Privacy Policy - Cleaners Merton
This Privacy Policy explains how Cleaners Merton collects, uses, stores, shares, and protects personal data. It applies to all Cleaners Merton customers in the area, including current, former, and prospective customers who use or enquire about our cleaning services. We are committed to handling personal information in a lawful, fair, and transparent way, in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who we are
Cleaners Merton provides residential and commercial cleaning services. In providing these services, we may collect and process personal data relating to customers, property occupants, and other individuals whose information is necessary for service delivery, scheduling, billing, and customer support. We act as a data controller for the personal data we determine the purposes and means of processing.
2. Information we collect
We only collect personal data that is relevant and necessary for delivering our services, managing our relationship with customers, and meeting legal obligations. Depending on how you interact with us, we may collect the following categories of data:
- Identity data: name, title, and any information needed to identify you as a customer or contact person.
- Contact data: address, email address, phone number, and service location details.
- Service data: booking details, cleaning preferences, instructions, access arrangements, and service history.
- Payment and transaction data: payment status, invoices, records of services purchased, and related financial information.
- Communication data: messages, complaints, feedback, and correspondence relating to our services.
- Technical data: limited device or usage information if you interact with digital systems we use for administration, such as timestamps or basic log details.
We do not intentionally collect special category data unless it is strictly necessary and we have an appropriate legal basis to do so. If such data is ever shared with us accidentally, we will treat it with enhanced care and only process it where permitted by law.
3. How we use personal data
We use personal data for the following purposes:
- To respond to enquiries and provide quotations.
- To schedule, deliver, and manage cleaning services.
- To maintain service records and customer preferences.
- To issue invoices, take payments, and manage account administration.
- To communicate about appointments, service changes, or important updates.
- To handle complaints, resolve disputes, and improve our services.
- To comply with tax, accounting, insurance, and other legal obligations.
- To protect our business, staff, customers, and property from misuse, fraud, or security issues.
We only process data for the purpose for which it was collected unless we reasonably consider that another compatible purpose applies or we are otherwise required or permitted by law.
4. Lawful basis for processing
Under data protection law, we must have a lawful basis for each type of processing. Cleaners Merton relies on the following lawful bases where appropriate:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes taking bookings, carrying out services, managing payments, and providing customer support related to those services.
Legitimate interests
We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Examples include service management, record keeping, fraud prevention, internal administration, and improving our operations. When using this basis, we assess whether the processing is proportionate and respectful of privacy.
Legal obligation
We may process data to comply with legal obligations, such as accounting requirements, tax laws, regulatory duties, or lawful requests from public authorities.
Consent
In limited cases, we may rely on consent, for example where it is required for a particular optional activity. Where consent is used, you may withdraw it at any time without affecting the lawfulness of prior processing.
5. Sharing and processors
We do not sell personal data. However, we may share it with trusted third parties that help us operate our business. These parties act as processors when they process personal data on our behalf and only in accordance with our instructions.
Examples of processors and service providers may include:
- Booking and scheduling software providers.
- Payment processing and invoicing services.
- IT hosting, cloud storage, and security providers.
- Customer communication tools used for service updates or administration.
- Professional advisers such as accountants, auditors, or legal advisers where necessary.
We may also disclose personal data where required by law, regulation, court order, or valid request from a public authority. If a business transfer occurs, such as a merger or sale, personal data may be transferred to the relevant parties under appropriate safeguards.
All processors are required to handle personal data securely, use it only for the contracted purpose, and implement appropriate technical and organisational measures. We aim to ensure that any transfer of data outside the UK is protected by recognised legal safeguards where applicable.
6. Data retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods vary depending on the type of information and the context in which it is used.
In general:
- Customer and service records are retained for the duration of the customer relationship and for a reasonable period afterwards.
- Financial and tax records are retained for the period required by law.
- Communication records may be retained for as long as needed to resolve issues, maintain service history, or defend legal claims.
- Data that is no longer required is securely deleted, anonymised, or archived where appropriate.
We regularly review the data we hold so that information is not kept longer than necessary. Retention is based on practical business needs and legal duties, not on indefinite storage.
7. Data security
We take the security of personal data seriously and use suitable safeguards to protect it from unauthorised access, loss, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and periodic review of our data handling practices. While no system can be guaranteed to be completely secure, we work to maintain a level of protection appropriate to the risks involved.
8. Your rights
As a data subject under UK GDPR, you have several rights in relation to your personal data. Subject to legal limits, these rights include:
- Right of access: you may request confirmation of whether we process your data and obtain a copy of it.
- Right to rectification: you may ask us to correct inaccurate or incomplete information.
- Right to erasure: in certain circumstances, you may request deletion of your personal data.
- Right to restriction: you may ask us to limit processing in some situations.
- Right to object: you may object to processing based on legitimate interests, including direct marketing where applicable.
- Right to data portability: where applicable, you may request certain information in a structured, commonly used format.
- Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.
You also have the right to raise concerns with the Information Commissioner’s Office (ICO) if you believe your data has been handled unlawfully or unfairly. We encourage you to contact us first so that we can try to resolve the matter promptly and transparently.
9. Children’s data
Our services are directed at adult customers and property managers. We do not knowingly collect personal data from children except where it is incidentally provided as part of service arrangements and only where necessary. If we become aware that we have collected data from a child inappropriately, we will take steps to delete it or otherwise handle it lawfully.
10. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we handle personal data. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers in the area to review this policy periodically so they remain informed about how their information is used.
11. How we apply this policy
This policy applies to all Cleaners Merton customers in the area, including those receiving one-off cleaning, recurring cleaning, end-of-tenancy cleaning, or any other service we provide. By engaging with our services, you acknowledge that your personal data may be processed as described in this policy and in accordance with applicable data protection laws.
In summary: Cleaners Merton processes personal data only where lawful, keeps it only as long as needed, uses trusted processors under contract, and respects your rights over your information.