Finchley Carpet Cleaners Privacy Policy

This Privacy Policy explains how Finchley Carpet Cleaners collects, uses, stores and shares personal data when providing carpet, upholstery and related cleaning services. It applies to all Finchley Carpet Cleaners customers and prospective customers within our service area, including individuals, households and business clients.

Finchley Carpet Cleaners is the data controller for the personal data described in this Privacy Policy. We are committed to protecting your privacy and to processing personal data in accordance with the UK General Data Protection Regulation, the EU General Data Protection Regulation where applicable, and relevant UK data protection laws.

Personal Data We Collect

We may collect and process the following categories of personal data when you contact us, request a quote, make a booking or use our services:

Identification and contact details: name, address of the property where services are provided, billing address if different, and general contact details such as communication channels you choose to use.

Service and booking information: information about the type of cleaning service requested, property type and access notes, preferred dates and times, job history, invoices, payment records and any special instructions you provide.

Communication records: information you give us in messages, feedback, testimonials, complaints or enquiries, and notes we make when you contact us by any channel.

Technical and usage information: limited technical data that may be collected when you visit our website, such as IP address, basic device information, pages visited and dates and times of access. This may be collected through cookies or similar technologies where legally permitted and in line with our cookie practices.

Financial information: information necessary to process payments, such as partial card details or transaction references, processed via our payment processors. We do not store full card numbers or card security codes.

Lawful Bases for Processing

We rely on one or more of the following lawful bases under data protection law to process your personal data:

Performance of a contract: we process your personal data when it is necessary to take steps at your request before entering into a contract and to perform a contract with you. This includes providing quotes, confirming bookings, delivering cleaning services, issuing invoices and managing your account.

Legitimate interests: we may process your personal data when it is necessary for our legitimate business interests and when these interests are not overridden by your rights and freedoms. This includes managing and improving our services, keeping records, responding to enquiries, training staff, and preventing and detecting misuse or fraud.

Legal obligations: we process certain data to comply with legal and regulatory requirements, such as tax, accounting and record keeping obligations, and to respond to lawful requests from public authorities.

Consent: in some cases we may rely on your consent, for example for certain types of direct marketing or for non-essential cookies. Where we rely on consent, you can withdraw it at any time, without affecting the lawfulness of processing before withdrawal.

Purposes for Which We Use Personal Data

We use the personal data we collect for the following purposes:

To provide our services: arranging site visits, carrying out carpet and upholstery cleaning and related services, managing access to your property, and communicating with you about your bookings.

Customer service and communication: responding to your questions, complaints and feedback, sending service updates, appointment reminders and important notices about your contract or our terms.

Billing and administration: issuing quotes, invoices and receipts, processing payments via our payment processors, and maintaining accurate financial, tax and business records.

Service improvement and business management: monitoring service quality, training staff, planning workloads, managing risks, and improving our cleaning methods and customer experience.

Marketing and promotions: where permitted by law and in line with your preferences, we may send you information about our services, offers or updates that we believe may be of interest. You may opt out of marketing communications at any time.

Security and legal compliance: protecting our business, staff, customers and property; preventing fraud or misuse of our services; enforcing our contractual rights; and complying with legal obligations.

Sharing Personal Data with Processors and Third Parties

We do not sell your personal data. We may share your personal data with carefully selected third parties only where necessary and lawful, including:

Service providers and processors: third party companies that provide services to us, such as payment processing, accounting, secure data storage, customer relationship management tools, communication platforms and IT support. These providers act as data processors and may only process your personal data on our documented instructions and for specified purposes.

Professional advisers: accountants, auditors, legal advisers and consultants who assist us in running our business, subject to appropriate confidentiality obligations.

Authorities and enforcement bodies: law enforcement agencies, regulators, courts or other public bodies when we are legally required to do so or when necessary to establish, exercise or defend legal claims.

Business transfers: in the event of a sale, merger or reorganisation of our business, your personal data may be transferred as part of the relevant transaction, subject to appropriate protections.

When transferring data to processors, we take steps to ensure that appropriate contractual and security measures are in place to safeguard your personal data.

Data Retention

We keep personal data only for as long as is reasonably necessary for the purposes for which it was collected, and to meet legal, regulatory, tax and accounting requirements.

In general:

Contact and booking data related to the provision of services is typically retained for up to seven years after the end of the relevant financial year, to comply with accounting and tax obligations and to enable us to handle any queries or disputes.

Routine enquiry data where no contract is formed is usually kept for a shorter period, generally up to two years after our last contact, unless we need to keep it longer for legal reasons.

Marketing data is kept for as long as you remain subscribed or otherwise engaged with our marketing communications. If you opt out, we may retain limited information to record your preference and ensure you are not contacted again.

When data is no longer needed, it will be securely deleted, anonymised or archived in line with our data retention practices.

International Transfers

Some of our service providers or their systems may be located outside the United Kingdom or the European Economic Area. Where personal data is transferred to a country that does not provide an equivalent level of data protection, we take steps to ensure that appropriate safeguards are in place, such as standard contractual clauses or other lawful transfer mechanisms, in accordance with data protection law.

How We Protect Your Data

We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction or damage. These measures include access controls, staff training, secure storage, and regular review of our information security practices.

While we work to protect your personal data, no method of transmission or storage is completely secure. We cannot guarantee absolute security but we strive to maintain a level of protection that is appropriate to the risks.

Your Data Protection Rights

Individuals within the scope of the UK GDPR or EU GDPR have a number of rights in relation to their personal data. Subject to certain conditions and exemptions, you may have the right to:

Access: request confirmation of whether we process your personal data and obtain a copy of the personal data we hold about you.

Rectification: ask us to correct or update inaccurate or incomplete personal data.

Erasure: request that we delete your personal data in certain circumstances, for example where it is no longer needed for the purpose for which it was collected and we have no legal reason to keep it.

Restriction: ask us to restrict the processing of your personal data in certain situations, such as while we are considering a request to rectify it.

Objection: object to processing that is based on our legitimate interests, including any direct marketing, where you believe your rights and interests outweigh our own.

Data portability: request that we provide you with certain personal data in a structured, commonly used, machine readable format, or transfer it to another controller where technically feasible and where the legal basis is consent or contract.

Withdraw consent: where we rely on your consent for specific processing activities, you may withdraw that consent at any time.

You can exercise your rights by contacting us using the details provided on our website or through the usual communication channels you use with us. We may need to verify your identity before responding to certain requests. We aim to respond within the timeframes set by data protection law.

Complaints

If you have concerns about how we handle your personal data, we encourage you to contact us first so that we can try to resolve the issue. You also have the right to lodge a complaint with the UK Information Commissioner's Office or with your local data protection authority if you are in the European Economic Area.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements or data protection practices. Any updates will be posted on our website with a revised effective date. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.