Privacy Policy – Cleaners Waterloo
This Privacy Policy explains how Cleaners Waterloo collects, uses, stores, shares, and protects personal data relating to our customers in the Waterloo area. It applies to all Cleaners Waterloo customers in the area, including individuals who book domestic cleaning, commercial cleaning, end-of-tenancy cleaning, deep cleaning, or any related service. We are committed to handling personal data in a lawful, fair, transparent, and secure manner in accordance with the UK GDPR and the Data Protection Act 2018.
1. Who We Are
For the purposes of data protection law, Cleaners Waterloo is the data controller in relation to the personal information we collect and process about our customers, prospects, and service users. This means we determine why and how personal data is processed when we provide cleaning services and manage our business operations.
We only process personal data where there is a valid legal reason to do so, and we take appropriate steps to ensure that data is used only for the purposes described in this policy.
2. Information We Collect
We may collect the following categories of personal data when you request, receive, or enquire about our services:
- Identity information such as your name and title.
- Contact details such as address, email address, and telephone number.
- Service details including property type, preferred cleaning schedule, access instructions, and service notes.
- Billing and payment information where required to process invoices, payments, refunds, or account records.
- Communication records including messages, enquiries, complaints, feedback, and booking changes.
- Technical information such as basic website or device information if you interact with our online systems.
- Special instructions relevant to cleaning work, such as allergy-related preferences or access arrangements, where you choose to provide them.
We generally do not seek to collect special category data unless it is necessary and you have chosen to provide it. If such information is shared with us, we will handle it carefully and only where a lawful basis applies.
3. How We Use Your Data
We use personal data for the following purposes:
- to respond to enquiries and provide quotations;
- to book, manage, and deliver cleaning services;
- to communicate about appointments, scheduling, changes, and service updates;
- to issue invoices, process payments, and maintain financial records;
- to manage customer accounts and service preferences;
- to handle complaints, disputes, and customer support;
- to improve our services, internal processes, and customer experience;
- to comply with legal, tax, accounting, and regulatory obligations;
- to prevent fraud, misuse, or unauthorised access;
- to maintain business records and evidence of services delivered.
We will only use personal data in ways that are compatible with the reasons for which it was collected, unless we reasonably determine that another lawful reason applies.
4. Lawful Basis for Processing
Under GDPR, we must identify a lawful basis for every processing activity. Cleaners Waterloo relies on the following lawful bases:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes taking bookings, delivering cleaning services, managing schedules, and processing payments.
Legal Obligation
We may process data where required to comply with legal obligations, such as tax rules, accounting requirements, insurance obligations, or regulatory duties.
Legitimate Interests
We may use personal data where it is necessary for our legitimate business interests, provided these are not overridden by your rights and freedoms. Examples include managing customer relationships, improving services, preventing fraud, maintaining security, and keeping internal records.
Consent
Where we rely on consent, we will ask for it clearly and separately. You may withdraw consent at any time, and this will not affect the lawfulness of processing that took place before withdrawal.
Vital Interests
In rare cases, we may process data to protect someone’s vital interests, such as in an emergency involving safety or urgent welfare concerns.
5. Sharing Your Information and Processors
We may share personal data with trusted third parties who act as processors or independent controllers, depending on the service involved. We only share what is necessary and only where appropriate safeguards are in place.
Examples of processors and service providers may include:
- payment service providers that handle transactions securely;
- booking, scheduling, and customer management systems;
- IT support, cloud storage, and data hosting providers;
- accounting or invoicing software providers;
- professional advisers, including legal or insurance advisers, where necessary;
- subcontracted cleaners or operational staff, strictly for service delivery purposes.
We require processors to act only on our instructions, to keep data secure, and to process it in line with data protection law. We do not sell personal data. We do not share your information for unrelated marketing by third parties.
6. International Transfers
If any of our service providers store or process data outside the United Kingdom, we will ensure that appropriate safeguards are in place, such as an adequacy decision, standard contractual clauses, or another lawful transfer mechanism recognised by GDPR.
7. Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected, or for as long as required by law. Retention periods may vary depending on the type of data and the context of our relationship with you.
- Booking and service records are kept for a reasonable period to manage ongoing customer relationships and service history.
- Financial and invoice records are retained for the period required by tax and accounting laws.
- Communication records may be stored for customer support, dispute resolution, and quality monitoring.
- Complaint or legal records may be retained longer where necessary to establish, exercise, or defend legal claims.
When data is no longer required, we will securely delete, anonymise, or archive it in line with our retention practices.
8. Data Security
We use appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures may include access controls, secure systems, staff confidentiality obligations, and careful oversight of third-party providers.
Although no system can be guaranteed completely secure, we work to reduce risks and to respond promptly to any suspected data incident.
9. Your Rights Under GDPR
You have a number of rights in relation to your personal data. Subject to legal limits, these may include:
- Right of access – to request a copy of the data we hold about you;
- Right to rectification – to ask us to correct inaccurate or incomplete data;
- Right to erasure – to request deletion of your data in certain circumstances;
- Right to restriction – to ask us to limit how we use your data in certain situations;
- Right to object – to object to processing based on legitimate interests or direct marketing;
- Right to data portability – to receive some data in a structured, commonly used format where applicable;
- Right to withdraw consent – where processing is based on consent, you can withdraw it at any time;
- Right to complain – to raise concerns with the relevant data protection supervisory authority.
To protect your privacy, we may need to verify your identity before responding to a request. We aim to handle requests within the time limits set by law.
10. Children’s Data
Our services are intended for adults and businesses. We do not knowingly collect personal data from children unless it is incidental to service delivery and provided by an adult customer in a lawful manner. If we become aware that we have collected data from a child without proper authority, we will take steps to address it.
11. Automated Decision-Making
We do not use personal data for fully automated decisions that produce legal or similarly significant effects. If this changes in the future, we will update this policy and ensure appropriate safeguards are in place.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal duties, or processing practices. Any revised version will apply from the date it is published, unless stated otherwise. We encourage customers to review this policy periodically to stay informed about how we protect personal data.
13. Summary of Key Points
In summary, Cleaners Waterloo only collects personal data needed to provide cleaning services, manage communications, and meet legal responsibilities. We process data under lawful bases including contract, legal obligation, legitimate interests, and where relevant, consent. We keep data only as long as necessary, share it only with trusted processors and advisers, and respect your GDPR rights.
By using our services, you acknowledge that this Privacy Policy applies to you if you are a customer in the Waterloo area. We are committed to protecting your privacy and using your data responsibly, transparently, and securely.