Privacy Policy - Nottinghill Carpet Cleaners
Last updated: June 2026
This Privacy Policy explains how Nottinghill Carpet Cleaners collects, uses, stores, shares, and protects personal data when providing carpet cleaning and related services. It applies to all Nottinghill Carpet Cleaners customers in area, including prospective customers, current customers, and individuals who interact with us in connection with our services.
1. Who We Are
Nottinghill Carpet Cleaners is a professional cleaning service provider. For the purposes of data protection law, we act as the data controller for personal data we collect and use in the course of operating our business.
2. Personal Data We Collect
We only collect personal data that is necessary for providing our services, managing customer relationships, and meeting legal obligations. The categories of information we may collect include:
- Identity data such as your name and title.
- Contact data such as your address, telephone number, and email address.
- Service information such as the type of cleaning requested, property details relevant to the service, booking preferences, and service history.
- Payment data such as billing details and transaction records. We do not store full card details where payment is processed through secure third-party providers.
- Communication data such as messages, enquiries, complaints, and feedback.
- Technical data such as limited device or usage information if you interact with our digital systems, where applicable.
- Special instructions that may relate to access to premises, pets, allergies, or other service-related considerations.
We do not intentionally collect special category data unless it is strictly necessary and you have provided it voluntarily, or unless we are legally required to process it. If such information is ever received, we will handle it with extra care and only for the specific purpose for which it was shared.
3. How We Use Your Data
We use personal data for the following purposes:
- to provide cleaning services and manage bookings;
- to communicate with you about appointments, quotations, changes, and service updates;
- to process payments, issue invoices, and maintain financial records;
- to respond to enquiries, complaints, or service requests;
- to improve our service quality and customer experience;
- to comply with legal, accounting, and tax obligations;
- to protect our business, staff, and customers from fraud, misuse, or unlawful activity.
We only process personal data where we have a lawful basis to do so under the UK GDPR and the Data Protection Act 2018.
4. Lawful Basis for Processing
We rely on one or more of the following lawful bases:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes arranging appointments, providing cleaning services, confirming service details, and taking payment for services delivered.
Legal Obligation
We process certain information where required to comply with legal responsibilities, including tax, accounting, consumer protection, and record-keeping requirements.
Legitimate Interests
We may process personal data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include managing our customer relationships, preventing fraud, maintaining service records, and improving our operations. When relying on this basis, we ensure that the processing is necessary and proportionate.
Consent
In some situations, we may rely on your consent, for example where you choose to provide optional information or agree to receive certain forms of communication. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
5. Sharing Your Personal Data
We do not sell personal data. We may share it only when necessary and only with appropriate safeguards in place. Recipients may include:
- Service processors who assist with booking systems, payment processing, communication tools, data storage, or administrative support;
- Professional advisers such as accountants, auditors, insurers, or legal advisers;
- Regulators or public authorities where disclosure is required by law;
- Third-party contractors working on our behalf, where they need access to perform services for us.
All processors are required to act only on our instructions, keep personal data secure, and use it only for the agreed purpose. We take reasonable steps to ensure that any third party handling personal data meets appropriate data protection standards.
6. International Transfers
Where personal data is transferred outside the UK, we will ensure that suitable safeguards are in place, such as an adequacy decision or approved contractual protections. We only transfer data where necessary and where appropriate protection is available.
7. Data Retention
We retain personal data only for as long as necessary for the purpose it was collected and to meet legal obligations. Retention periods may vary depending on the type of data and the context in which it was collected.
- Customer and service records are generally kept for the duration of the relationship and for a reasonable period afterwards to manage queries or disputes.
- Financial and accounting records are kept for the period required by law, which is typically at least six years.
- Communications and complaints may be retained for as long as needed to resolve the matter and maintain accurate business records.
When data is no longer needed, we will securely delete, anonymise, or archive it in accordance with our retention practices.
8. Data Security
We use appropriate technical and organisational measures to protect personal data from unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures may include access controls, secure storage, staff confidentiality obligations, and regular review of our processing practices. While no system can be guaranteed to be completely secure, we take reasonable and proportionate steps to safeguard your data.
9. Your Rights
Under data protection law, you have a number of rights in relation to your personal data. These may include:
- Right of access – to request a copy of the personal data we hold about you;
- Right to rectification – to ask us to correct inaccurate or incomplete data;
- Right to erasure – to request deletion of your data in certain circumstances;
- Right to restriction – to request that we limit how we use your data in certain cases;
- Right to data portability – to receive certain data in a structured, commonly used format, where applicable;
- Right to object – to object to processing based on legitimate interests or direct marketing;
- Right to withdraw consent – where processing is based on consent;
- Right to complain – to raise concerns with the relevant data protection authority if you believe your rights have been infringed.
Some rights may be limited where we have a lawful reason to continue processing or where legal obligations require us to retain the data. Requests will be handled in accordance with applicable data protection law.
10. How We Handle Requests
If you exercise any of your rights, we may need to verify your identity before responding. We aim to respond within the timeframe required by law and will explain if any exemption applies. We will always try to deal with requests fairly, promptly, and transparently.
11. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children except where it is necessary in the course of providing services to a household and with appropriate adult involvement. If we become aware that we have collected data from a child without proper authority, we will take steps to delete it or obtain the necessary permission.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any updated version will apply from the date it is published. We encourage customers to review this policy periodically to stay informed about how we protect personal data.
13. Summary of Our Commitment
We are committed to treating personal data with respect, lawfulness, and transparency. We collect only what we need, use it for clear purposes, keep it secure, and retain it only as long as necessary. Our approach is designed to ensure that customers of Nottinghill Carpet Cleaners can have confidence that their information is handled responsibly and in line with GDPR principles such as data minimisation, purpose limitation, and storage limitation.
By using our services, you acknowledge that your personal data may be processed in accordance with this Privacy Policy and the applicable data protection laws.