Privacy Policy

This Privacy Policy explains how personal data is collected, used, stored, shared, and protected when services are provided to customers in the area. It applies to all customers in the area and is intended to meet the requirements of the General Data Protection Regulation (GDPR). It should be read carefully to understand what happens to personal data and what rights individuals have under applicable data protection law.

1. Scope and purpose

This Policy applies to personal data processed in connection with the provision of services to customers in the area. It covers data collected directly from individuals, data obtained automatically through technical systems, and data received from third parties where permitted by law. The purpose of processing is to provide services, manage customer relationships, maintain security, comply with legal obligations, and improve service quality.

2. Information we collect

Personal data may include information that identifies a person directly or indirectly. Depending on the nature of the interaction, the following categories of data may be collected:

  • Identity data such as name, username, or account identifier.
  • Contact data such as email address, telephone number, billing address, or other communication details.
  • Transaction data relating to purchases, payments, invoices, and service history.
  • Technical data including device type, IP address, browser type, operating system, and log data.
  • Usage data showing how services are accessed and used.
  • Communication data including messages, feedback, support requests, and correspondence.
  • Preference data such as service settings or choices made by the customer.

Where necessary and lawful, we may also process limited special category data, but only when a valid legal condition exists under GDPR. No special category data is collected unless there is a lawful basis and a clear operational need.

3. How data is collected

Personal data may be collected in several ways:

  • directly from customers when they create an account, request services, make inquiries, or submit forms;
  • automatically through systems that record technical and usage information;
  • from service providers, payment providers, or other third parties where permitted by law;
  • through communications exchanged during service delivery or support activities.

Only data that is relevant and necessary for the stated purposes is collected. We do not intentionally collect more information than is needed for those purposes.

4. Lawful basis for processing

Under GDPR, personal data is processed only where a lawful basis exists. The lawful bases used may include:

  • Performance of a contract — processing is necessary to provide the requested services or take steps before entering into a contract.
  • Compliance with legal obligations — processing is necessary to meet tax, accounting, consumer protection, or other legal requirements.
  • Legitimate interests — processing is necessary for business operations, fraud prevention, security, service improvement, and administrative purposes, provided those interests are not overridden by the individual’s rights and freedoms.
  • Consent — where consent is required by law, it will be obtained in a clear and informed manner, and it may be withdrawn at any time.

When relying on legitimate interests, a balancing test is carried out to ensure that the processing is fair and proportionate. Processing will never be based on convenience alone.

5. Why we use personal data

Personal data may be used for the following purposes:

  • to deliver and manage services;
  • to process transactions and maintain financial records;
  • to communicate with customers about service-related matters;
  • to provide customer support and respond to enquiries;
  • to protect systems, prevent abuse, and detect fraud;
  • to comply with legal and regulatory obligations;
  • to analyse performance and improve service quality;
  • to maintain internal records and administrative functions.

Personal data is not used for purposes that are incompatible with the original collection purpose unless a lawful basis exists and the individual is informed where required.

6. Data sharing and processors

Personal data may be shared with trusted third parties that act as data processors or, in limited cases, as independent controllers. Processors are engaged only when they provide sufficient guarantees regarding GDPR compliance, confidentiality, and security.

Typical processors may include:

  • hosting and infrastructure providers;
  • IT support and maintenance providers;
  • payment processing services;
  • accounting, audit, and administrative service providers;
  • security, backup, and monitoring providers;
  • communication and record-management tools.

Processors are authorized to process personal data only on documented instructions and are required to protect it appropriately. Where data is disclosed to public authorities, professional advisers, or legal representatives, it will be done only when necessary and permitted by law.

We do not sell personal data.

7. International transfers

If personal data is transferred outside the European Economic Area, adequate safeguards will be used to protect it. These safeguards may include an adequacy decision, standard contractual clauses, or other lawful transfer mechanisms recognized under GDPR. Transfer decisions are made carefully to ensure that a similar level of protection applies wherever the data is processed.

8. Retention of personal data

Personal data is kept only for as long as necessary to fulfil the purposes for which it was collected, to comply with legal obligations, or to resolve disputes. Retention periods depend on the nature of the data and the reason for processing.

  • Customer account and service data are retained for the duration of the relationship and for a reasonable period afterward.
  • Financial and tax records are retained for the period required by applicable law.
  • Support and communication records are retained long enough to manage service issues and maintain accurate records.
  • Technical logs are retained for security, troubleshooting, and operational integrity, then deleted or anonymised.

When data is no longer needed, it is securely deleted, anonymised, or otherwise disposed of in accordance with internal retention rules. Retention is limited and reviewed regularly.

9. Data security

Appropriate technical and organisational measures are used to protect personal data against unauthorized access, accidental loss, destruction, alteration, or disclosure. These measures may include access controls, encryption where appropriate, system monitoring, restricted permissions, secure backups, and staff confidentiality obligations.

Despite these safeguards, no system can be guaranteed to be completely secure. Security practices are reviewed and updated to maintain an appropriate level of protection.

10. User rights under GDPR

Individuals whose personal data is processed have rights under GDPR. Subject to legal conditions and exceptions, these rights may include:

  • Right of access — to obtain confirmation and a copy of personal data being processed.
  • Right to rectification — to have inaccurate or incomplete data corrected.
  • Right to erasure — to request deletion of data in certain circumstances.
  • Right to restriction — to limit processing in certain situations.
  • Right to data portability — to receive data in a structured, commonly used, machine-readable format where applicable.
  • Right to object — to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent — where processing is based on consent, that consent may be withdrawn at any time.
  • Right not to be subject to automated decision-making — including profiling, where such processing has legal or similarly significant effects, except where permitted by law.

Requests to exercise these rights will be handled in accordance with GDPR and applicable law. Verification may be required to protect personal data from unauthorized disclosure.

11. Complaints and supervision

Individuals also have the right to lodge a complaint with a supervisory authority if they believe their data has been processed unlawfully. This right is available in the country where they live, work, or where an alleged infringement occurred. Concerns should first be raised through the appropriate internal process so they can be reviewed and addressed promptly.

12. Children’s data

This service is not intended to knowingly collect personal data from children without appropriate authorization. Where processing involves a child’s personal data, additional safeguards will be applied in line with legal requirements and the principles of fairness and minimisation.

13. Changes to this policy

This Privacy Policy may be updated from time to time to reflect changes in legal requirements, operational practices, or data processing activities. The most recent version will apply to all customers in the area. Users are encouraged to review the policy periodically to stay informed about how personal data is handled.

14. Summary of principles

Transparency

Individuals are informed about what data is collected and why it is processed.

Purpose limitation

Data is used only for specified, legitimate purposes.

Data minimisation

Only data that is necessary is collected and retained.

Accuracy

Reasonable steps are taken to keep personal data accurate and up to date.

Storage limitation

Data is not kept longer than necessary.

Integrity and confidentiality

Data is protected with appropriate security measures.

By using the services, customers in the area acknowledge that their personal data may be processed in accordance with this Privacy Policy and applicable GDPR requirements.

Call Now!
Call Now Get a Quote
South Kensington Carpet Cleaners

GDPR-compliant Privacy Policy covering data collection, lawful basis, retention, processors, security, and user rights for all customers in the area.

Get a Quote

What Our Customers Say

Excellent on Google
4.9 (10)

On short notice, Upholstery Cleaner South Kensington were able to fit me in and left my flat perfectly clean. It looks amazing, and I won't hesitate to hire them again.

Google Logo
D

The best home cleaning ever--so thorough and dependable. Absolutely every detail was handled with care. Booking again for sure.

Google Logo
A

The cleaners were courteous and professional and gave me advice on keeping my equipment in good shape.

Google Logo
S

Super great customer service at every step. The cleaner provided a value quote, and the cleaning team went above and beyond to clean the house well.

Google Logo
K

Far exceeded what I was hoping for. True professionals who looked after my home with care.

Google Logo
K

I let my house go for too long without a deep clean. The cleaning lady was incredible--meticulous and professional. Now, I enjoy coming home. I'll keep up with weekly cleaning.

Google Logo
D

I'm absolutely blown away by South Kensington Cleaning Agency! The team arrived right on time and conducted themselves with utmost professionalism. They worked swiftly and thoroughly, leaving my home immaculate. I noticed their exceptional attention to detail and am grateful they didn't miss a thing.

Google Logo
N

The booking process was straightforward and efficient. My cleaner arrived before scheduled, and I received a customer satisfaction call from the office - a great touch!

Google Logo
K

Very satisfied with SouthKensingtonCarpetCleaners! The employees were meticulous and friendly, leaving every surface sparkling. They succeeded in removing old, difficult stains.

Google Logo
R

Having used Office Cleaners South Kensington three times, we can vouch for their professionalism and excellent workmanship. Arranging services is hassle-free.

Google Logo
C

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.