Privacy Policy - Northwood Carpet Cleaners

This Privacy Policy explains how Northwood Carpet Cleaners collects, uses, stores, shares, and protects personal data. It applies to all Northwood Carpet Cleaners customers in the area, including current, former, and prospective customers who enquire about or receive carpet cleaning and related services. We are committed to handling personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Northwood Carpet Cleaners provides carpet cleaning and related domestic and commercial cleaning services. In the course of operating our business, we may collect and process personal data about customers, property occupants, account holders, and other individuals who interact with us. This policy describes the categories of data we collect, the reasons we process it, and the rights available to individuals under data protection law.

2. Personal Data We Collect

We only collect personal data that is necessary for delivering our services, managing customer relationships, meeting legal obligations, and improving our operations. Depending on the circumstances, we may collect the following information:

  • Identity information such as name, title, and, where applicable, business name.
  • Contact information such as address, telephone number, and email address.
  • Service details such as property access notes, preferred appointment times, service history, and cleaning requirements.
  • Payment information such as billing details, transaction records, and payment status. We do not store more payment data than is necessary to complete transactions and maintain records.
  • Communication records including enquiries, complaints, feedback, quotes, and correspondence.
  • Technical data if you interact with us through digital systems, such as device information, browser type, and basic usage data.
  • Special category data only where strictly necessary and where you have provided it or where another lawful basis applies, for example information relating to access requirements or health-related notes relevant to service delivery and safety.

We do not intentionally collect unnecessary personal data. Where we receive information that is not relevant to our services, we will only keep it if we have a lawful reason to do so.

3. How We Use Your Data

Northwood Carpet Cleaners processes personal data for the following purposes:

  • to respond to enquiries and provide quotations;
  • to schedule, deliver, and manage carpet cleaning services;
  • to communicate about bookings, service changes, or follow-up issues;
  • to issue invoices, process payments, and keep financial records;
  • to maintain service quality, handle complaints, and improve customer experience;
  • to meet legal, tax, insurance, and regulatory obligations;
  • to protect our business, staff, customers, and property from fraud or misuse;
  • to store records necessary for business administration and audit purposes.

We will not use your personal data for purposes that are incompatible with the original reason it was collected unless we have a valid legal basis to do so.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for each processing activity. Northwood Carpet Cleaners relies on the following bases:

Contract

We process personal data when it is necessary to take steps at your request before entering into a contract or to perform a contract with you. This includes managing bookings, carrying out cleaning services, issuing invoices, and handling customer service matters directly connected to the service.

Legal obligation

We may process personal data where required to comply with legal obligations, including tax, accounting, record-keeping, insurance, and other statutory requirements.

Legitimate interests

We may process personal data where it is necessary for our legitimate business interests, provided that your interests and fundamental rights do not override those interests. This may include improving service quality, preventing fraud, managing internal administration, and maintaining business records.

Consent

Where required, we may rely on your consent. For example, if we process certain optional information or send marketing communications where consent is the appropriate lawful basis, you may withdraw your consent at any time. Withdrawal does not affect processing carried out before consent was withdrawn.

Vital interests and public interest

These bases are unlikely to apply in most routine customer interactions, but where relevant and lawful we may process data if necessary to protect someone’s vital interests or where otherwise permitted by law.

5. Data Sharing and Processors

We may share personal data only when necessary and only with appropriate safeguards. Some third parties act as processors, meaning they process data on our behalf under our instructions. Others may act as independent controllers in their own right. Categories of processors and service providers may include:

  • Payment processors that handle card or electronic payment transactions.
  • Booking and administration providers that help manage appointments, records, and scheduling.
  • IT and cloud service providers that store data securely and support business systems.
  • Accounting and bookkeeping providers that support financial administration and tax compliance.
  • Customer communication tools used to send service updates or respond to enquiries.
  • Professional advisers such as insurers, lawyers, auditors, or tax advisers where necessary.

We require processors to protect personal data, use it only for the specified purpose, and keep it confidential. Where data is disclosed to third parties for legal or operational reasons, we only share the minimum necessary information.

6. International Transfers

If any of our processors store or access data outside the UK, we will ensure appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms recognised under data protection law. We will take reasonable steps to ensure that transferred data remains protected to a standard consistent with UK GDPR.

7. Data Retention

We keep personal data only for as long as is necessary for the purpose for which it was collected, or for any other lawful purpose that applies. Retention periods depend on the type of information, the nature of the service, and legal requirements.

  • Customer and service records are generally retained for the duration of the customer relationship and for a further period where needed for administration, complaint handling, or legal claims.
  • Financial and tax records are retained for the period required by law, typically for accounting and tax compliance purposes.
  • Communication records may be retained for a reasonable period to manage service quality, evidence agreements, or resolve disputes.
  • Marketing records are retained until consent is withdrawn or until we determine they are no longer needed.

When data is no longer required, we will delete, anonymise, or securely archive it in line with our retention procedures.

8. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data from unauthorised access, accidental loss, misuse, or alteration. These measures may include access controls, password protection, secure storage, confidentiality obligations, and regular review of our data handling practices. While no system is completely secure, we take reasonable steps to reduce the risk of a data breach and to respond appropriately if one occurs.

9. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. Subject to legal limits, these include:

  • The right to be informed about how your data is collected and used.
  • The right of access to request a copy of the personal data we hold about you.
  • The right to rectification to correct inaccurate or incomplete information.
  • The right to erasure, also known as the right to be forgotten, in certain circumstances.
  • The right to restrict processing in certain situations.
  • The right to data portability where processing is based on consent or contract and carried out by automated means.
  • The right to object to processing based on legitimate interests or direct marketing.
  • Rights related to automated decision-making where applicable.

If you wish to exercise any of these rights, we may need to verify your identity before responding. We will respond within the time limits required by law unless an extension is permitted due to the complexity or number of requests.

10. Complaints and Further Information

If you have concerns about how we handle personal data, you should contact us using the details provided through our normal business channels. You also have the right to complain to the Information Commissioner’s Office (ICO) if you believe your data protection rights have been infringed.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. Any updated version will apply from the date it is published or otherwise made available. We encourage you to review this policy periodically so that you remain informed about how your data is handled.

By using Northwood Carpet Cleaners’ services, you acknowledge that your personal data may be processed in accordance with this Privacy Policy and applicable data protection law.

Northwood Carpet Cleaners

GDPR-compliant privacy policy for Northwood Carpet Cleaners covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.