Elephant and Castle Carpet Cleaners Privacy Policy

This Privacy Policy explains how Elephant and Castle Carpet Cleaners collects, uses, stores, and protects personal data in connection with our carpet cleaning and related services. It applies to all customers and prospective customers of Elephant and Castle Carpet Cleaners in the Elephant and Castle area.

We are committed to handling personal data in accordance with the United Kingdom General Data Protection Regulation and the Data Protection Act 2018. By using our services or contacting us about our services, you acknowledge that you have read and understood this Privacy Policy.

Personal Data We Collect

We collect and process different types of personal data depending on how you interact with us and which services you use. The main categories of personal data we may collect are:

Identification and contact details, such as your name, address, and preferred contact details.

Service and booking information, such as details of the services you request, appointment dates and times, property access instructions that you choose to provide, and any specific cleaning requirements.

Payment and billing information, such as billing address and limited transaction details necessary to process payments, in accordance with the security practices of our payment processors.

Communication records, such as information contained in messages, feedback, complaints, and other correspondence between you and Elephant and Castle Carpet Cleaners.

Technical and usage data, such as information about how you interact with our website or online booking tools, including basic device and browser information, and activity logs where applicable.

How We Collect Personal Data

We may collect personal data in the following ways:

Directly from you when you request a quote, make a booking, contact us by phone or through online forms, or communicate with our staff in person.

Automatically when you use our website, through the use of basic cookies or similar technologies, to help us understand website performance and service demand.

From third parties where lawfully permitted, for example where a managing agent, landlord, or another party books services on your behalf and provides your details so that we can perform the service.

Lawful Basis for Processing

We only process personal data where we have a lawful basis under data protection law. Depending on the context, we may rely on the following:

Performance of a contract: We process personal data as necessary to provide our services, respond to queries, manage appointments, and handle payments.

Compliance with legal obligations: We may process and retain certain data to meet our legal, tax, and accounting obligations, or to respond to lawful requests from regulatory or law enforcement authorities.

Legitimate interests: We may process personal data where it is necessary for our legitimate business interests and where these are not overridden by your rights and interests. This can include improving our services, managing our relationship with you, keeping records of past services, and protecting our business from fraud and other unlawful activities.

Consent: In some limited situations, we may rely on your consent, for example where we wish to send certain types of optional marketing communications. Where we rely on consent, you may withdraw it at any time.

How We Use Personal Data

We may use your personal data for the following purposes:

To provide and manage services, including booking appointments, carrying out carpet cleaning and related work, issuing confirmations, and handling follow-up queries.

To manage payments and billing, including processing transactions, issuing invoices and receipts, and dealing with payment queries or disputes.

To communicate with you, including responding to questions, handling complaints, providing service updates, and contacting you about appointments or access requirements.

To maintain our business records, including logs of services provided, quotations, and communications, for operational, accounting, and audit purposes.

To improve our services, including analysing service trends and customer feedback to help us refine our processes and customer experience.

To ensure security and prevent misuse, including detecting and preventing fraud, unauthorised access to systems, and other unlawful activities.

Data Sharing and Processors

We do not sell your personal data. We may share personal data with third parties only where necessary and lawful, including:

Service providers and processors who act on our behalf and under our instructions, such as IT service providers, website hosting companies, customer management tools, payment processors, and professional advisers. These third parties are bound by contractual obligations to protect your personal data and to use it only for the services they provide to us.

Business partners involved in delivering services, where necessary to carry out our obligations to you. For example, if we use trusted subcontractors or specialist technicians to fulfil a service you have requested, we may share only the data required to perform that service.

Regulators, public authorities, or law enforcement agencies where we are legally required to do so, or where such disclosure is necessary to protect our rights, the rights of our customers, or the rights of others.

Any third party involved in a business transaction, such as a merger, reorganisation, or transfer of services, in which case personal data may be shared as part of the transaction in compliance with data protection laws.

International Data Transfers

Where we use service providers located outside the United Kingdom or the European Economic Area, or where data may be accessed from outside these regions, we will ensure that appropriate safeguards are in place to protect your personal data. This may include relying on adequacy regulations or entering into data protection agreements incorporating recognised standard contractual clauses.

Data Retention

We keep personal data only for as long as it is necessary for the purposes for which it was collected, or for as long as we are required to keep it by law.

In general, we retain customer records, booking details, and related communications for a period that allows us to manage our relationship with you, maintain accurate business and tax records, and address any potential complaints or legal claims. Once data is no longer required, we will securely delete or anonymise it.

Security of Personal Data

We take appropriate technical and organisational measures to protect personal data against unauthorised or unlawful access, accidental loss, destruction, or damage. These measures may include secure systems, restricted access to personal data, staff training, and regular review of our security practices.

While we strive to protect your personal data, no transmission of information over the internet or method of storage is completely secure. You are responsible for ensuring that any personal data you provide to us is sent in a secure manner that you are comfortable with.

Your Data Protection Rights

As a customer in the Elephant and Castle area, you have a number of rights under data protection law. Subject to certain conditions and limitations, these include:

Right of access: You have the right to request confirmation of whether we hold personal data about you and, if so, to request a copy of that data and certain related information.

Right to rectification: You have the right to request correction of any inaccurate or incomplete personal data we hold about you.

Right to erasure: In certain circumstances, you have the right to ask us to delete your personal data, for example where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent and no other legal basis applies.

Right to restriction: You may have the right to request that we restrict the processing of your personal data, for example while we are verifying its accuracy or considering an objection you have raised.

Right to object: You may have the right to object to the processing of your personal data where we rely on legitimate interests, including any direct marketing activities.

Right to data portability: In certain cases, you may request that we provide your personal data in a structured, commonly used, and machine-readable format, or that we transmit it directly to another controller where technically feasible.

If you wish to exercise any of these rights, you can contact us using the contact methods you normally use for our services. We may need to verify your identity before responding to your request.

Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data protection practices. The updated version will apply from the date it is published. We encourage you to review this Privacy Policy periodically to stay informed about how we handle your personal data.

This Privacy Policy applies to all Elephant and Castle Carpet Cleaners customers and prospective customers in the Elephant and Castle area who use, or express interest in, our carpet cleaning and related services.