Kilburn Carpet Cleaners Privacy Policy

This Privacy Policy explains how Kilburn Carpet Cleaners collects, uses, stores, and protects personal data relating to our customers and prospective customers within our service area. It also explains your rights under applicable data protection laws, including the UK General Data Protection Regulation and, where relevant, the EU General Data Protection Regulation.

This Privacy Policy applies to all customers and potential customers of Kilburn Carpet Cleaners in our local service area, including those who contact us to request quotes, make bookings, or otherwise interact with our services.

Who We Are

Kilburn Carpet Cleaners is a local carpet and upholstery cleaning business providing services to residential and commercial customers in our service area. For the purposes of data protection laws, Kilburn Carpet Cleaners is the data controller for the personal data described in this Privacy Policy. This means we decide how and why your personal data is processed.

Personal Data We Collect

We may collect and process the following categories of personal data about you:

Identification and contact details: name, address, service address, billing address, and other contact details such as your preferred method of contact.

Service and booking information: details of your booking, the type of property, areas or items to be cleaned, access instructions, preferred dates and times, and any special instructions relevant to the service.

Communication data: information you provide when you contact us by phone, through online forms, or via other communication channels, including enquiries, complaints, feedback, and review comments.

Payment-related information: limited information necessary to process payments and maintain our accounts and records. We do not store full payment card details if payments are processed through secure third-party payment providers.

Technical and usage data: if you interact with us online, we may collect technical information such as IP address, browser type, and basic usage data necessary for security, analytics, and improving our services.

How We Collect Your Data

We usually collect personal data directly from you when you:

Make an enquiry or request a quote for our services.

Make a booking or enter into a contract for cleaning services.

Contact us with questions, feedback, or complaints.

Communicate with us through online forms or other communication channels.

We may also receive personal data indirectly when someone books a service on your behalf, when we are given your details as a point of contact at business premises, or when third-party platforms pass us information to help us manage bookings or payments.

Purposes and Lawful Bases for Processing

We process your personal data only where we have a lawful basis under data protection law. The purposes and lawful bases include:

Providing quotes and responding to enquiries: To respond to your requests for information or quotations for our services. Our lawful basis is our legitimate interest in operating and growing our business and, where you are about to enter into a contract with us, taking steps at your request prior to entering into that contract.

Providing cleaning services and managing bookings: To confirm and manage your appointments, provide the services you have requested, and handle any follow-up visits or related services. Our lawful basis is performance of a contract with you.

Billing, payments, and accounting: To process payments, apply charges, manage refunds if applicable, and maintain financial and tax records. Our lawful bases are performance of a contract with you and compliance with our legal obligations.

Customer service and dispute resolution: To respond to questions, resolve issues, handle complaints, and manage any legal claims. Our lawful bases are our legitimate interest in managing our business and protecting our rights, and where necessary establishing, exercising, or defending legal claims.

Marketing and service updates: To send you relevant information about our services, offers, or updates that may interest you, where permitted by law. Our lawful basis is our legitimate interest in promoting our services, or your consent where this is required. You can opt out of marketing communications at any time.

Security, fraud prevention, and business operations: To keep our systems secure, monitor usage, and ensure the effective running of our business. Our lawful basis is our legitimate interest in maintaining security and business continuity.

Data Retention

We keep personal data only for as long as is reasonably necessary for the purposes set out in this Privacy Policy and to meet our legal, tax, and accounting obligations.

In general, we retain customer and booking records for a period that allows us to manage repeat bookings, respond to queries, and comply with applicable legal requirements. Financial and invoicing information is typically retained for the period required by tax and accounting laws.

When personal data is no longer needed for the purposes for which it was collected, or when applicable retention periods have expired, we will delete or anonymise the data in a secure manner.

Data Sharing and Processors

We do not sell your personal data. We may share your personal data with trusted third parties who act as data processors on our behalf. These service providers are only allowed to process your personal data according to our instructions and are required to keep it secure and confidential.

Categories of processors and recipients may include:

Payment service providers that process transactions on our behalf.

Accounting and bookkeeping service providers that assist us with financial and tax obligations.

IT, hosting, and software providers that support our booking systems, communication tools, and data storage.

Professional advisers, such as legal and insurance advisers, where necessary to manage risks, disputes, or claims.

We may also share your personal data with public authorities, regulators, or law enforcement agencies where we are legally required to do so, or where sharing is necessary to protect our rights or the rights of others.

Where processors are located outside the UK or European Economic Area, we will take appropriate steps to ensure that your personal data is subject to an equivalent level of protection, such as by using standard contractual clauses or other safeguards recognised by data protection law.

Security of Your Data

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, disclosure, or alteration. These measures may include access controls, secure storage, staff training, and regular review of our procedures.

While no method of transmission or storage can be guaranteed as completely secure, we continually work to protect your information and to review and improve our security measures.

Your Data Protection Rights

Under data protection law, you have a number of rights in relation to your personal data, subject to certain conditions and limitations. These include:

Right of access: You can request confirmation of whether we process your personal data and request a copy of the personal data we hold about you.

Right to rectification: You can ask us to correct or complete any inaccurate or incomplete personal data we hold about you.

Right to erasure: In certain circumstances, you can request that we delete your personal data, for example where it is no longer needed for the purposes for which it was collected, or where you withdraw consent and there is no other lawful basis for processing.

Right to restriction of processing: You can ask us to restrict our use of your personal data in certain situations, for example while we verify its accuracy or consider an objection you have raised.

Right to object: You can object to our processing of your personal data where we rely on legitimate interests as our lawful basis, including for direct marketing. If you object to direct marketing, we will stop processing your data for this purpose.

Right to data portability: Where processing is based on consent or on a contract and carried out by automated means, you can request that we provide your personal data in a structured, commonly used, and machine-readable format, or that we transmit it to another controller where technically feasible.

Right to withdraw consent: Where we rely on your consent to process your personal data, you can withdraw that consent at any time. Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.

You also have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been infringed. In the UK, this is the Information Commissioner's Office. If you are located in another jurisdiction, you may have the right to complain to your local data protection authority.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make changes, we will update the date of the policy and, where appropriate, inform you through our usual communication channels. We encourage you to review this Privacy Policy periodically to stay informed about how we handle your personal data.