Finchley Carpet Cleaning Privacy Policy

This Privacy Policy explains how Finchley Carpet Cleaning collects, uses, stores and protects personal data relating to our customers and prospective customers. It also explains your rights under the UK General Data Protection Regulation and the Data Protection Act, and how you can exercise those rights. This Privacy Policy applies to all Finchley Carpet Cleaning customers and service users in our service area.

Who we are

Finchley Carpet Cleaning is a carpet and upholstery cleaning service provider operating in the Finchley area and surrounding locations. For the purposes of data protection law, Finchley Carpet Cleaning is the data controller of the personal data described in this Privacy Policy. This means we decide how and why your personal data is processed when you use our services or interact with us.

Personal data we collect

We collect and process personal data that you provide to us directly, that arises from our services, or that we obtain from third parties in the course of running our business. The types of personal data we may collect include:

Identification and contact details, such as your full name, home or business address, property access details that you choose to provide, and any other contact details you share with us.

Service and booking information, such as details of the services you request, dates and times of appointments, previous service history with us, property type and room details relevant to cleaning, and any photos you choose to provide to help us assess work requirements.

Payment and transaction data, such as records of payments you make for our services, payment method used, and billing-related information. We do not store full card details where payments are taken through third party payment processors; those details are managed directly by the relevant payment provider.

Communication data, such as information contained in messages you send us when making enquiries, providing instructions, requesting quotes, asking questions, or giving feedback and complaints, as well as any notes we make to record our communications with you.

Technical and usage data, where applicable, such as basic information about how you access our online content, including device type, approximate location, and pages visited, collected through standard server logs or basic analytics tools. We do not seek to identify individuals from this data unless required for security, legal or fraud prevention purposes.

How we use your personal data

We use your personal data for the following purposes:

To provide our services, including handling enquiries, providing quotations, scheduling and carrying out cleaning services, managing bookings and rescheduling, and providing customer support.

To manage our relationship with you, including keeping records of past work, responding to your messages, handling feedback or complaints, and notifying you about important changes to our services or our terms and policies.

To process payments, including issuing invoices and receipts, recording transactions, and working with payment processors to handle payments and refunds.

To improve our services and business operations, including analysing service usage, monitoring service quality, and training staff.

To send essential service messages, such as booking confirmations, reminders, updates regarding your appointment, or information about any changes that may affect your booking.

To meet legal and regulatory obligations, including record-keeping, tax and accounting requirements, and responding to lawful requests from regulators or law enforcement authorities.

To protect our business, customers and staff, including fraud prevention, security, and the exercise or defence of legal claims.

Lawful basis for processing

Under data protection law, we must have a lawful basis for each type of processing we undertake. The main lawful bases we rely on are:

Performance of a contract: We process your personal data where it is necessary to enter into or perform a contract with you, for example when you request a quotation, make a booking, or receive cleaning services from us.

Legitimate interests: We process personal data where it is necessary for our legitimate business interests, provided your interests and fundamental rights do not override those interests. This includes managing our business operations, improving services, keeping appropriate records, handling enquiries and complaints, and protecting our legal rights.

Legal obligations: We process personal data where necessary to comply with legal and regulatory obligations, including tax and accounting requirements and responding to lawful requests from public authorities.

Consent: In limited circumstances, we may rely on your consent, for example for certain optional marketing communications. Where we rely on consent, you have the right to withdraw that consent at any time.

Data retention

We keep your personal data only for as long as reasonably necessary for the purposes for which it was collected, including to meet legal, regulatory, tax, accounting or reporting requirements and to resolve disputes.

In general, we will keep core customer and service records for as long as you remain an active customer and for a reasonable period afterwards, typically up to six years after the end of our relationship, to comply with legal and tax requirements and to be able to respond to queries or legal claims. Communications data such as routine enquiries may be kept for a shorter period where ongoing retention is not necessary.

When we no longer need your personal data, we will either delete it securely or anonymise it so that it can no longer be associated with you.

Data processors and third parties

We may share your personal data with selected third parties who provide services that help us run our business. These third parties act as data processors and process personal data on our instructions and for our purposes only.

Typical categories of data processors and recipients include:

Payment service providers who process card payments and other transactions on our behalf.

IT and hosting providers who supply and maintain our booking systems, communication tools and data storage solutions.

Accountants or professional advisers who require access to certain data for accounting, audit or legal advice purposes.

Where necessary, we may also share personal data with other organisations acting as independent data controllers, such as law enforcement agencies, regulators, courts, or legal advisers, where we are required to do so by law or where it is necessary for the establishment, exercise or defence of legal claims.

We require all data processors to implement appropriate technical and organisational measures to protect personal data and to process it only according to our documented instructions and applicable law.

International transfers

Where any of our service providers are located outside the United Kingdom or European Economic Area, or store data in other jurisdictions, we will ensure that appropriate safeguards are in place to protect your personal data. This may include using standard contractual clauses or relying on other legally recognised mechanisms for international transfers, in accordance with applicable data protection laws.

Security of your personal data

We take the security of your personal data seriously and implement reasonable technical and organisational measures to protect it against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. These measures include limiting access to personal data to those staff and processors who have a business need to know it and who are subject to confidentiality obligations.

Your data protection rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to certain conditions, limitations or exemptions. Your rights include:

Right of access: You have the right to request confirmation as to whether we process your personal data and to request a copy of the personal data we hold about you, together with certain information about how we use it.

Right to rectification: You have the right to ask us to correct any inaccurate or incomplete personal data we hold about you.

Right to erasure: In certain circumstances, you have the right to ask us to delete or remove your personal data, for example where it is no longer necessary for the purposes for which it was collected and we have no legal reason to keep it.

Right to restriction of processing: You have the right to ask us to restrict the processing of your personal data in certain situations, for example while we are verifying the accuracy of the data or considering an objection you have raised.

Right to object: You have the right to object to certain types of processing carried out on the basis of our legitimate interests, on grounds relating to your particular situation. We will stop processing your personal data unless we have compelling legitimate grounds to continue or the processing is required for legal reasons.

Right to data portability: In certain circumstances where processing is based on consent or contract and carried out by automated means, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to request that we transfer it to another controller where technically feasible.

Right to withdraw consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.

How to exercise your rights

If you wish to exercise any of your rights, or if you have any questions about how we handle your personal data, you can contact us using the contact details that we publish on our website or provide in our communications. In order to protect your privacy, we may need to verify your identity before responding to your request.

We aim to respond to all legitimate requests within one month. If your request is particularly complex or you have made multiple requests, it may take us longer, in which case we will keep you updated.

Complaints and your right to complain to a supervisory authority

If you have concerns about how we handle your personal data, we would encourage you to contact us in the first instance so that we can try to resolve the issue. You also have the right to lodge a complaint with the Information Commissioner's Office or any other competent data protection supervisory authority.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal or regulatory developments, or for other operational reasons. When we make changes, we will update the date of the latest version and, where appropriate, notify you through our usual communication channels. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.