Kingsbury Carpet Cleaners Privacy Policy

This Privacy Policy explains how Kingsbury Carpet Cleaners collects, uses, stores, and protects personal data about its customers in the service area. It also explains the rights that individuals have under the UK General Data Protection Regulation and associated data protection laws.

This Privacy Policy applies to all Kingsbury Carpet Cleaners customers in our service area, including anyone who contacts us, makes an enquiry, requests a quote, books a service, or otherwise interacts with us in the course of our carpet and upholstery cleaning services.

Data Controller

Kingsbury Carpet Cleaners is the data controller for the personal data described in this Privacy Policy. As the data controller, we determine the purposes and means of processing your personal data and are responsible for ensuring that such processing is carried out in accordance with applicable data protection laws.

Personal Data We Collect

We may collect and process the following categories of personal data:

Identification and contact details, such as your name, address, and basic contact information needed to respond to your enquiries and provide services.

Service and booking information, such as details of the services you request, the date and time of appointments, property access instructions relevant to the service, and any notes you choose to provide about your requirements.

Payment and transaction information, such as information required to process your payments and records of the services you have purchased. We do not store full payment card details where payments are processed via third-party payment processors.

Communication records, such as emails, messages, and records of phone conversations necessary to handle enquiries, bookings, customer support, and complaints.

Website and usage information, such as basic technical data collected when you visit our website, including information your browser sends. This may include IP address, device type, and general browsing data necessary to operate and secure the website.

Any other information you choose to provide to us when communicating with us or using our services.

Lawful Basis for Processing

We will only process your personal data where we have a lawful basis under data protection law. Depending on the context, the lawful bases we rely on include:

Contract: We process personal data where it is necessary to enter into or perform a contract with you, such as when you request a quote, make a booking, or receive carpet cleaning services.

Legal obligation: We may process personal data where it is necessary to comply with legal obligations, including record-keeping, accounting, and responding to lawful requests from public authorities.

Legitimate interests: We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This may include improving our services, managing our business operations, preventing fraud, and maintaining security of our systems.

Consent: In limited circumstances, we may rely on your consent, for example for certain types of optional communications or where required by law. Where processing is based on consent, you have the right to withdraw that consent at any time.

How We Use Personal Data

We use personal data for the following purposes:

To respond to enquiries, provide quotes, and manage bookings for our carpet cleaning services.

To deliver our services at your property, including communicating with you about appointment times, access, and specific service requirements.

To manage payments, invoicing, and accounting records related to the services you purchase.

To provide customer support, handle complaints, and respond to any requests or questions you raise.

To maintain and improve our services, internal processes, and customer experience, including monitoring service quality.

To send you service-related communications, such as appointment confirmations, reminders, and important updates.

To protect our business, prevent and detect fraud and misuse of our services, and ensure the security of our systems.

To comply with legal and regulatory requirements that apply to our business.

Data Processors and Third Parties

We may share your personal data with carefully selected third parties who act as data processors on our behalf. These processors only process your data in accordance with our instructions and for the purposes set out in this Privacy Policy. Categories of processors may include:

IT and hosting providers who host our website, manage our systems, and store data securely.

Payment processors who handle payment transactions and related financial administration.

Customer management and communication tools used to manage bookings, reminders, and customer records.

Professional advisers, such as accountants or legal advisers, where necessary for legitimate business and legal purposes.

Where required by law, or where we believe it is necessary to protect our rights, we may also share personal data with regulatory bodies, law enforcement agencies, or other public authorities. Any such sharing will be carried out in accordance with data protection law.

International Transfers

If we transfer personal data outside the UK or European Economic Area, we will ensure appropriate safeguards are in place to protect your data. These may include the use of standard contractual clauses or other mechanisms approved by data protection authorities. Where relevant, we will take steps to ensure that any overseas recipient provides an adequate level of data protection.

Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including meeting any legal, accounting, or reporting requirements.

In general, we retain customer and service records for a period that allows us to manage ongoing relationships, handle any queries or disputes, and meet our legal obligations. After this period, data is securely deleted or anonymised so that it can no longer be associated with you.

The retention period may vary depending on the category of data, the nature of the services, and the legal requirements that apply to our business. We regularly review our retention practices to ensure personal data is not kept longer than is necessary.

Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures include restricting access to personal data to those who need it for legitimate business purposes, using secure systems and storage solutions, and applying suitable safeguards to protect our IT infrastructure.

While we take reasonable steps to safeguard your data, no system can be completely secure. If we identify a data breach that is likely to result in a risk to your rights and freedoms, we will act in accordance with legal requirements, including notifying the relevant supervisory authority and, where appropriate, affected individuals.

Your Data Protection Rights

Under data protection law, individuals have a number of rights in relation to their personal data. Subject to certain conditions and exemptions, you may have the following rights:

Right of access: You can request confirmation of whether we process your personal data and obtain a copy of the data we hold about you.

Right to rectification: You can ask us to correct or complete any inaccurate or incomplete personal data we hold about you.

Right to erasure: You can request that we delete your personal data in certain circumstances, for example where it is no longer needed for the purposes for which it was collected.

Right to restriction of processing: You can ask us to restrict the processing of your personal data in certain situations, such as where you contest the accuracy of the data or object to our processing.

Right to data portability: In some cases, you can request that your personal data be provided to you in a structured, commonly used, machine-readable format, or transferred to another controller, where technically feasible.

Right to object: You can object to our processing of your personal data based on legitimate interests, including any direct marketing activities, in which case we will stop processing unless we have compelling legitimate grounds that override your interests and rights.

Right to withdraw consent: Where we rely on your consent to process personal data, you can withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

You also have the right to lodge a complaint with the relevant data protection supervisory authority if you believe your rights have been infringed.

Contact and Queries

If you have any questions about this Privacy Policy or how your personal data is handled by Kingsbury Carpet Cleaners, or if you wish to exercise any of your data protection rights, you can contact us using the details provided on our website or through the usual communication channels you use when dealing with us.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. Any updates will be made available through our usual communication channels. We encourage you to review this Privacy Policy periodically so that you remain informed about how we protect your personal data.