Privacy Policy

This Privacy Policy explains how personal data is collected, used, stored, shared, and protected in connection with our services. It applies to all customers in area and is intended to provide clear information about our privacy practices in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

1. Scope of this Privacy Policy

This Privacy Policy applies to all personal data processed when individuals use our services, interact with our systems, or otherwise engage with us in the ordinary course of business. It covers data relating to identified or identifiable natural persons. It does not apply to anonymized information that cannot reasonably be linked to an individual.

We are committed to handling personal data lawfully, fairly, and transparently. We also aim to ensure that data is collected only for specified purposes and is kept accurate, secure, and not retained longer than necessary.

2. Personal Data We Collect

We may collect different categories of personal data depending on how a person interacts with us. This may include:

  • Identity data such as name, title, or similar identifiers.
  • Contact data such as address, email address, and telephone number.
  • Transactional data such as records of products or services purchased, billing details, and payment-related information.
  • Technical data such as internet protocol address, device identifiers, browser type, operating system, and access logs.
  • Usage data such as information about how services are used, preferences, and interaction patterns.
  • Communications data such as correspondence, inquiries, feedback, and any information shared during support interactions.

We do not seek to collect sensitive personal data unless it is necessary for a specific, lawful purpose and appropriate safeguards are in place. Where special category data is processed, it is handled with particular care and only where permitted by law.

3. How We Collect Personal Data

Personal data may be collected directly from the individual, automatically through the use of digital systems, or from third parties where permitted by law. Sources may include:

  • Information provided when a person creates an account, places an order, or requests services.
  • Information submitted through forms, surveys, or communications.
  • Information generated through the use of devices, systems, or online features.
  • Information received from service providers, business partners, or publicly available sources where appropriate.

We use only the data necessary for the relevant purpose and apply data minimization principles to reduce unnecessary collection.

4. Purposes for Processing Personal Data

We process personal data for a number of legitimate business and operational purposes, including:

  • Providing and delivering services or products.
  • Managing customer relationships and responding to inquiries.
  • Processing payments, invoicing, and administration.
  • Maintaining records, quality assurance, and internal reporting.
  • Improving services, systems, and user experience.
  • Detecting fraud, abuse, security incidents, or unauthorized activity.
  • Complying with legal and regulatory obligations.

Where processing is based on consent, the individual may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing carried out before consent was withdrawn.

5. Lawful Basis for Processing

Under GDPR, we process personal data only when we have a lawful basis. Depending on the purpose, the lawful basis may be one or more of the following:

  • Consent — where an individual has given clear permission for a specific purpose.
  • Contract — where processing is necessary to perform a contract or take steps before entering into a contract.
  • Legal obligation — where processing is required to comply with a legal duty.
  • Vital interests — where processing is necessary to protect someone’s life.
  • Legitimate interests — where processing is necessary for our legitimate interests, provided those interests are not overridden by the rights and freedoms of the individual.

Where we rely on legitimate interests, we assess the impact on individuals and ensure that processing remains proportionate and appropriate. We do not use personal data in ways that are unexpected or unfair.

6. Sharing Personal Data and Processors

We may share personal data with trusted third parties that help us operate our services. These third parties act either as processors or, in some cases, as independent controllers. Processors only process personal data on our documented instructions and are required to implement suitable technical and organizational security measures.

Examples of processors may include:

  • Information technology and cloud service providers.
  • Payment service providers and financial administration partners.
  • Customer support and communication platforms.
  • Data storage, backup, and security service providers.
  • Analytics or reporting tools used to understand service performance.

Where personal data is transferred to processors or other third parties, we take reasonable steps to ensure appropriate contractual safeguards are in place. If data is transferred outside the European Economic Area, we use lawful transfer mechanisms and suitable protections as required by law.

7. Retention of Personal Data

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including meeting legal, accounting, tax, reporting, or contractual requirements. Retention periods may vary depending on the type of data and the reason it is held.

When determining how long to keep data, we consider:

  • The nature and sensitivity of the data.
  • The risk of harm from unauthorized use or disclosure.
  • The purposes of processing and whether they can be achieved by other means.
  • Applicable legal or regulatory retention requirements.

When personal data is no longer required, it is securely deleted, anonymized, or otherwise disposed of in a safe and appropriate manner. We avoid keeping data indefinitely without justification.

8. Data Security

We implement reasonable technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures may include access controls, encryption, secure storage, authentication procedures, and staff confidentiality obligations.

Although no system can be guaranteed to be completely secure, we work to maintain appropriate safeguards that reflect the nature of the data and the risks associated with processing it.

9. User Rights Under GDPR

Individuals whose personal data we process have important rights under GDPR. Subject to legal limitations, these rights may include:

  • Right of access — to obtain confirmation of whether personal data is processed and to receive a copy of that data.
  • Right to rectification — to request correction of inaccurate or incomplete data.
  • Right to erasure — to request deletion of personal data in certain circumstances.
  • Right to restriction of processing — to request limited use of personal data in certain cases.
  • Right to data portability — to receive certain data in a structured, commonly used, machine-readable format and, where feasible, have it transferred to another controller.
  • Right to object — to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent — where processing is based on consent.
  • Right to lodge a complaint — with the relevant data protection supervisory authority.

Requests will be handled in accordance with applicable law and may require verification of identity to protect privacy and prevent unauthorized access. We will respond within the time limits required by law unless an extension is legally permitted.

10. Automated Decision-Making

Where personal data is used in automated processes that produce legal or similarly significant effects, appropriate safeguards are applied. Individuals may have the right to request human review, express their point of view, and contest the decision, depending on the circumstances and the legal basis involved.

11. Children’s Data

Our services are not directed to children unless otherwise stated, and we do not knowingly collect personal data from children in circumstances where such collection is not lawful. If we learn that personal data has been collected without appropriate authorization or legal basis, we will take steps to address the matter in accordance with applicable requirements.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or operational needs. Any revised version will apply from the date it is made effective. We encourage individuals to review this Privacy Policy periodically so they remain informed about how personal data is processed.

Summary of Key Principles

  • We collect only the personal data necessary for specified and lawful purposes.
  • We rely on GDPR lawful bases such as consent, contract, legal obligation, vital interests, and legitimate interests.
  • We share data only with trusted processors and other permitted recipients under appropriate safeguards.
  • We retain personal data only as long as necessary and dispose of it securely when no longer needed.
  • We respect the rights of individuals and provide mechanisms for exercising those rights.

This Privacy Policy applies to all customers in area.

Call Now!
Call Now Get a Quote
Sutton Carpet Cleaners

GDPR privacy policy covering data collection, lawful bases, retention, processors, and user rights for all customers in area.

Get a Quote

What Our Customers Say

Excellent on Google
4.9 (10)

The whole crew was brilliant--my flat is spotless after their cleaning. I'll definitely book back in and recommend them to friends and family.

Google Logo
J

An excellent cleaning job by the entire team! I'll definitely be booking again and highly recommend their services to family and friends.

Google Logo
J

The team did a superb job cleaning my flat. I'm very impressed and will definitely book back in with them--highly recommended to friends and family.

Google Logo
E

Service provided was exceptional -- quick, friendly, and well-priced. That tedious job is a thing of the past. We're delighted.

Google Logo
M

Impressed by how professionally everything was handled. Honest about add-on prices, thorough explanations, and very satisfied with the results.

Google Logo
M

Immediate results and professional attitude make them our go-to for carpet cleaning needs.

Google Logo
M

Super easy to schedule regular cleaning sessions. The cleaner sent is fantastic--hard worker, very polite, and professional.

Google Logo
E

My sofa is spotless! The cleaner was professional, knowledgeable, and explained the whole process while offering future maintenance advice.

Google Logo
M

I had a great experience with this cleaning company for my deep clean. The staff was extremely pleasant and efficient, making my house look fantastic. The whole process was seamless.

Google Logo
S

Exceptional service, start to finish. Customer support was excellent, the cleaner was courteous, and the final result was immaculate.

Google Logo
C

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.