Privacy Policy

This Privacy Policy explains how personal data is collected, used, disclosed, stored, and protected in relation to services provided to customers in the area. It applies to all customers in the area and is intended to reflect principles required under the General Data Protection Regulation (GDPR). By using the services, you acknowledge that your personal data may be processed as described in this Policy.

1. Scope of This Policy

This Policy applies to all customers in the area, including individuals who purchase, register for, access, or otherwise use the services. It also applies to information collected through customer support, account management, transactions, communications, and related interactions. Where personal data is processed, this Policy explains the purposes, lawful bases, retention periods, recipient categories, and rights available to you under applicable law.

2. Data We Collect

We collect only the personal data necessary to operate, maintain, and improve the services, to manage customer relationships, and to comply with legal obligations. Depending on how you interact with us, the categories of data may include:

  • Identity data: such as your name, username, or similar identifier.
  • Contact data: such as address details or other information needed to manage service delivery.
  • Transaction data: such as records of purchases, payments, invoices, and service history.
  • Account data: such as login credentials, account settings, preferences, and profile details.
  • Communication data: such as messages, inquiries, complaints, and correspondence.
  • Technical data: such as device type, browser type, IP address, access times, and diagnostic information.
  • Usage data: such as interaction patterns, feature use, and service performance information.
  • Compliance data: such as records needed to meet legal, accounting, tax, or regulatory requirements.

We do not intentionally collect special category data unless required by law or unless you voluntarily provide it in a context where it is necessary and lawful to process it. If such information is processed, we do so only in accordance with GDPR requirements and with appropriate safeguards.

3. How We Use Personal Data

Personal data is used for specific and legitimate purposes. These may include:

  • providing and managing services requested by customers;
  • creating and administering accounts;
  • processing payments and completing transactions;
  • communicating important service updates and administrative notices;
  • responding to inquiries, complaints, and support requests;
  • maintaining security, preventing fraud, and detecting misuse;
  • improving service quality, reliability, and user experience;
  • meeting legal, tax, accounting, and regulatory obligations;
  • establishing, exercising, or defending legal claims.

Where appropriate, data may also be used in a pseudonymised or aggregated form for analysis and service improvement. We will not use personal data for purposes that are incompatible with the original purposes without ensuring a valid lawful basis and, where required, additional notice.

4. Lawful Basis for Processing

Under GDPR, we process personal data only where a lawful basis applies. Depending on the context, our lawful bases may include:

  • Contract: processing is necessary to enter into or perform a contract with you, or to take steps at your request before entering into a contract.
  • Legal obligation: processing is necessary to comply with applicable laws, regulations, tax rules, accounting requirements, or lawful requests from authorities.
  • Legitimate interests: processing is necessary for our legitimate interests, provided these are not overridden by your rights and freedoms. This may include service improvement, security, fraud prevention, and business administration.
  • Consent: in limited situations, we may rely on your consent, for example where the law requires it. You may withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

When we rely on legitimate interests, we consider the nature of the data, the processing purpose, the impact on individuals, and whether less intrusive means are available. We document these assessments and apply safeguards where necessary.

5. Sharing and Processors

We may share personal data with trusted third parties that act as processors or, in certain cases, independent controllers. Processors are only permitted to process data on our documented instructions and must implement suitable technical and organisational measures to protect it.

Categories of processors may include:

  • IT and hosting providers: for data storage, system administration, and infrastructure support;
  • payment service providers: for transaction processing and payment verification;
  • customer support tools: for handling inquiries and service communications;
  • security and fraud prevention providers: for monitoring and protecting systems;
  • professional advisers: such as legal, accounting, or audit advisers when necessary;
  • compliance or regulatory service providers: where required for lawful operations.

We may also disclose personal data where required by law, court order, or regulatory request, or where necessary to protect our rights, the rights of customers, or the security of the services. If data is transferred outside the European Economic Area, appropriate safeguards will be used, such as standard contractual clauses or another valid transfer mechanism under GDPR.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, tax, and regulatory obligations. Retention periods vary depending on the type of data and the context of processing.

In general:

  • account and service data are retained for the duration of the customer relationship and for a reasonable period afterward;
  • transaction and financial records are retained for periods required by law or accounting standards;
  • customer support records are retained for as long as needed to resolve the matter and document outcomes;
  • technical and security logs are retained for a limited period unless a longer period is needed for investigation or compliance;
  • data subject rights requests and related correspondence may be retained as evidence of compliance.

When personal data is no longer needed, it will be deleted, anonymised, or securely archived in line with our retention practices. Retention decisions are based on necessity, legal requirements, and risk management.

7. Your Rights Under GDPR

If you are a customer in the area and your personal data is processed under GDPR, you have specific rights. Subject to legal limitations, these rights may include:

  • Right of access: to obtain confirmation of whether your data is processed and receive a copy of it.
  • Right to rectification: to request correction of inaccurate or incomplete data.
  • Right to erasure: to request deletion of data where legal grounds apply.
  • Right to restriction: to request limited processing in certain circumstances.
  • Right to data portability: to receive data you provided in a structured, commonly used format, where applicable.
  • Right to object: to object to processing based on legitimate interests or direct marketing, where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.
  • Right not to be subject to solely automated decisions: where applicable, you have protections against decisions based solely on automated processing that produce legal or similarly significant effects.

To protect your privacy, we may request information necessary to verify your identity before responding to a rights request. We will respond within the timeframes required by law and may extend the period where permitted due to complexity or volume. Your rights remain applicable even if data is stored or processed by a processor on our behalf.

8. Data Security

We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, alteration, disclosure, or destruction. These measures may include access controls, encryption where suitable, confidentiality obligations, secure configurations, monitoring, and staff training. Although no system can be guaranteed to be completely secure, we regularly review safeguards to maintain an appropriate level of protection.

9. Children’s Data

The services are not intended for children unless explicitly stated otherwise. We do not knowingly collect personal data from children without appropriate legal basis and safeguards. If we learn that personal data has been collected unlawfully from a child, we will take reasonable steps to delete it or otherwise process it in accordance with applicable law.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or technical changes. Any revised version will apply from the date it becomes effective. We encourage customers in the area to review this Policy periodically so they remain informed about how their personal data is processed.

11. Summary of Core Principles

Data Minimisation

We collect only the personal data needed for defined and lawful purposes.

Purpose Limitation

Personal data is used only for the purposes explained in this Policy or for compatible purposes permitted by law.

Accuracy

We take reasonable steps to keep personal data accurate and up to date.

Storage Limitation

We do not keep data longer than necessary.

Accountability

We maintain records and controls designed to demonstrate GDPR compliance.

This Privacy Policy applies to all customers in the area. By continuing to use the services, you acknowledge that you have read and understood this Policy and that your personal data will be processed in accordance with it.

Call Now!
Call Now Get a Quote
Kingston Upon Thames Carpet Cleaners

GDPR Privacy Policy covering data collection, lawful bases, retention, processors, user rights, security, and applicability to all customers in the area.

Get a Quote

What Our Customers Say

Excellent on Google
4.9 (10)

Superb work by Cleaning Firm Kingston upon Thames for our end of tenancy cleaning today. Friendly team, went above and beyond, and left the property sparkling clean everywhere. Thank you!

Google Logo
B

The cleaner was timely and really pleasant, tackling even the most stubborn stains. I have no hesitation recommending them!

Google Logo
G

Workers completed their task quickly and courteously, explained the whole process, and did an excellent job for a fair price.

Google Logo
M

Extremely efficient and polite staff who communicated clearly and did fantastic work at a price better than expected.

Google Logo
K

Exceptional service from Upholstery Cleaning Services Kingston upon Thames; very professional and dependable for house cleaning. Highly recommend.

Google Logo
I

Seamless experience all the way through. The end of tenancy and carpet cleaning were flawless. Exceptional customer service and attractive pricing.

Google Logo
D

Having booked different cleaners, this service truly stands out. The team was punctual and left my place looking the cleanest it's ever been.

Google Logo
J

After years of service, End of Tenancy Cleaners Kingston upon Thames continues to provide excellent cleaning for our home. The staff is always reliable, trustworthy, and efficient. Highly recommended!

Google Logo
K

Unbeatable cleaning! The team was both diligent and courteous. The spotless results left me impressed, and their updates made it an easy experience.

Google Logo
B

My flat was desperately in need of cleaning, so I scheduled a deep clean with KingstonUponThamesCarpetCleaners. The cleaner was detailed and careful, making every surface and appliance look fantastic.

Google Logo
K

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.