Privacy Policy - Deep Cleaning Croydon

This Privacy Policy explains how Deep Cleaning Croydon collects, uses, stores, shares, and protects personal data in connection with our cleaning services. It applies to all Deep Cleaning Croydon customers in the Croydon area, including people who enquire about our services, receive quotations, book appointments, or otherwise interact with us. We are committed to handling personal data in a fair, lawful, transparent, and secure manner, in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our services or providing personal data to us, you acknowledge that you have read this Privacy Policy. We may update this policy from time to time, and any changes will apply from the date they are published or otherwise communicated.

1. Data We Collect

We only collect personal data that is relevant and necessary for providing our services, managing our relationship with you, and meeting our legal obligations. The types of information we may collect include:

  • Identity details such as your name and, where relevant, the name of your business or organisation.
  • Contact information such as your phone number, email address, and property address or service location.
  • Booking and service information such as requested cleaning dates, service preferences, instructions, access details, and records of completed work.
  • Communication records including emails, messages, call notes, complaints, and feedback.
  • Payment information such as billing details, payment status, and transaction records. We do not intentionally store full card details if payment is processed through secure third-party providers.
  • Technical data such as basic website usage information, device type, browser type, and IP-related logs where applicable.
  • Special category data only where strictly necessary and provided by you voluntarily, for example if you share information about allergies, health conditions, or access needs that affect cleaning arrangements. This data is handled with extra care and only where a lawful basis applies.

We do not collect more personal data than we need. If you choose not to provide certain information, we may be unable to deliver some services properly or at all.

2. How We Use Personal Data

We use personal data for the following purposes:

  • To respond to enquiries and provide quotations.
  • To manage bookings, perform cleaning services, and meet service requests.
  • To communicate with customers about appointments, changes, or service updates.
  • To process payments, invoices, and refunds where applicable.
  • To maintain records of services provided and customer preferences.
  • To handle complaints, disputes, and customer support requests.
  • To improve service quality, train staff, and manage operational performance.
  • To comply with legal, accounting, tax, insurance, and regulatory obligations.
  • To protect our business, staff, customers, and property from fraud, misuse, or unlawful activity.

We only use personal data in ways that are compatible with the purposes for which it was collected, unless we reasonably believe another lawful use is permitted.

3. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis before processing personal data. Depending on the context, Deep Cleaning Croydon may rely on one or more of the following bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, such as arranging and delivering cleaning services, taking instructions, or handling payment-related administration.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided those interests do not override your rights and freedoms. This may include improving our services, managing customer relationships, preventing fraud, and maintaining business records.

Legal Obligation

We process certain data to comply with legal and regulatory obligations, such as accounting, tax, insurance, record-keeping, or responding to lawful requests from authorities.

Consent

In some situations, we may rely on your consent, especially for optional communications or any special category data you voluntarily provide. Where consent is used, you may withdraw it at any time.

Special category data will only be processed where an appropriate additional condition under UK GDPR is met, and only when necessary for the relevant service or safeguard.

4. Data Sharing and Processors

We may share personal data with trusted third parties who act as processors or independent controllers, depending on the service they provide. We only share data where necessary and only with appropriate safeguards in place.

Examples of processors may include:

  • Payment service providers that handle secure payment processing.
  • IT and cloud storage providers that support our record-keeping, email, and internal systems.
  • Accounting or bookkeeping providers that assist with financial administration.
  • Customer communication tools used for booking confirmations, reminders, or service updates.
  • Professional advisers such as lawyers, insurers, or auditors where needed.

We require processors to act only on our instructions, protect personal data, and comply with applicable data protection law. We do not sell personal data.

We may also disclose personal data if required by law, court order, regulatory request, or to establish, exercise, or defend legal claims. If data is transferred outside the UK, we will ensure suitable safeguards are in place.

5. Data Retention

We keep personal data only for as long as necessary for the purpose it was collected, or as required by law. Retention periods depend on the type of data and the reason for processing.

In general:

  • Customer and booking records are retained for as long as needed to manage our service relationship and resolve any issues.
  • Financial and tax records are retained for the legally required period.
  • Communication records may be kept for a reasonable period to manage queries, complaints, and service history.
  • Consent-based data is kept until consent is withdrawn or the purpose ends.

When data is no longer needed, we securely delete or anonymise it. Retention is always based on necessity and legal requirements, not convenience.

6. Data Security

We use appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and limited data access on a need-to-know basis.

Although we take data security seriously, no system is completely risk-free. If a data breach occurs that poses a risk to your rights and freedoms, we will deal with it in accordance with applicable legal obligations, including notification where required.

7. Your Rights

Under data protection law, you may have the following rights regarding your personal data:

  • Right of access – you can request a copy of the personal data we hold about you.
  • Right to rectification – you can ask us to correct inaccurate or incomplete data.
  • Right to erasure – you can ask us to delete your data in certain circumstances.
  • Right to restrict processing – you can ask us to limit how we use your data in certain situations.
  • Right to object – you can object to processing based on legitimate interests or direct marketing.
  • Right to data portability – you can request certain data in a structured, commonly used format.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

These rights are not absolute and may be subject to legal exceptions or limitations. If you exercise a right, we may need to verify your identity before responding.

8. Children’s Data

Our services are intended for adult customers or authorised representatives acting on behalf of a household, landlord, tenant, or business. We do not knowingly collect personal data from children unless it is necessary for service delivery and provided by an adult with authority to do so.

9. Complaints and Supervisory Authority

If you have concerns about how we handle personal data, we encourage you to raise them with us first so that we can address the matter promptly. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection.

10. Changes to This Privacy Policy

We may revise this Privacy Policy to reflect changes in our operations, legal requirements, or data protection practices. The updated version will apply to all Deep Cleaning Croydon customers in the area from the date it is made available. We recommend reviewing this policy periodically so that you remain informed about how your data is handled.

Summary of our commitment: Deep Cleaning Croydon processes personal data only when necessary, uses it fairly and lawfully, shares it responsibly with trusted processors, retains it securely for appropriate periods, and respects your data protection rights.

Deep Cleaning Croydon

GDPR-compliant Privacy Policy for Deep Cleaning Croydon covering data collection, lawful basis, retention, processors, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.