Privacy Policy - Cleaner Harrow
This Privacy Policy explains how Cleaner Harrow collects, uses, stores, shares, and protects personal data. It applies to all Cleaner Harrow customers in the Harrow area, including anyone who books, requests, or receives cleaning services from us. We are committed to handling personal information lawfully, fairly, and transparently in line with the UK GDPR and the Data Protection Act 2018.
1. Who We Are
Cleaner Harrow provides domestic and commercial cleaning services in Harrow and nearby locations. In this policy, “we,” “us,” and “our” refer to Cleaner Harrow. “You” means any customer, prospective customer, website visitor, or other person whose personal data we process in connection with our services.
We act as a data controller for the personal data we collect and use for our own business purposes. This means we decide how and why your information is processed.
2. What Personal Data We Collect
We collect only the information needed to provide our services properly, manage our business, and meet legal obligations. The categories of data we may collect include:
- Identity data such as your name and, where needed, the name of a business or household representative.
- Contact data such as email address, telephone number, and service address.
- Booking and service data such as appointment dates, service instructions, cleaning preferences, access notes, and service history.
- Payment data such as billing details, payment status, and transaction records. We do not usually store full card details if payments are handled by a secure third-party provider.
- Communication data such as messages, complaints, feedback, and records of conversations related to your booking or service.
- Technical data such as IP address, browser type, device information, and basic usage data if you interact with our digital systems.
- Special category data only where necessary and with appropriate safeguards, for example if you voluntarily share health, access, or vulnerability information that affects how a service should be delivered.
We generally collect personal data directly from you when you make an enquiry, request a quote, confirm a booking, or communicate with us. In some cases, data may also be provided by a third party acting on your behalf, such as a family member, landlord, agent, or business contact.
3. How We Use Your Personal Data
We use your personal data for the following purposes:
- To respond to enquiries and provide quotes.
- To manage bookings, schedules, and service delivery.
- To communicate about appointments, changes, service issues, or customer support.
- To process payments, invoices, and refunds where relevant.
- To maintain internal records and service quality.
- To handle complaints, disputes, and insurance-related matters.
- To comply with legal, tax, accounting, and regulatory obligations.
- To improve our services, systems, and customer experience.
- To protect our business, staff, and customers from fraud, misuse, or security incidents.
We only use your data for purposes that are compatible with the reason it was collected, unless we have a lawful basis to use it in a different way.
4. Lawful Basis for Processing
We process personal data under one or more lawful bases permitted by the UK GDPR. These include:
- Contract – where processing is necessary to enter into or perform a service agreement with you, such as managing bookings, delivering cleaning services, and processing payments.
- Legal obligation – where we must keep records or share information to comply with tax, accounting, employment, insurance, or other legal requirements.
- Legitimate interests – where processing is necessary for our legitimate business interests and these interests are not overridden by your rights, such as improving services, managing customer relationships, or preventing fraud.
- Consent – where we rely on your clear permission, for example in certain marketing or optional data-sharing situations. You may withdraw consent at any time.
- Vital interests – in rare situations where processing is necessary to protect someone’s life.
- Performance of a task carried out in the public interest – only if applicable in exceptional circumstances.
Where we process special category data, we will only do so when an additional condition under the UK GDPR is satisfied, and we will apply suitable safeguards.
5. Data Sharing and Processors
We may share personal data only when necessary and with appropriate protection. We may disclose information to:
- Payment providers that securely process transactions on our behalf.
- Booking, scheduling, and customer management systems that help us organise services.
- IT, hosting, and security providers that maintain our systems and data storage.
- Accountants, auditors, and professional advisers where needed for tax, financial, or legal purposes.
- Insurance providers or claims handlers where a claim, incident, or dispute requires review.
- Public authorities where disclosure is required by law or a lawful request is received.
These third parties may act as processors on our instructions or as independent controllers in limited situations. Where we use processors, we require them to handle data securely, keep it confidential, and use it only for the agreed purpose. We do not sell your personal data.
6. Data Retention
We keep personal data only for as long as necessary for the purpose it was collected and to meet legal or operational requirements. Retention periods depend on the type of data and the reason for holding it.
- Customer and booking records are usually kept for the period needed to provide the service and for a reasonable time afterwards for administration, queries, and dispute handling.
- Financial and tax records are retained for the period required by law.
- Complaints and incident records may be kept for longer where needed to resolve issues, defend claims, or comply with insurance requirements.
- Marketing preferences are retained until you change your preferences or withdraw consent, where consent is the basis used.
When data is no longer required, we will delete it securely or anonymise it so that it no longer identifies you.
7. Data Security
We use appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and careful selection of processors. While no system can be completely secure, we work to reduce risk and respond promptly to any suspected data incident.
8. Your Rights
Under data protection law, you have several rights in relation to your personal data. These rights may be subject to legal limits and exemptions, but we will always consider requests carefully.
- Right of access – you can ask for a copy of the personal data we hold about you.
- Right to rectification – you can ask us to correct inaccurate or incomplete information.
- Right to erasure – you can ask us to delete your data in certain circumstances.
- Right to restrict processing – you can ask us to limit how we use your data in certain situations.
- Right to object – you can object to processing based on legitimate interests or direct marketing.
- Right to data portability – you can request certain data in a structured, commonly used format where applicable.
- Right to withdraw consent – if we rely on consent, you may withdraw it at any time.
If you wish to exercise any of these rights, we will respond in accordance with applicable data protection law. We may need to verify your identity before responding to your request.
9. International Transfers
In some cases, our service providers may store or process data outside the United Kingdom. Where this happens, we take steps to ensure an adequate level of protection, such as using approved contractual safeguards and assessing the security of the transfer destination.
10. Marketing Preferences
If we send marketing communications, we will do so only where permitted by law. You can opt out of marketing at any time. Operational messages related to bookings, invoices, service updates, or customer support are not marketing and may still be necessary for service delivery.
11. Children’s Data
Our services are directed to adults and businesses, not children. We do not knowingly collect personal data from children unless it is provided by an adult customer in connection with a household or service arrangement and only where necessary for service delivery.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. Any updated version will apply from the date it is published or communicated to you. We encourage you to review this policy periodically so that you remain informed about how we handle your information.
Summary of Key Commitments
- Cleaner Harrow collects only the data needed to provide and manage services.
- We process data on lawful bases including contract, legal obligation, legitimate interests, and consent.
- We retain information only as long as necessary and delete it securely when no longer needed.
- We use trusted processors under contract and do not sell personal data.
- You have important rights over your data, including access, correction, deletion, and objection.
By using Cleaner Harrow services in the Harrow area, you acknowledge that your personal data may be processed as described in this Privacy Policy.
