Privacy Policy - Watford Cleaner
Effective date: This Privacy Policy applies to all Watford Cleaner customers in the area and explains how we collect, use, store, share, and protect personal data in accordance with the UK GDPR and the Data Protection Act 2018.
We are committed to handling personal data fairly, lawfully, and transparently. This policy is written to help you understand what information we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have over your personal information.
1. Who this policy applies to
This policy applies to all Watford Cleaner customers in area, including current, former, and prospective customers, as well as individuals who enquire about our cleaning services, request quotations, receive invoices, or otherwise interact with us in connection with our services.
Note: If you provide personal data about another person, you should ensure you have the authority to do so and that they understand how their data will be used.
2. Personal data we collect
We only collect personal data that is relevant and necessary for providing our services, managing our business, and meeting legal obligations. Depending on the way you interact with us, we may collect the following categories of data:
- Identity data: name, title, and any relevant identification details you provide.
- Contact data: address, email address, telephone number, and service location details.
- Booking and service data: service preferences, appointment details, notes about access, cleaning instructions, and service history.
- Payment and transaction data: payment status, invoices, receipts, and limited billing information.
- Communication data: messages, complaints, feedback, and correspondence records.
- Technical data: basic information such as device, browser, and usage information if you interact with our digital systems.
- Special category data: we do not normally seek to collect special category data. If such data is inadvertently shared, we will only process it where a lawful basis exists and where necessary to protect rights, provide services safely, or comply with legal obligations.
We do not collect more data than is needed for the purposes described in this policy.
3. How we collect personal data
We may collect personal data directly from you when you:
- make an enquiry or request a quotation;
- book or use our cleaning services;
- send us feedback, a complaint, or a query;
- communicate with us by email, phone, or other channels;
- provide payment or billing details;
- interact with our administrative or service processes.
We may also receive data from third parties where appropriate, for example from a person arranging services on your behalf, or from service providers supporting our operations.
4. Why we use your personal data
We use personal data only for legitimate business and service purposes. These include:
- providing cleaning services and managing bookings;
- responding to enquiries and customer support requests;
- preparing quotations, invoices, and records of services;
- handling payments, refunds, and account administration;
- maintaining service quality and managing complaints;
- ensuring health, safety, and site access arrangements;
- meeting legal, tax, accounting, and regulatory obligations;
- protecting against fraud, misuse, or security incidents;
- improving our services and business processes.
5. Lawful basis for processing
Under data protection law, we must have a lawful basis for each processing activity. We may rely on one or more of the following lawful bases:
Contract
We process personal data where it is necessary to enter into or perform a contract with you, such as arranging cleaning services, managing bookings, or issuing invoices.
Legal obligation
We may process and retain certain data where required to comply with legal, tax, accounting, insurance, or regulatory obligations.
Legitimate interests
We may process data where it is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. Examples include service administration, record keeping, quality control, business improvement, and fraud prevention.
Consent
In limited situations, we may rely on your consent, for example where it is needed for specific optional processing. Where consent is used, you may withdraw it at any time. This will not affect processing already carried out before withdrawal.
6. Data sharing and processors
We may share personal data with trusted third parties who process data on our behalf or with parties who require the information to perform a service related to your booking. These third parties act as processors or, in some cases, independent controllers.
Examples of processors may include:
- IT and hosting providers: who support email, storage, and system security;
- payment service providers: who handle payment processing and transaction security;
- accounting and invoicing tools: who help maintain financial records;
- customer management systems: who help organise bookings and service records;
- professional advisers: such as accountants or legal advisers where necessary.
We require processors to protect personal data using appropriate technical and organisational measures and to process data only on our instructions and for agreed purposes.
We may also disclose personal data if required by law, by a court order, or to protect our rights, customers, staff, or property. We do not sell personal data.
7. International transfers
If any processor stores or processes personal data outside the UK, we will ensure that appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms permitted under data protection law.
8. Retention of personal data
We keep personal data only for as long as necessary for the purposes for which it was collected, and to comply with legal or regulatory requirements. Retention periods may vary depending on the type of data and the reason it is held.
- Customer and service records: retained for the duration of the business relationship and for a reasonable period afterwards for service history and administration.
- Financial and tax records: retained for the period required by accounting and tax law.
- Complaints and communications: retained as needed to resolve issues and maintain business records.
- Security and system logs: retained for a limited period for operational and security purposes.
When personal data is no longer required, it will be securely deleted, anonymised, or otherwise disposed of in a safe and lawful manner.
9. Data security
We take reasonable and appropriate measures to protect personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures may include access controls, staff confidentiality obligations, secure storage, password protection, and limited access to data on a need-to-know basis.
However, no method of transmission or storage is completely secure. We cannot guarantee absolute security, but we work to reduce risk and respond appropriately to any suspected incident.
10. Your rights
Under data protection law, you may have the following rights regarding your personal data:
- Right of access: to request a copy of the personal data we hold about you.
- Right to rectification: to ask us to correct inaccurate or incomplete data.
- Right to erasure: to request deletion of your data in certain circumstances.
- Right to restrict processing: to ask us to limit how we use your data in certain situations.
- Right to data portability: to receive certain data in a structured, commonly used format.
- Right to object: to object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.
If you exercise any of these rights, we may need to verify your identity before responding. Some rights may not apply in every situation, and we may retain certain data where required by law or where there is a valid lawful basis to keep it.
11. Children’s data
Our services are not directed at children, and we do not knowingly collect personal data from children unless it is necessary for service arrangements and provided by an adult with authority to do so. If we become aware that we have collected data from a child without appropriate authority, we will take steps to delete it where required.
12. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any updated version will apply from the date it is published or otherwise communicated. We encourage you to review this policy periodically so you remain informed about how your information is handled.
13. Summary of your privacy commitments
We aim to process personal data in a way that is lawful, fair, transparent, secure, and limited to what is necessary. We only use data for legitimate service and business purposes, retain it for the shortest appropriate period, and share it only with trusted processors or where required by law. You also retain important rights over your information, and we will take reasonable steps to respect and support those rights.
This policy is intended to provide clear, GDPR-compliant information for all Watford Cleaner customers in area.