Privacy Policy - Paddington Carpet Cleaners

This Privacy Policy explains how Paddington Carpet Cleaners collects, uses, stores, shares, and protects personal data when providing carpet cleaning and related services. It applies to all Paddington Carpet Cleaners customers in our service area, including prospective customers, existing customers, and anyone who interacts with us in connection with a booking, enquiry, or service request.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy should be read carefully to understand your rights and how we process your information.

1. Data We Collect

We only collect personal data that is relevant and necessary for delivering our services, managing customer relationships, and meeting our legal obligations. The types of information we may collect include:

  • Identity information such as your name, title, and any preferred name you provide.
  • Contact information such as your address, phone number, and email address.
  • Service information including details of the cleaning services requested, property access instructions, appointment history, and service preferences.
  • Payment-related information such as billing details and payment confirmations. We do not store full card details if payment is processed by a third-party payment provider.
  • Communication records including messages, complaints, feedback, estimates, and booking notes.
  • Technical information where relevant, such as IP address or browser data if you contact us online, subject to the tools used to receive and manage enquiries.
  • Special category data only where you voluntarily provide it and it is necessary for a specific service request, such as health-related access needs or allergy considerations. We handle this data with additional care and only when strictly required.

We generally collect data directly from you when you request a quote, make a booking, complete a form, communicate with us, or use our services. In some cases, we may receive information from third parties acting on your behalf, such as a landlord, letting agent, business client, or property manager.

2. How We Use Your Personal Data

We process personal data for specific, legitimate purposes connected to our business operations. These include:

  • Providing carpet cleaning and related cleaning services.
  • Managing bookings, scheduling visits, and confirming service arrangements.
  • Preparing quotations, invoices, and payment records.
  • Responding to questions, complaints, and service requests.
  • Keeping internal records of work completed and customer preferences.
  • Improving service quality, customer support, and operational efficiency.
  • Meeting legal, tax, accounting, and insurance obligations.
  • Preventing fraud, misuse, and unauthorised access.

We will not use your personal data for purposes that are incompatible with those described in this policy unless we obtain your consent or are otherwise permitted by law.

3. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis to process your personal data. Depending on the context, we rely on one or more of the following bases:

Contract

We process your data when it is necessary to perform a contract with you or to take steps at your request before entering into a contract. This includes providing quotes, booking services, and delivering carpet cleaning work.

Legal Obligation

We may process personal data where necessary to comply with legal obligations, such as keeping financial and tax records or responding to lawful requests from authorities.

Legitimate Interests

We may process data for our legitimate business interests, provided those interests do not override your rights and freedoms. Examples include managing customer relationships, maintaining service records, improving operations, and protecting against misuse or fraud.

Consent

In limited situations, we may rely on your consent, for example where you voluntarily provide optional information or agree to receive certain types of communication. Where consent is used, you may withdraw it at any time.

Vital Interests

In rare circumstances, we may process information to protect someone’s vital interests, such as where emergency access information is necessary for health or safety reasons.

4. Sharing Your Data and Processors

We may share personal data only where necessary and with appropriate safeguards. We do not sell your information. However, we may disclose data to trusted third parties who act as processors or independent controllers, depending on the service they provide.

Processors are third parties that handle data on our instructions. These may include:

  • Payment processors that process transactions securely.
  • Booking and scheduling software providers that help manage appointments.
  • IT and cloud storage providers that support data hosting, communication, and document management.
  • Accounting and invoicing providers that assist with financial administration.
  • Customer support tools used to manage enquiries and service records.

Where we use processors, we ensure they are bound by appropriate contractual obligations requiring them to protect your data, process it only on our instructions, and implement suitable security measures.

We may also disclose information where required by law, to professional advisers such as insurers or accountants, or in connection with legal claims, regulatory compliance, or business restructuring. If data is transferred outside the UK, we will ensure appropriate safeguards are in place in accordance with applicable law.

5. Data Retention

We keep personal data only for as long as necessary for the purpose for which it was collected, or as required by law. Retention periods may vary depending on the type of record and the reason it is held.

  • Customer service records are usually kept for a reasonable period to support ongoing service, handle follow-up enquiries, and maintain business records.
  • Invoices, receipts, and accounting records are retained for the period required by tax and accounting laws.
  • Correspondence and complaints may be retained for a period necessary to resolve issues and demonstrate how concerns were handled.
  • Consent-based data is kept only until consent is withdrawn or the purpose for processing ends.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

6. Security of Your Information

We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration, or disclosure. These measures may include access controls, password protection, secure storage, staff confidentiality obligations, and limited access on a need-to-know basis.

While we work hard to protect your information, no method of electronic storage or transmission is completely secure. We therefore cannot guarantee absolute security, but we will respond promptly and appropriately to any suspected data breach in line with legal requirements.

7. Your Data Protection Rights

As a data subject under UK GDPR, you have several rights in relation to your personal data. These rights may be subject to legal limits or exceptions, but we will always consider your request carefully.

  • Right of access – you can request a copy of the personal data we hold about you.
  • Right to rectification – you can ask us to correct inaccurate or incomplete information.
  • Right to erasure – in certain cases, you can ask us to delete your data.
  • Right to restriction – you can ask us to limit how we use your data in certain situations.
  • Right to data portability – you may request that we provide certain data in a structured, commonly used format.
  • Right to object – you can object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent, you can withdraw it at any time.

If you wish to exercise any of these rights, we will respond in accordance with applicable data protection law. We may need to verify your identity before acting on your request.

8. Children’s Data

Our services are intended for adults who arrange carpet cleaning services for residential or commercial premises. We do not knowingly collect personal data from children unless it is necessary in a specific service context and provided by an adult responsible for the arrangement.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any revised version will apply from the date it is published or otherwise made available. We encourage you to review this policy periodically to stay informed about how we handle your information.

10. Summary of Key Principles

In summary, Paddington Carpet Cleaners processes personal data only where it is necessary, lawful, and proportionate. We aim to be transparent about what we collect, why we collect it, who may process it on our behalf, how long it is kept, and what rights you have over it. We are committed to respecting privacy and protecting the data of every customer in our area.

This Privacy Policy is designed to be clear, practical, and compliant with applicable UK data protection law. Your privacy matters to us, and we handle your information with care.

Paddington Carpet Cleaners

GDPR-compliant Privacy Policy for Paddington Carpet Cleaners covering data collection, lawful basis, retention, processors, rights, and service-area applicability.

Get A Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.