Privacy Policy - Carpetcleaning Bow

This Privacy Policy explains how Carpetcleaning Bow collects, uses, stores, shares, and protects personal data when providing carpet cleaning and related services. It applies to all Carpetcleaning Bow customers in the area, including individuals who request a quote, make a booking, receive a service, or otherwise interact with us in connection with our cleaning services. We are committed to handling personal data in a lawful, fair, transparent, and secure manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Personal Data We Collect

We only collect personal data that is necessary for our business operations and the delivery of our services. The types of information we may collect include:

  • Identity information: name and, where relevant, business name.
  • Contact information: address, email address, phone number, and service location details.
  • Service information: details about requested cleaning services, property type, carpet condition, cleaning preferences, and appointment notes.
  • Payment information: billing details and transaction records. We do not normally store full card details if payments are processed through secure payment providers.
  • Communication records: messages, emails, booking enquiries, complaints, and feedback.
  • Technical data: limited information such as device type, browser details, and basic log data if you interact with our online systems.

We may also collect special category data only where it is strictly necessary and where an appropriate lawful basis exists, for example if a customer voluntarily shares information relevant to accessibility, health, or safety requirements that affect service delivery. We do not seek to collect unnecessary sensitive information.

2. How We Use Personal Data

We use personal data for the following purposes:

  • to provide carpet cleaning and related services;
  • to arrange quotations, bookings, and service visits;
  • to communicate about appointments, changes, cancellations, and service updates;
  • to process payments and manage invoicing;
  • to handle customer service enquiries, complaints, and aftercare;
  • to maintain business records and meet legal, accounting, and tax obligations;
  • to improve our services, operations, and customer experience;
  • to prevent fraud, misuse, or security incidents;
  • to establish, exercise, or defend legal claims where necessary.

We will only process your data for purposes that are compatible with the original reason it was collected, unless we obtain your consent or are otherwise permitted by law.

3. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for each type of processing. Carpetcleaning Bow relies on the following lawful bases:

  • Contract: when processing is necessary to provide a quotation, fulfil a booking, complete a cleaning service, or manage payments.
  • Legal obligation: when we must keep records for tax, accounting, consumer protection, or other legal requirements.
  • Legitimate interests: when processing is necessary for our legitimate business interests, provided these do not override your rights and freedoms. This may include improving our services, maintaining security, and managing customer relationships.
  • Consent: when you have given clear consent for a specific purpose, such as certain types of marketing or optional data sharing. You may withdraw consent at any time where it is the basis for processing.
  • Vital interests or public task: these are unlikely to apply in ordinary service delivery, but may be used in exceptional circumstances if required by law.

We only rely on the lawful basis that is appropriate to the specific processing activity.

4. Data Sharing and Processors

We do not sell personal data. However, we may share information with trusted third parties who act as processors or independent controllers when needed to operate our business responsibly.

Processors may include:

  • payment service providers who process card or online payments;
  • booking or scheduling systems used to manage appointments;
  • IT service providers that host data, maintain software, or support secure communications;
  • accounting, invoicing, or bookkeeping services;
  • customer support or messaging platforms used to handle enquiries;
  • professional advisers such as accountants, insurers, or legal advisers where necessary.

When we use processors, we ensure that they only process personal data on our instructions, keep it secure, and comply with data protection law. We require appropriate contractual protections and security measures. If data is shared with independent controllers, they are responsible for their own privacy obligations.

We may also disclose information if required to comply with a legal obligation, a court order, law enforcement request, or to protect our rights, customers, staff, or property.

5. International Transfers

Where any processor or service provider stores or accesses data outside the United Kingdom, we will ensure suitable safeguards are in place. These may include adequacy regulations, Standard Contractual Clauses, or other lawful transfer mechanisms. We take steps to ensure that your data remains protected to an appropriate standard wherever it is processed.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, or reporting obligations. Retention periods depend on the nature of the data and the reason for processing.

  • Customer and service records: retained for the period needed to manage the service relationship and resolve any follow-up issues.
  • Financial and accounting records: retained for the period required by tax and accounting law.
  • Communication records: kept for a reasonable period to handle complaints, service queries, or dispute resolution.
  • Marketing preferences: retained until you withdraw consent or object, where applicable.

When personal data is no longer required, we will delete it securely, anonymise it, or archive it in a way that prevents unnecessary access. Retention is reviewed periodically to make sure data is not kept for longer than necessary.

7. Data Security

We use reasonable technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and regular review of our systems and procedures. While no system can be guaranteed completely secure, we work to reduce risks and respond appropriately to incidents.

8. Your Rights

Under data protection law, you have several rights regarding your personal data. These rights may be subject to conditions and exceptions, but we will always assess requests carefully and respond within the required legal timeframe.

Your rights include:

  • Right of access: to request confirmation of whether we process your data and obtain a copy of it.
  • Right to rectification: to request correction of inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to ask us to limit processing in certain situations.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

If you wish to exercise any of these rights, we will verify your identity where appropriate and respond in line with legal requirements. Exercising your rights will not usually affect the core service we provide, unless the data is necessary for that service.

9. Complaints and Supervisory Authority

If you are concerned about how we have handled your personal data, you have the right to raise the matter with us first so that we can review and address it. You also have the right to complain to the UK data protection authority if you believe your data protection rights have been infringed.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, business practices, or the services we provide. Any updated version will apply from the date it is made available. We encourage customers in the Bow area to review this policy periodically so they remain informed about how their personal data is handled.

By using our services, requesting a quote, or making a booking with Carpetcleaning Bow, you acknowledge that your personal data will be processed in accordance with this Privacy Policy and applicable data protection law.

Call Now!
Call Now Get a Quote
Carpetcleaning Bow

GDPR-compliant Privacy Policy for Carpetcleaning Bow covering data collection, lawful basis, retention, processors, rights, and applies to all area customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.