Privacy Policy - Osidge Carpet Cleaners
This Privacy Policy explains how Osidge Carpet Cleaners collects, uses, shares, stores, and protects personal data. It applies to all Osidge Carpet Cleaners customers in the area, including individuals who request quotations, book services, receive cleaning services, make enquiries, or otherwise interact with us in connection with carpet cleaning and related services.
We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is intended to help you understand what data we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have over your personal data.
1. Personal Data We Collect
We only collect personal data that is necessary for the provision of our services, managing our business, and meeting legal obligations. The information we may collect includes:
- Identity details such as your name.
- Contact details such as your address, email address, and phone number.
- Service details including property access information, cleaning preferences, appointment times, service history, and notes relevant to the work requested.
- Payment information such as billing records and payment status. We do not store full card details where payments are handled by secure third-party payment providers.
- Communication records including messages, enquiry details, complaints, and any correspondence related to your booking or service.
- Technical information if you communicate with us electronically, such as basic device or usage information that may be contained in messages, forms, or email systems.
We do not intentionally collect special category data unless you choose to provide it and it is necessary for a specific reason, for example, to inform us of access needs or health-related considerations relevant to the service. Where such data is provided, we will handle it with extra care and only where a lawful basis applies.
2. How We Use Your Data
We use personal data only for specific and legitimate purposes, including:
- providing carpet cleaning and related services;
- managing bookings, quotes, and appointments;
- communicating with you about your service or enquiry;
- processing payments and maintaining accounting records;
- handling complaints, disputes, or service issues;
- maintaining internal records and business administration;
- meeting legal, tax, insurance, and regulatory obligations;
- improving our service quality and operational efficiency.
We will not use your personal data for purposes that are incompatible with the reasons it was collected unless we have a lawful basis to do so and have informed you where required.
3. Lawful Basis for Processing
Under UK GDPR, we must have a lawful basis for each processing activity. The lawful bases we rely on may include:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes preparing a quote, confirming a booking, carrying out carpet cleaning services, processing payments, and communicating about the service.
Legal Obligation
We may process and retain certain information to comply with legal requirements, such as tax records, accounting obligations, insurance requirements, and lawful requests from public authorities.
Legitimate Interests
We may process personal data where it is necessary for our legitimate interests and where those interests are not overridden by your rights and freedoms. This may include managing our customer relationships, preventing fraud, improving services, and maintaining secure business operations.
Consent
In some cases, we may rely on your consent, especially for optional communications or where special category data is involved and consent is the appropriate legal basis. If we rely on consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.
4. Data Sharing and Processors
We may share personal data with trusted third parties who help us operate our business. These parties act as processors when they process data on our behalf and under our instructions. They are required to keep your data secure and to use it only for the agreed purpose.
Examples of processors may include:
- IT and cloud service providers that store emails, documents, booking records, or customer management data.
- Payment service providers that process transactions securely.
- Accounting and bookkeeping providers that help manage financial records.
- Communication service providers that support email, messaging, or scheduling functions.
- Professional advisers such as insurers, accountants, or legal advisers where necessary.
We may also share data where required by law, for example with tax authorities, regulators, law enforcement, or courts. Any transfer of personal data is limited to what is necessary and carried out with appropriate safeguards.
We do not sell your personal data.
5. Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, or reporting requirements. The exact retention period depends on the type of data and the reason it is held.
In general:
- customer and service records may be retained for the duration of the business relationship and for a reasonable period afterwards;
- invoices, payment records, and tax-related information are typically kept for the period required by law;
- complaint and correspondence records may be retained for as long as needed to resolve issues and manage potential claims;
- information collected with consent will be kept until consent is withdrawn or it is no longer needed.
When data is no longer required, it will be securely deleted, anonymised, or destroyed.
6. Data Security
We take appropriate technical and organisational measures to protect personal data from accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures may include access controls, secure storage, password protection, staff confidentiality obligations, and careful selection of processors. While we aim to protect your information, no system can be guaranteed as completely secure.
7. Your Rights
Under data protection law, you have several rights regarding your personal data. These include:
- Right of access – you may request a copy of the personal data we hold about you.
- Right to rectification – you may ask us to correct inaccurate or incomplete data.
- Right to erasure – in certain circumstances, you may request deletion of your data.
- Right to restriction – you may ask us to limit how we use your data in certain situations.
- Right to object – you may object to processing based on legitimate interests.
- Right to data portability – where applicable, you may request transfer of data you provided to us.
- Right to withdraw consent – if we rely on consent, you may withdraw it at any time.
If you wish to exercise any of these rights, we may need to verify your identity before responding. We aim to respond within the time limits required by law.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you believe your data has been handled improperly. However, we encourage you to raise any concerns with us first so we can try to resolve the matter.
8. Children’s Data
Our services are generally intended for adults. We do not knowingly collect personal data from children except where it is incidentally provided by an adult customer as part of arranging a service. If we become aware that we have collected children’s data without an appropriate basis, we will take reasonable steps to delete it.
9. International Transfers
If any processor or service provider stores or accesses data outside the UK, we will ensure that appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or equivalent lawful transfer mechanisms designed to protect your personal data.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or operational needs. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how their data is handled.
11. Summary of Key Principles
Osidge Carpet Cleaners is committed to lawful and transparent data handling. We collect only the information needed to provide our services and manage our business, use it for clear purposes, store it for no longer than necessary, and protect it with appropriate safeguards. We work with trusted processors under contractual controls and respect your rights under UK data protection law.
By using our services, making an enquiry, or entering into a booking with us, you acknowledge that your personal data will be handled in accordance with this Privacy Policy and applicable data protection law.