Deep Cleaning Privacy Policy

This Privacy Policy explains how Deep Cleaning collects, uses, discloses and protects personal data when providing professional cleaning services. It applies to all Deep Cleaning customers located in our service area, whether you contact us online, by message, or in person, and whether you are a one-off or regular customer.

Deep Cleaning is committed to complying with the UK General Data Protection Regulation and, where applicable, the EU General Data Protection Regulation, together referred to as GDPR. We only process personal data in a lawful, fair and transparent manner and limit processing to what is necessary for the purposes described in this Privacy Policy.

Data Controller

For the purposes of GDPR, Deep Cleaning is the data controller in relation to the personal data we collect and process about our customers in our service area. As data controller, we determine the purposes and means of processing your personal data and are responsible for ensuring that such processing complies with applicable data protection law.

Personal Data We Collect

We collect and process the following categories of personal data when you use our services or communicate with us:

Identification and contact information, such as your full name, home or business address, and any preferred contact details you choose to provide.

Service-related information, such as details about your property that are relevant for deep cleaning, access instructions, preferred dates and times for appointments, details of previous services, and any special requests or notes you give us.

Booking and transaction information, such as records of bookings, cancellations, invoices, amounts paid, payment status, and limited payment-related information necessary to verify that a payment has been made. We do not store full card details when payment is processed via an external payment service provider.

Communication data, such as messages you send to us, feedback, complaints or queries, and our responses to you. This may include records of phone or messaging conversations where relevant to the services we provide.

Technical and usage information, such as basic device and browser details and log information required for the secure operation of our website or online tools, where applicable. This may include IP address and the date and time of access.

Purposes and Lawful Bases for Processing

We process your personal data only when we have a lawful basis under GDPR. Depending on the context, we may rely on the following lawful bases:

Contract: We process personal data to enter into and perform our contract with you, including to manage enquiries, provide deep cleaning services, administer appointments, issue invoices, take payment, and communicate with you about your bookings. Without this data, we may not be able to provide the requested services.

Legal obligation: In some cases, we are required by law to process personal data, for example for tax, accounting and record-keeping purposes, and to respond to valid requests from public authorities where we are legally obliged to do so.

Legitimate interests: We may process personal data for our legitimate business interests, provided that these interests are not overridden by your rights and freedoms. This includes managing our business operations, improving our services, handling queries and complaints, preventing fraud or misuse of our services, keeping basic records of past services, and ensuring the security of our systems and premises.

Consent: Where required by law, we may rely on your consent, for example for certain types of marketing communication or optional features. When processing is based on consent, you may withdraw your consent at any time, which will not affect the lawfulness of processing carried out before the withdrawal.

How We Use Your Personal Data

We use the personal data we collect for the following purposes:

To handle enquiries and provide quotations for deep cleaning services in your area.

To schedule, manage and perform cleaning appointments, including any follow-up visits.

To communicate with you about your bookings, changes, cancellations, service updates and customer support.

To process payments, issue invoices, and maintain accurate financial and service records.

To improve our services, including by reviewing feedback and resolving any issues you raise.

To maintain the security and integrity of our systems, prevent misuse of services and detect potential fraud.

To comply with legal and regulatory requirements applicable to our business.

Data Processors and Third Parties

We may share your personal data with trusted third parties who act as data processors on our behalf. These processors only process personal data in accordance with our written instructions and are contractually required to implement appropriate technical and organisational measures to protect your data.

Typical categories of processors include:

IT and hosting providers that store or manage our digital records and systems.

External payment service providers that securely process payments on our behalf.

Professional advisers, such as accountants, where necessary for our legitimate business needs and compliance with legal obligations.

Where legally required, we may also share personal data with public authorities or law enforcement bodies. When we engage processors located outside the United Kingdom or the European Economic Area, we ensure that appropriate safeguards are in place, such as standard contractual clauses or equivalent mechanisms recognised under GDPR.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying legal, accounting or reporting requirements.

Customer and service records are generally kept for the duration of your relationship with Deep Cleaning and for a reasonable period afterwards, in line with applicable limitation periods for legal claims and mandatory retention rules. Financial and invoicing records are kept for the period required under tax and accounting laws.

When personal data is no longer required, we will delete it or anonymise it in a secure manner so it can no longer be associated with an identifiable individual.

Security of Your Personal Data

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, alteration, disclosure or destruction. These measures include controlling access to personal data, using secure storage solutions, and limiting personal data to what is necessary for each specific purpose.

While we take reasonable steps to secure your data, no system can be guaranteed to be completely secure. We will notify you and any relevant supervisory authority of a personal data breach where we are legally required to do so.

Your Data Protection Rights

Under GDPR, you have several rights in relation to your personal data. These rights apply to all Deep Cleaning customers within our service area, subject to applicable legal conditions and exemptions.

Right of access: You have the right to request confirmation as to whether we process your personal data and, if so, to receive a copy of that data and certain related information.

Right to rectification: You have the right to request correction of inaccurate personal data and completion of incomplete personal data.

Right to erasure: In certain circumstances, you may request that we delete your personal data, for example where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent and there is no other lawful basis for processing.

Right to restriction: You may request that we restrict the processing of your personal data in certain situations, such as when you contest the accuracy of the data or object to our legitimate interests.

Right to data portability: In some cases, you may ask to receive personal data you have provided to us in a structured, commonly used and machine-readable format, and to have that data transmitted to another controller where technically feasible.

Right to object: You may object to the processing of your personal data based on our legitimate interests, and we will stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or unless processing is required for legal claims.

Right to withdraw consent: Where processing is based on your consent, you may withdraw that consent at any time. This will not affect the lawfulness of processing that took place before consent was withdrawn.

You also have the right to lodge a complaint with the data protection supervisory authority in your country of residence, place of work or place of the alleged infringement if you believe that we have not complied with data protection laws.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, how we process personal data, or legal requirements. Any changes will take effect when the updated Privacy Policy is made available. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.