Deep Cleaning Sutton Privacy Policy

This Privacy Policy explains how Deep Cleaning Sutton collects, uses, stores and protects personal data about customers and prospective customers in our service area. It also explains your rights under the UK General Data Protection Regulation and related data protection laws. This Privacy Policy applies to all individuals who contact us, request a quotation, book a service or otherwise interact with Deep Cleaning Sutton in connection with our cleaning services.

Who this Privacy Policy applies to

This Privacy Policy applies to all Deep Cleaning Sutton customers and prospective customers located within the areas where we offer our services. It covers personal data processed in relation to domestic and commercial deep cleaning bookings, enquiries and the general management of our customer relationships.

Personal data we collect

We may collect and process the following categories of personal data when you contact us or use our services:

Contact details such as name, address, property access details, and billing address. Communication details such as email content, SMS content and any notes from telephone conversations relating to your cleaning requirements. Booking information such as preferred dates and times, frequency of service, type and size of property, and details of specific cleaning instructions. Payment-related information such as records of payments made, amounts, dates and methods of payment. Deep Cleaning Sutton does not store full payment card details; these are processed by our chosen payment service providers. Service history information such as records of previous bookings, invoices issued, feedback received and any complaints or compliments. Technical data such as basic device and browser information, IP address and access times where this is necessary to operate our website and ensure its security.

How we collect personal data

We collect personal data directly from you when you request a quotation, make a booking, contact us by phone, message or online form, or provide details to our staff during a visit. We may also collect personal data automatically when you use our website, for example via server logs and similar technologies that help us maintain security and improve our services. In some cases, we may receive personal data about you from third parties where you have given them permission to share your details with us, such as property managers or referral partners.

Purposes and lawful bases for processing

We process your personal data only where we have a lawful basis under data protection law. The main purposes and corresponding lawful bases are as follows.

To provide cleaning services. We use your data to create and manage bookings, allocate staff, access your property and deliver the services you have requested. The lawful basis is performance of a contract or taking steps at your request before entering into a contract.

To manage our relationship with you. We use your data to respond to enquiries, handle complaints, request feedback and send important service-related messages such as booking confirmations or changes. The lawful basis is performance of a contract and our legitimate interests in running our business and maintaining customer relationships.

To process payments and accounting. We use payment records and related data for invoicing, processing payments, handling refunds and maintaining accurate financial records. The lawful basis is performance of a contract and our legal obligations for accounting and tax.

To improve and develop our services. We may use aggregated or anonymised data derived from customer interactions to analyse service performance, improve our processes and train staff. The lawful basis is our legitimate interests in improving our services and business operations.

Marketing communications. We may, where permitted by law, use your contact details to send you information about our services that may be of interest to you. The lawful basis will be either your consent or our legitimate interests, depending on the circumstances and applicable rules. You can opt out at any time.

Legal and regulatory purposes. We may process your data where necessary to comply with legal obligations, respond to lawful requests from authorities, or establish, exercise or defend legal claims. The lawful basis is compliance with a legal obligation or our legitimate interests in protecting our rights.

Data retention

We retain personal data only for as long as is necessary for the purposes described in this Privacy Policy or as required by law. In general, we keep customer account and booking information for a period that allows us to respond to queries, manage any disputes and comply with our legal obligations, including tax and accounting requirements. After the applicable retention period has expired, we will either securely delete your personal data or irreversibly anonymise it so that it can no longer be associated with you.

Data processors and third party recipients

We may share your personal data with carefully selected third parties who act as data processors on our behalf. These service providers are only permitted to process personal data in accordance with our instructions and must provide appropriate technical and organisational measures to protect it.

Typical categories of data processors include payment processing providers for handling card and electronic payments, IT and cloud service providers who host our systems and data, communication and scheduling tools used to send booking confirmations and reminders, and professional advisers such as accountants or consultants where necessary for the operation of our business. Where required, we may also share data with law enforcement bodies, regulators or other authorities when we are legally obliged to do so.

We do not sell your personal data to third parties. We also do not permit our processors to use your data for their own marketing purposes.

International data transfers

Some of our service providers may store or access data from outside the United Kingdom. Where this occurs, we will ensure that appropriate safeguards are in place to protect your personal data, such as the use of government-approved standard contractual clauses or reliance on adequacy regulations for the relevant country, in line with data protection law.

How we protect your data

We take the security of your personal data seriously and implement reasonable technical and organisational measures to protect it against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. These measures include access controls, staff training, secure storage, and the use of reputable service providers who comply with recognised security standards.

Your data protection rights

Under data protection law, you have several rights in relation to the personal data that we hold about you. These rights may be subject to certain conditions and exemptions.

Right of access. You have the right to request confirmation of whether we process your personal data and, if so, to obtain a copy of that data along with certain information about how we use it.

Right to rectification. You have the right to request that we correct any inaccurate or incomplete personal data that we hold about you.

Right to erasure. In certain circumstances, you may have the right to request that we delete your personal data, for example where it is no longer needed for the purposes for which it was collected or where you withdraw consent and there is no other lawful basis for processing.

Right to restriction of processing. You may have the right to request that we restrict the processing of your data in specific situations, such as while we verify its accuracy or assess an objection you have raised.

Right to object. You have the right to object to our processing of your personal data where we rely on legitimate interests as the lawful basis. You also have an absolute right to object to direct marketing at any time.

Right to data portability. Where our processing is based on your consent or on a contract and is carried out by automated means, you may have the right to receive your personal data in a structured, commonly used and machine-readable format and to request that it is transmitted to another controller where technically feasible.

Right to withdraw consent. Where we rely on your consent to process personal data, you can withdraw that consent at any time. This will not affect the lawfulness of processing carried out before the withdrawal.

Exercising your rights and complaints

If you wish to exercise any of your data protection rights or have any questions about how Deep Cleaning Sutton handles your personal data, you can contact us using the details provided on our website or in your booking confirmation. We will respond to your request in accordance with applicable law.

You also have the right to lodge a complaint with the relevant supervisory authority if you are unhappy with how we have handled your personal data. We would appreciate the opportunity to address your concerns directly before you approach a supervisory authority, so we encourage you to contact us first.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or the services we offer. Any updated version will be made available through our usual communication channels. We encourage you to review this Privacy Policy periodically so that you remain informed about how we process your personal data.