Privacy Policy - Pimlico Cleaner
This Privacy Policy explains how Pimlico Cleaner collects, uses, stores, shares, and protects personal data in connection with our cleaning services. It applies to all Pimlico Cleaner customers in the area, including prospective customers, current customers, and former customers. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Pimlico Cleaner provides professional cleaning services to homes and businesses in the local area. In doing so, we may process personal data relating to customers, household members, site occupants, and individuals who interact with us on behalf of a business. We act as a data controller for the personal data we collect and use for our own purposes, such as managing bookings, delivering services, issuing invoices, and maintaining records.
2. Personal Data We Collect
We only collect personal data that is necessary for delivering our services, managing our business, and complying with legal obligations. The types of data we may collect include:
- Identity details such as name and title.
- Contact details such as address, email address, and telephone number.
- Service details such as booking history, service preferences, access instructions, and notes relevant to the cleaning service.
- Payment and billing information such as invoice records and payment status.
- Communication records such as messages, complaints, feedback, and service-related correspondence.
- Technical data such as basic website or device information if you interact with our online services, where applicable.
- Special category data only where strictly necessary and usually only if you choose to provide it, for example information relating to allergies, access needs, or health-related precautions relevant to service delivery.
We do not intentionally collect more data than is needed for the stated purpose. We also do not seek to process sensitive personal information unless it is required to provide a safe and appropriate service.
3. How We Use Personal Data
We use personal data for the following purposes:
- To register enquiries and manage bookings.
- To provide cleaning services at the requested location.
- To communicate about appointments, changes, complaints, and service updates.
- To prepare invoices, record payments, and manage accounts.
- To maintain internal records and service history.
- To improve service quality, training, and operational efficiency.
- To comply with legal, tax, accounting, and regulatory obligations.
- To protect our business, staff, and customers against fraud, misuse, or legal claims.
We will not use your personal data for purposes that are incompatible with the original reason it was collected without informing you and, where required, obtaining a valid lawful basis.
4. Lawful Basis for Processing
We only process personal data when we have a lawful basis under UK GDPR. Depending on the context, we rely on one or more of the following bases:
Contract
We process data where it is necessary to enter into or perform a contract with you. This includes handling bookings, service delivery, billing, and customer support.
Legal Obligation
We process data where necessary to comply with legal duties, such as accounting, tax retention, and record-keeping requirements.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided these interests are not overridden by your rights and freedoms. This may include quality control, service improvement, fraud prevention, and business administration.
Consent
We rely on consent where required, particularly for optional processing such as certain marketing communications or the collection of specific special category data. You may withdraw consent at any time where processing is based on consent.
Vital Interests
In rare cases, we may process data to protect someone’s vital interests, for example where urgent health or safety information is needed in connection with service delivery.
5. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting obligations. Retention periods vary depending on the type of information and the reason for processing.
- Customer records are kept for the duration of the service relationship and for a reasonable period afterwards.
- Financial and tax records are retained for the period required by law.
- Communication records may be kept for the time needed to resolve disputes, maintain service history, or support business administration.
- Special category data is retained only as long as necessary for the specific service need and is deleted or anonymised when no longer required.
When data is no longer needed, we will securely delete, anonymise, or otherwise dispose of it in a responsible manner.
6. Data Sharing and Processors
We may share personal data with trusted third parties who help us deliver our services or operate our business. These third parties act as data processors or independent controllers depending on the service they provide.
Typical processors may include:
- Payment providers that process card or electronic payments.
- Accounting and bookkeeping providers that support invoicing, financial reporting, and tax compliance.
- Scheduling or customer management tools that help manage appointments and service records.
- IT and cloud service providers that store or secure data on our behalf.
- Professional advisers such as lawyers, insurers, or auditors where necessary.
We require processors to handle personal data securely, to use it only on our instructions, and to comply with applicable data protection law. We do not sell personal data.
In limited circumstances, we may disclose personal data to public authorities, regulators, or law enforcement where required by law or where necessary to protect legal rights.
7. International Transfers
If any of our service providers store or access personal data outside the UK, we will ensure appropriate safeguards are in place. These may include adequacy regulations, approved contractual safeguards, or equivalent lawful transfer mechanisms. We take reasonable steps to ensure that your data remains protected to a standard consistent with UK data protection law.
8. Data Security
We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and regular review of data-handling practices. While no system can be guaranteed completely secure, we work to reduce risk and maintain suitable safeguards.
9. Your Rights
Under UK GDPR, you have a number of rights in relation to your personal data. These rights may be subject to legal conditions and exemptions.
- Right of access – to request a copy of the personal data we hold about you.
- Right to rectification – to request correction of inaccurate or incomplete data.
- Right to erasure – to request deletion of your data in certain circumstances.
- Right to restriction – to request limits on how we use your data in certain situations.
- Right to object – to object to processing based on legitimate interests or direct marketing.
- Right to data portability – to request transfer of data you provided to us in a commonly used format, where applicable.
- Right to withdraw consent – where processing is based on consent.
We will respond to valid requests within the timeframes required by law. To protect privacy, we may need to verify your identity before acting on a request.
10. Complaints
If you believe your data has been handled improperly, you have the right to raise a complaint with the relevant supervisory authority. We also encourage you to contact us first so that we may address your concern directly and promptly. We take privacy concerns seriously and aim to resolve issues in a fair and efficient manner.
11. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children except where necessary in the context of a household service and with appropriate authority from an adult customer. If we become aware that we have collected data from a child without proper basis, we will take appropriate steps to delete it.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data-handling practices. The most recent version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how we protect personal data.
13. Summary of Our Commitment
Pimlico Cleaner is committed to processing personal data lawfully, transparently, and securely. We collect only what is needed, use it for clear and legitimate purposes, retain it only as long as necessary, and apply appropriate safeguards when sharing data with processors. We respect your rights and aim to give every customer in the area confidence that their personal information is treated with care, confidentiality, and compliance.