Brompton Carpet Cleaners Privacy Policy

This Privacy Policy explains how Brompton Carpet Cleaners collects, uses, stores and protects personal data relating to customers and prospective customers within the Brompton Carpet Cleaners service area. It is designed to comply with the UK General Data Protection Regulation and, where applicable, the EU General Data Protection Regulation. By using our services, you acknowledge that you have read and understood this Privacy Policy.

Scope of this Privacy Policy

This Privacy Policy applies to all individual customers and business customers who make enquiries, request quotations or purchase services from Brompton Carpet Cleaners in our service area. It applies whether you contact us in person, by post, through our website, or by any other means of communication that we make available from time to time.

Data Controller

Brompton Carpet Cleaners is the data controller in respect of the personal data that we collect and process about you for the purposes described in this Privacy Policy. As data controller, we determine the purposes and means of processing your personal data and are responsible for ensuring that such processing complies with applicable data protection law.

Personal Data We Collect

We only collect personal data that is relevant and necessary for providing our services and managing our relationship with you. The types of personal data we may collect include the following categories.

Identification and contact details such as your name, billing address, service address, and any other contact information you choose to provide. Service information such as property type, room sizes, flooring types, and any relevant information you give us about the condition of carpets, rugs, upholstery or other items to be cleaned. Communication records such as your enquiries, requests, complaints, feedback, and our related responses, including notes from phone conversations or in-person visits. Transaction and billing information such as details of the services you purchase, prices, dates of service, payment status and basic payment references. We do not store full payment card details when payment is taken through third-party payment service providers.

We may also collect technical usage information when you visit our website, such as your IP address, browser type, pages visited and the date and time of your visit. This is typically collected through standard logging technologies and is used to help us maintain the security and performance of our website.

How We Collect Your Data

We collect personal data directly from you when you contact us to request information, a quotation or a booking, when you enter into a contract with us for cleaning services, when you communicate with us for customer service purposes, or when you provide feedback or reviews. We may also receive information from publicly available sources, or from third-party referrers or platforms where you have indicated that you wish to engage our services.

Purposes and Lawful Basis for Processing

We process your personal data only when we have a lawful basis for doing so. The main purposes and associated lawful bases are set out below.

To provide quotes and perform our services. We use your identification, contact and service information to prepare quotations, accept bookings, schedule and deliver cleaning services, and manage any follow-up visits. The lawful basis for this processing is that it is necessary to take steps at your request prior to entering into a contract and to perform a contract with you.

To manage billing and payments. We process transaction and billing data to issue invoices, record payments, and manage any outstanding balances. The lawful basis for this is the performance of a contract and compliance with legal obligations relating to accounting and taxation.

To communicate with you. We use your contact details and communication records to respond to your enquiries, provide service updates and handle complaints or queries. The lawful basis for this is the performance of a contract or steps taken at your request prior to entering into a contract, and our legitimate interests in providing good customer service and resolving issues.

To maintain and improve our services. We may use anonymised or aggregated information derived from your data to improve our services, train staff and enhance customer experience. The lawful basis is our legitimate interests in developing and growing our business, while ensuring that your rights and freedoms are respected.

To send marketing communications. We may occasionally contact you with information about services that are similar to those you have previously purchased. The lawful basis for this is our legitimate interests in promoting our services. Where required by law, or if we wish to send other types of marketing, we will obtain your consent, which you can withdraw at any time.

To comply with legal and regulatory requirements. We may process your personal data to meet our legal obligations, including record keeping, responding to lawful requests from public authorities and defending legal claims. The lawful basis is compliance with legal obligations and our legitimate interests in protecting our business.

Data Retention

We keep personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, and to satisfy any legal, accounting or reporting requirements. In general, we retain key customer and transaction records for a period required by tax and accounting laws. Quotations and enquiry records may be retained for a shorter period, typically long enough to manage follow-up enquiries and maintain accurate records of our business activities.

When personal data is no longer needed, we will securely delete or anonymise it, so that you can no longer be identified from the information. In some cases, we may retain minimal information, such as your name and basic service history, in an archived form where this is necessary to resolve disputes, enforce our agreements or defend legal claims.

Use of Data Processors and Third Parties

We may engage carefully selected third-party service providers to process personal data on our behalf. These providers act as data processors and are only allowed to process your data in accordance with our instructions and for the purposes we specify.

Data processors may include companies that provide booking or scheduling tools, payment processing services, accounting and invoicing systems, website hosting and maintenance, email or messaging platforms, and secure document storage. We ensure that all processors are bound by appropriate contractual obligations, including duties of confidentiality, data security and data protection compliance.

We do not sell your personal data. We will only share your personal data with third parties where this is necessary for the purposes described in this Privacy Policy, where you have given your consent, or where we are required to do so by law or in connection with legal proceedings.

International Transfers

Where our service providers or their systems are located outside the United Kingdom or the European Economic Area, your personal data may be transferred to and processed in those countries. In such cases, we will ensure that appropriate safeguards are in place to protect your personal data, such as standard contractual clauses or other legally recognised safeguards, so that your rights continue to be protected.

Data Security

We take reasonable and appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage. These measures may include access controls, staff training, secure storage, regular review of our procedures, and the use of security tools on our digital systems.

While we strive to protect your personal data, no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee absolute security, but we are committed to regularly reviewing and improving our security measures to minimise risks.

Your Data Protection Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights are subject to certain conditions and legal exceptions.

You have the right to access your personal data and to receive a copy of the information we hold about you. You have the right to request correction of any inaccurate or incomplete personal data. You have the right to request the erasure of your personal data in certain circumstances, for example where it is no longer necessary for the purposes for which it was collected and there is no lawful reason for us to continue processing it.

You have the right to request restriction of processing of your personal data where you contest its accuracy, where processing is unlawful or where you object to processing and we are considering that objection. You have the right to object to processing of your personal data where we are relying on legitimate interests as the lawful basis, including in relation to direct marketing.

You also have the right to data portability in certain circumstances, which means the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format, and to transmit that data to another controller where this is technically feasible and where the processing is based on your consent or on a contract.

If you wish to exercise any of these rights, you can contact us using the contact details provided on our website or in our customer documentation. We may need to verify your identity before responding to your request, and we aim to respond within the time limits set by law.

Right to Complain

If you have concerns about how we handle your personal data, we encourage you to contact us in the first instance so that we can try to resolve the issue. You also have the right to lodge a complaint with your local data protection authority if you believe your rights have been infringed.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or for other operational reasons. Any updated version will be made available through our usual communication channels. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.