Privacy Policy

This Privacy Policy explains how personal data is collected, used, shared, and protected when individuals engage with our services. It is intended to be clear, transparent, and consistent with the requirements of the General Data Protection Regulation (GDPR). This policy applies to all customers in the area where our services are offered and to any individual whose personal data is processed in connection with those services.

1. Data Controller and Scope

For the purposes of data protection law, the organisation providing the service is the data controller for the personal data described in this policy, unless otherwise stated. This means we determine the purposes and means of processing personal data. This policy applies to personal data collected from customers, prospective customers, users, and other individuals who interact with our services in the relevant area.

Personal data means any information relating to an identified or identifiable natural person. This may include direct identifiers, account information, transaction details, technical data, and communication records.

2. Personal Data We Collect

We collect only the personal data that is necessary for the purposes set out in this policy. Depending on how you interact with us, we may collect the following categories of data:

  • Identity data: name, title, or similar identifiers.
  • Contact data: address, email address, telephone number, or other communication details.
  • Account data: login credentials, account preferences, and service settings.
  • Transaction data: information about purchases, orders, payments, invoices, and related records.
  • Technical data: IP address, browser type, device type, operating system, and usage logs.
  • Communication data: correspondence, feedback, support requests, and complaint records.
  • Marketing preferences: choices regarding promotions, updates, or other communications.

We may also collect information from third parties where lawful to do so, such as service providers, payment processors, delivery partners, or publicly available sources, if relevant to our operations.

3. How We Use Personal Data

We process personal data for specific, legitimate, and lawful purposes. The main purposes include:

  • providing, operating, and maintaining our services;
  • managing customer relationships and responding to enquiries;
  • processing orders, payments, refunds, and billing;
  • improving service quality, performance, and user experience;
  • maintaining security, preventing fraud, and detecting misuse;
  • meeting legal, regulatory, and tax obligations;
  • sending administrative messages and, where permitted, marketing communications;
  • handling disputes, complaints, and legal claims.

We will not process personal data in a manner that is incompatible with these purposes unless we have a valid legal basis and, where required, separate notice or consent.

4. Lawful Basis for Processing

Under GDPR, we must have a lawful basis for each processing activity. We rely on one or more of the following lawful bases:

  • Performance of a contract: processing necessary to provide services, fulfill requests, or manage contractual obligations.
  • Legal obligation: processing required to comply with applicable laws, regulations, accounting rules, or court orders.
  • Legitimate interests: processing necessary for our legitimate business interests, provided these are not overridden by your rights and freedoms. Examples may include service improvement, fraud prevention, and security monitoring.
  • Consent: where required by law, we will ask for your consent before processing certain data, such as for particular marketing activities. You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

Where we rely on legitimate interests, we consider the nature of the data, the context of the processing, and the impact on individuals, and we take steps to ensure a fair balance.

5. Sharing of Personal Data and Processors

We may share personal data with third parties where necessary to operate our services, comply with legal obligations, or protect our legitimate interests. Such third parties may act as processors or, in some cases, independent controllers.

Processors are organisations that process personal data on our behalf and under our instructions. We use processors only where appropriate safeguards are in place, including contractual obligations to protect data and process it only according to our instructions. These may include:

  • IT hosting and infrastructure providers;
  • payment service providers;
  • customer support platforms;
  • analytics and performance service providers;
  • document storage and backup providers;
  • professional advisers such as auditors, lawyers, and accountants;
  • delivery or logistics partners where required for service fulfilment.

We may also disclose data to authorities, regulators, or courts where required by applicable law or to establish, exercise, or defend legal claims. We do not sell personal data.

6. International Transfers

If personal data is transferred outside the European Economic Area or to a country that has not been granted an adequacy decision, we will ensure appropriate safeguards are implemented. These may include standard contractual clauses, equivalent contractual protections, and additional technical or organisational measures where necessary.

We take reasonable steps to ensure that transferred data receives a level of protection essentially equivalent to that required under GDPR.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, tax, and reporting requirements. Retention periods vary depending on the type of data and the reason for processing.

In general:

  • account and customer records are retained for the duration of the relationship and for a reasonable period afterward;
  • financial and transaction records are retained for periods required by law;
  • support and communication records are retained for as long as needed to resolve matters and maintain service quality;
  • technical logs are retained for security, diagnostics, and operational purposes for limited periods;
  • marketing data is retained until you opt out or the data is no longer relevant.

When data is no longer required, we will delete, anonymise, or securely archive it in accordance with our retention practices and legal obligations.

8. Data Security

We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, alteration, disclosure, or destruction. These measures may include access controls, encryption, secure storage, backup procedures, and staff confidentiality obligations.

While we take reasonable steps to secure personal data, no system can be guaranteed completely secure. In the event of a personal data breach that poses a risk to rights and freedoms, we will take appropriate action in accordance with applicable law, including notifying supervisory authorities and affected individuals where required.

9. User Rights Under GDPR

Individuals whose personal data we process have rights under GDPR. Subject to legal conditions and exceptions, you may exercise the following rights:

  • Right of access: to obtain confirmation and a copy of your personal data.
  • Right to rectification: to have inaccurate or incomplete data corrected.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restrict processing: to limit how we use your data in specific situations.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to receive certain data in a structured, commonly used, machine-readable format and transfer it to another controller where technically feasible.
  • Right to withdraw consent: where processing is based on consent, to withdraw that consent at any time.

You also have the right not to be subject to decisions based solely on automated processing, including profiling, where such decisions have legal or similarly significant effects, unless permitted by law.

10. How Rights Are Exercised

We aim to respond to valid requests without undue delay and within the timeframe required by GDPR, generally within one month. Where requests are complex or numerous, the period may be extended in accordance with the law. We may request information to verify identity before responding to a request, where necessary to protect personal data.

If a request is manifestly unfounded or excessive, we may refuse to act on it or charge a reasonable fee, where permitted by law.

11. Children’s Data

Our services are not intended for children unless specifically stated. We do not knowingly collect personal data from children without appropriate legal basis and, where required, parental consent. If we become aware that personal data has been collected inappropriately, we will take steps to delete it as required.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, operational practices, or service offerings. Any revised version will apply from the date it is published or otherwise communicated. We encourage individuals to review this policy periodically to stay informed about how personal data is processed.

Summary of Our Commitment

We process personal data lawfully, fairly, and transparently, use it only for legitimate purposes, retain it for no longer than necessary, and protect it with appropriate safeguards. This policy applies to all customers in the area and is designed to support GDPR compliance while respecting individual rights and privacy expectations.

Call Now!
Call Now Get a Quote
Brompton Carpet Cleaners

GDPR-compliant privacy policy covering data collection, lawful basis, retention, processors, user rights, security, and scope for all customers in the area.

Get a Quote

What Our Customers Say

Excellent on Google
4.9 (10)

We're really happy with how our carpets turned out. The service was professional and thorough. The cleaner took time to look around each room, listen to us, and pay special attention to the areas we mentioned.

Google Logo
A

Great price for quick service--I'm very satisfied.

Google Logo
K

The cleaners truly exceeded my expectations. My bathroom was a mess, but they put in so much work and it looked amazing in the end.

Google Logo
W

The reason I keep using Brompton Carpet Cleaning is their competitive pricing and how quickly I can arrange for any cleaning service.

Google Logo
B

From start to finish, the service was wonderful. The cleaners updated me every step and I am very satisfied.

Google Logo
T

Our Brompton Carpet Cleaning Services cleaner truly cares about her work. The house feels so refreshed and clean after each visit. She is unwaveringly reliable and works so hard.

Google Logo
R

I'm so impressed with Brompton Carpet Cleaning Services. From the first message to the final walk-through, they handled everything efficiently and delivered a flawless cleaning.

Google Logo
C

Very pleased with the efficient and timely service. Coordinated a deep clean for my elderly dad's home from 40 miles away without any issues.

Google Logo
F

Very pleased with Brompton Carpet Cleaners's work. The cleaners were hardworking, amiable, and thoroughly prepared. I value how attentive they are to details and their use of safe cleaning products.

Google Logo
B

We trust Carpet Cleaning Services Brompton to keep our holiday rental immaculate. Their attention to detail has set a new standard and our guests have noticed.

Google Logo
M

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.