and carrying out carpet and upholstery cleaning, managing bookings, and communicating with you about appointments and service details.

To respond to enquiries, provide quotations, offer advice on suitable services and answer any questions you may raise.

To manage our relationship with you, including handling feedback, complaints, queries and repeat bookings.

To process payments and maintain accurate financial and administrative records.

To improve our services, including reviewing feedback, analysing service performance and enhancing our customer experience.

To send you service-related communications, such as confirmations, reminders and important notices about changes to our services or terms.

To send marketing communications, such as information about offers or new services, where we are permitted to do so and you have not opted out.

To protect our business, including detecting and preventing fraud, maintaining security, and defending our legal rights.

Data Retention

We keep personal data only for as long as it is necessary for the purposes for which it was collected, or for as long as we are required to keep it under relevant laws and regulations.

In general, we retain customer and service records for a period that allows us to respond to queries, manage repeat bookings, meet tax and accounting requirements, and maintain accurate business records. This period will typically be several years after the last interaction or service, depending on the type of record and the applicable legal requirements.

When personal data is no longer needed, we will securely delete it or anonymise it so that it can no longer be linked to an identifiable individual.

Sharing Personal Data and Use of Processors

We do not sell your personal data. We may share your information with carefully selected third parties when necessary for the purposes outlined in this Privacy Policy and where a lawful basis exists.

We may use external service providers who act as data processors to help us operate our business. These may include providers of payment processing, customer management tools, accounting and bookkeeping support, website hosting, email and communication platforms, and information technology services.

Where we use processors, we ensure that they only process personal data on our documented instructions, that they have appropriate security measures, and that they are bound by contractual obligations consistent with data protection laws.

We may also share your personal data when required by law, in connection with legal proceedings, or to protect our rights, property or safety, or that of our customers or others.

If there is a change in the structure of our business, such as a transfer or sale, personal data may be transferred as part of that process, but will remain subject to this Privacy Policy or a similar policy that offers equivalent protection.

International Data Transfers

Our primary operations target customers in the Ilford area. Where personal data is transferred outside the United Kingdom, for example because a service provider stores data on servers in another country, we ensure that appropriate safeguards are in place. These safeguards may include adequacy regulations or standard contractual clauses approved by relevant authorities.

Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure or destruction. These measures include limiting access to personal data to those who have a business need to know, using secure systems and following retention and deletion practices designed to reduce risk.

While we take reasonable steps to protect your information, no method of transmission or storage is completely secure. You should take care when sharing personal data and avoid including unnecessary sensitive details in your communications with us.

Your Data Protection Rights

Under the UK GDPR, you have several rights in relation to your personal data. These rights apply subject to certain conditions and legal exceptions:

Right of access: you have the right to request confirmation of whether we hold personal data about you and to receive a copy of that data.

Right to rectification: you have the right to ask us to correct inaccurate personal data or complete information that is incomplete.

Right to erasure: you may request that we delete your personal data in certain circumstances, for example where it is no longer needed for the purposes for which it was collected.

Right to restrict processing: you can ask us to limit how we use your data in certain situations, such as while we are reviewing a request to correct inaccurate information.

Right to data portability: in some cases, you may request that we provide your personal data in a structured, commonly used and machine readable format, or ask us to transmit it to another organisation where technically feasible.

Right to object: you can object to certain types of processing, including processing based on our legitimate interests and direct marketing. If you object to direct marketing, we will stop using your data for that purpose.

Rights relating to automated decision making: we do not carry out automated decision making that has legal or similarly significant effects on individuals.

If you wish to exercise any of these rights, we may need to verify your identity before responding to your request. We aim to respond within the time limits required by law.

Marketing Preferences

We may send you marketing communications about our services if we are permitted to do so under data protection and electronic communications laws. You can ask us to stop sending you marketing messages at any time by following any instructions in the communication or by contacting us using our usual contact channels.

Even if you opt out of marketing, we may still send you service messages and other information necessary for the performance of our contract with you or to comply with legal obligations.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or the services we offer. Any changes will be posted in the latest version of the Policy. You should review this Policy periodically to stay informed about how we protect your personal data.

Contact and Complaints

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, you can contact us using the usual contact details provided on our website or in our service documentation.

You also have the right to lodge a complaint with the UK Information Commissioner if you are unhappy with how we process your personal data. We would, however, appreciate the opportunity to address your concerns directly before you contact the regulator.