Privacy Policy - Cleaners Pimlico
This Privacy Policy explains how Cleaners Pimlico collects, uses, stores, shares, and protects personal data. It applies to all Cleaners Pimlico customers in the area, including anyone who makes an enquiry, books a service, receives a cleaning appointment, or otherwise interacts with us in connection with our services. We are committed to handling personal information in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Cleaners Pimlico provides domestic and commercial cleaning services. In providing these services, we may act as a data controller for the personal information we collect and use about customers, prospective customers, suppliers, and website or communication users where applicable. This means we decide why and how personal data is processed.
2. Information We Collect
We only collect personal data that is necessary for the purposes described in this policy. The information we may collect includes:
- Identity details: name, title, and, where relevant, company name.
- Contact details: postal address, email address, and telephone number.
- Service information: booking details, service preferences, property access instructions, cleaning requirements, and appointment history.
- Payment information: billing records, payment status, and transaction references. We do not store full payment card details where payment processing is handled by a third-party provider.
- Communication records: messages, notes from phone calls, emails, complaints, and customer feedback.
- Technical information: device and usage data may be collected if you interact with our digital systems, including IP address, browser type, and general analytics data.
- Special instructions: any relevant access, safety, or preference information you choose to provide to help us deliver the service.
We do not intentionally collect more information than is required. Where you provide information relating to other individuals, you should ensure that you are entitled to do so and that they understand this policy where appropriate.
3. How We Use Personal Data
We use personal data for the following purposes:
- to register and manage customer enquiries and bookings;
- to deliver cleaning services at requested premises;
- to communicate about appointments, changes, or service matters;
- to process payments and manage invoicing;
- to maintain internal records, accounts, and service history;
- to handle complaints, disputes, and service follow-up;
- to improve our services, operations, and customer experience;
- to comply with legal and regulatory obligations;
- to protect against fraud, misuse, or security incidents.
We only use data for purposes that are compatible with the reason it was collected, unless we have a lawful basis to use it for another legitimate purpose.
4. Lawful Basis for Processing
Under data protection law, we must have a lawful basis for processing your personal data. Depending on the context, we rely on one or more of the following:
Contract
We process personal data when it is necessary to perform a contract with you or to take steps at your request before entering into a contract. This includes managing bookings, providing services, taking payment, and communicating about the work agreed.
Legal Obligation
We may process data where it is required to comply with legal obligations, such as maintaining financial records, responding to lawful requests, or meeting accounting and tax requirements.
Legitimate Interests
We may process personal data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights and freedoms. This can include service management, internal administration, fraud prevention, record keeping, and improving our operations. We always consider the impact on your privacy before relying on this basis.
Consent
In limited cases, we may rely on consent, for example where you have explicitly agreed to receive certain types of marketing communication or optional updates. If processing is based on consent, you may withdraw it at any time.
5. Sharing and Processors
We may share personal data with trusted third parties where necessary for service delivery, administration, or legal compliance. These third parties act either as independent controllers or as processors acting on our instructions.
Examples of processors and service providers may include:
- IT and cloud service providers that support secure storage, email, scheduling, or record management;
- payment processors that handle financial transactions;
- accountants and bookkeeping providers that assist with financial administration;
- customer management or booking systems used to organise service appointments;
- professional advisers where legal, insurance, or compliance support is needed.
Where we use processors, we ensure appropriate contractual safeguards are in place so that personal data is only processed according to our instructions and with adequate security measures. We do not sell personal data.
We may also disclose information if required by law, to prevent fraud or unlawful activity, to protect our rights, or in connection with a legal claim or dispute.
6. Data Retention
We keep personal data only for as long as necessary for the purpose for which it was collected, including for business administration and legal compliance. Retention periods vary depending on the type of data and the reason we hold it.
As a general approach:
- customer service and booking records are retained for a period needed to manage the relationship and resolve issues;
- financial and accounting records are kept for the period required by law and standard business practice;
- communications and complaints may be retained for a reasonable time to support service review and dispute handling;
- data no longer needed is securely deleted, anonymised, or archived where appropriate.
When determining retention, we consider legal obligations, the nature of the information, and whether it may be needed for insurance, auditing, or defence of legal claims. Once the retention period ends, data is disposed of securely.
7. Data Security
We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, confidentiality obligations, and staff awareness procedures. While no system is completely secure, we work to reduce risk and to respond promptly to any suspected security issue.
8. International Transfers
If personal data is transferred outside the UK, we will make sure suitable safeguards are in place to protect it in line with applicable data protection law. This may include the use of approved contractual clauses or transfers to countries recognised as providing adequate protection.
9. Your Rights
You have a number of rights in relation to your personal data. These rights may be subject to certain conditions and exceptions under data protection law.
- Right of access: you can request a copy of the personal data we hold about you.
- Right to rectification: you can ask us to correct inaccurate or incomplete information.
- Right to erasure: in some cases, you may request deletion of your data.
- Right to restriction: you may ask us to restrict processing in certain circumstances.
- Right to object: you may object to processing based on legitimate interests or to direct marketing.
- Right to data portability: where applicable, you may request your data in a structured, commonly used format.
- Right to withdraw consent: where processing is based on consent, you can withdraw it at any time.
If you wish to exercise any of these rights, we will respond in accordance with data protection law. You may also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data has not been handled properly.
10. Marketing Preferences
Where we send marketing communications, we will do so only when permitted by law. You may opt out of marketing at any time. Service-related messages, such as appointment updates or billing information, are not marketing and may still be sent where necessary for the service.
11. Children
Our services are not directed at children, and we do not knowingly collect personal data from children except where it is provided incidentally in the course of providing services to a household. If we become aware that we have collected data inappropriately, we will take steps to delete or handle it lawfully.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in law, regulation, services, or operational practices. Any updated version will apply from the time it is published or otherwise made available. We encourage customers to review this policy periodically to stay informed about how personal data is handled.
13. Summary of Our Commitment
Cleaners Pimlico is committed to respecting privacy and protecting personal information. We collect only the data needed to provide and manage our services, process it on a lawful basis, share it only with appropriate processors or where legally required, and keep it only for as long as necessary. All Cleaners Pimlico customers in the area are covered by this policy, and their rights under data protection law are fully recognised and supported.