Privacy Policy - Deep Cleaning Westminster
This Privacy Policy explains how Deep Cleaning Westminster collects, uses, stores, shares, and protects personal data when providing services to customers in the Westminster area. It applies to all Deep Cleaning Westminster customers in the area, including anyone who requests a quote, books a service, communicates with us, or otherwise engages with our cleaning services. We are committed to handling personal data in a lawful, fair, and transparent way in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Deep Cleaning Westminster acts as the data controller for the personal data described in this policy. This means we determine why and how your personal data is used. We take our responsibilities seriously and aim to process only the data necessary to deliver our services, maintain records, meet legal obligations, and improve our operations.
2. Data We Collect
We may collect and process different types of personal data depending on how you interact with us and which services you request. The categories of data we may collect include:
- Identity data such as your name, title, and, where relevant, company or property name.
- Contact data such as your address, email address, and telephone number.
- Service data such as details about the property, cleaning requirements, appointment times, instructions, and any preferences you provide.
- Payment data such as billing information and transaction records, where payments are arranged through our service processes.
- Communication data such as messages, enquiries, complaints, feedback, and notes from telephone or written correspondence.
- Technical data such as basic internet protocol information and device details when you interact with us through digital systems.
- Usage and operational data related to quotations, bookings, service history, invoicing, and customer administration.
We do not intentionally collect special category data unless it is necessary and you choose to provide it. If such data is ever shared with us, we will process it only where a lawful basis exists and appropriate safeguards are in place.
3. How We Collect Personal Data
We may collect personal data directly from you when you:
- request a quote or make an enquiry;
- book or amend a cleaning service;
- communicate with our team;
- provide feedback or make a complaint;
- pay for services or request an invoice;
- enter into a service agreement with us.
We may also receive data from third parties where necessary for service delivery, such as payment providers, referral partners, or property managers acting on your behalf. Where we receive data from a third party, we expect them to have a lawful basis for sharing it with us.
4. Why We Use Your Data
We use personal data for the following purposes:
- to provide cleaning services and manage bookings;
- to prepare quotations and service arrangements;
- to communicate with customers about appointments, changes, and service updates;
- to process payments, manage invoices, and maintain accounts;
- to respond to enquiries, complaints, and support requests;
- to maintain internal records and improve service quality;
- to comply with legal, accounting, and regulatory obligations;
- to defend or establish legal claims where necessary.
We only use your personal data where we have a valid reason to do so and do not use it in ways that are incompatible with the original purpose for which it was collected.
5. Lawful Basis for Processing
Under the UK GDPR, we must have a lawful basis to process personal data. Depending on the context, we may rely on one or more of the following:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes taking bookings, delivering cleaning services, issuing invoices, and managing customer accounts.
Legal Obligation
We may process certain information where required to comply with legal obligations, such as tax rules, accounting requirements, record-keeping duties, and responding to lawful requests from authorities.
Legitimate Interests
We may use personal data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights and freedoms. This may include maintaining service records, improving operations, preventing fraud, and handling customer communication. When we rely on legitimate interests, we consider whether the use is proportionate and appropriate.
Consent
In limited cases, we may rely on your consent, for example if a specific optional use of data requires it. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
6. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including service delivery, legal compliance, accounting, dispute resolution, and record management. Retention periods depend on the type of data and the reasons for keeping it.
In general, we may retain customer and transaction records for a period that is reasonably required under applicable legal and financial obligations. Communication records may be retained for as long as needed to respond to queries, manage ongoing customer relationships, or resolve disputes. Once data is no longer needed, it will be securely deleted, anonymised, or otherwise disposed of in a safe and appropriate manner.
Deep Cleaning Westminster reviews retention practices periodically to ensure data is not kept longer than necessary.
7. Processors and Third Parties
We may share personal data with trusted processors and third parties who support our business operations. These parties process data on our behalf and only according to our instructions. They are required to protect personal data and to use it only for the agreed purposes.
Examples of processors and service providers may include:
- Payment service providers for handling transactions and billing support;
- IT and hosting providers for storing and maintaining business systems;
- Administrative support services for scheduling, record management, or customer communication;
- Professional advisers such as accountants, legal advisers, or auditors where necessary;
- Regulatory, tax, or government bodies where disclosure is required by law.
We do not sell personal data. If data is transferred outside the UK, we will ensure appropriate safeguards are in place in accordance with data protection law.
8. Data Security
We use appropriate technical and organisational measures to protect personal data against accidental loss, unlawful access, alteration, disclosure, or destruction. These measures may include access controls, secure storage, staff confidentiality obligations, and data minimisation practices. While no system can be guaranteed fully secure, we work to maintain a level of protection suitable to the nature of the data we process.
9. Your Rights
As a data subject under the UK GDPR, you have a number of rights in relation to your personal data. These rights may not always apply in every situation, but we will assess each request carefully and respond in accordance with the law.
- Right of access – you can request a copy of the personal data we hold about you.
- Right to rectification – you can ask us to correct inaccurate or incomplete data.
- Right to erasure – in some cases, you can ask us to delete your personal data.
- Right to restriction – you can request that we limit how we use your data in certain circumstances.
- Right to object – you can object to processing based on legitimate interests or direct marketing, where applicable.
- Right to data portability – you can request that we provide certain data in a structured, commonly used format where technically feasible.
- Right to withdraw consent – if we rely on consent, you may withdraw it at any time.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has been handled unlawfully. We encourage you to raise concerns with us first so we can try to resolve the matter promptly and fairly.
10. Children’s Data
Our services are intended for adults and are not directed at children. We do not knowingly collect personal data from children unless it is necessary in connection with a service request and handled appropriately by an adult customer or authorised representative.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in legal requirements, operational practices, or service arrangements. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to remain informed about how their personal data is handled.
12. Summary of Our Commitment
Deep Cleaning Westminster is committed to processing personal data responsibly, lawfully, and transparently. We collect only the information needed to deliver our services, rely on appropriate lawful bases, retain data for no longer than necessary, use trusted processors under appropriate safeguards, and respect the rights of every customer in the Westminster area. Our approach is designed to ensure that your information is handled with care, accountability, and respect for your privacy.