Privacy Policy - Blackfen Carpet Cleaners
This Privacy Policy explains how Blackfen Carpet Cleaners collects, uses, stores, shares, and protects personal data. It applies to all Blackfen Carpet Cleaners customers in area, including anyone who enquires about, books, receives, or pays for our carpet cleaning and related services. We are committed to handling personal data in a lawful, fair, and transparent way in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Blackfen Carpet Cleaners provides professional cleaning services for domestic and commercial customers. In the course of delivering these services, we may process personal data about customers, property occupants, and other relevant individuals where necessary. We only collect data that is relevant and proportionate to the services requested and the administration of our business.
2. Information We Collect
We may collect and process the following categories of personal data:
- Identity details: name, title, and any information needed to identify you as a customer or contact.
- Contact details: address, telephone number, and email address.
- Service details: property type, cleaning requirements, room or area information, access instructions, and appointment preferences.
- Payment and transaction data: records of payments made, invoices, and related accounting information.
- Communication data: messages, feedback, complaints, and records of correspondence.
- Technical data: limited information collected through our digital systems, such as device or browser details if you communicate with us electronically.
- Special category data: we do not intentionally collect special category data. If such data is incidentally shared with us, we will only process it where required and permitted by law.
We do not collect more information than we need. Data minimisation is an important principle in the way we operate.
3. How We Use Personal Data
We use personal data for the following purposes:
- to provide quotes, manage bookings, and deliver cleaning services;
- to communicate with customers about appointments, service changes, or customer support;
- to process payments and maintain financial records;
- to handle complaints, disputes, and service follow-up;
- to improve our services, staff training, and customer experience;
- to comply with legal, tax, insurance, and regulatory obligations;
- to maintain internal records and business administration.
We will only use your data for the purpose for which it was collected, unless we reasonably consider that we need to use it for another compatible purpose and the law allows us to do so.
4. Lawful Basis for Processing
Under UK GDPR, we must have a lawful basis before processing personal data. Blackfen Carpet Cleaners relies on the following lawful bases:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes preparing quotes, confirming bookings, delivering services, and managing invoices.
Legitimate Interests
We may process personal data where it is necessary for our legitimate business interests, provided your interests and rights do not override those interests. Examples include business administration, service quality monitoring, record keeping, and responding to customer queries.
Legal Obligation
We may process personal data to comply with legal duties, such as accounting, tax, insurance, or record retention requirements.
Consent
In limited circumstances, we may rely on your consent, for example where it is required for a specific optional activity. Where consent is used, you may withdraw it at any time.
We will always ensure the lawful basis used is appropriate to the specific processing activity.
5. Data Sharing and Processors
We may share personal data with trusted third parties that help us operate our business. These parties act as processors or independent controllers depending on the service they provide. We only share the minimum data necessary and require appropriate safeguards.
Typical processors may include:
- IT and hosting providers that store data or support email and record systems;
- payment service providers that process card or electronic payments;
- accounting or bookkeeping services that assist with financial records and compliance;
- customer communication tools used to manage bookings or messages;
- professional advisers such as insurers, legal advisers, or auditors where needed.
We may also disclose data where required by law, by a court order, or to protect our rights, customers, staff, or property. We do not sell personal data.
6. International Transfers
If any processor stores or accesses personal data outside the United Kingdom, we will ensure suitable safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms recognised under data protection law.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, including legal, accounting, and reporting obligations. Retention periods depend on the type of data and the reason it is held. For example:
- customer booking and service records are kept for a reasonable period to manage repeat services, complaints, and service history;
- financial and tax records are kept for the period required by law;
- communication records are retained while relevant to ongoing service, administration, or dispute handling.
When personal data is no longer needed, we will securely delete it or anonymise it so that it can no longer identify you.
8. Data Security
We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff awareness, and limited sharing on a need-to-know basis. While no method of storage or transmission is completely secure, we work to protect your information using reasonable and proportionate safeguards.
9. Your Rights
Under data protection law, you have a number of rights in relation to your personal data. These include:
- Right of access: you may request a copy of the personal data we hold about you;
- Right to rectification: you may ask us to correct inaccurate or incomplete data;
- Right to erasure: in certain circumstances, you may ask us to delete your personal data;
- Right to restriction: you may request that we limit how we use your data;
- Right to object: you may object to processing based on legitimate interests or direct marketing where applicable;
- Right to data portability: where applicable, you may request that certain data be provided in a structured, commonly used format;
- Right to withdraw consent: if we rely on consent, you may withdraw it at any time.
To exercise any of these rights, you may contact us using the details provided through our normal business channels. We may need to verify your identity before responding. We aim to respond within one month, unless the request is complex or numerous.
10. Children’s Data
Our services are directed to adults, and we do not knowingly collect data from children except where it is incidentally necessary for service delivery in a domestic setting. If we become aware that we have collected children’s data unlawfully, we will take appropriate steps to delete or safeguard it.
11. Automated Decision-Making
We do not use personal data for fully automated decision-making that produces legal or similarly significant effects. Any business decisions involving customer data are made with human oversight.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal obligations. The most current version will apply to all personal data we process. We encourage customers to review it periodically to stay informed about how we use and protect personal data.
13. Complaints
If you have concerns about how your personal data is handled, you have the right to raise a complaint with the relevant data protection authority. We also encourage you to raise concerns with us first so that we can try to resolve the issue promptly and fairly.
Summary principle: Blackfen Carpet Cleaners only processes personal data when necessary, uses it lawfully, keeps it secure, retains it only as long as needed, and respects your rights under data protection law.