Canary Wharf Cleaner Privacy Policy

This Privacy Policy explains how Canary Wharf Cleaner collects, uses, stores and protects personal data of all its customers within the Canary Wharf area and surrounding districts. It also explains your rights under the UK General Data Protection Regulation and related data protection laws. By using our cleaning services or communicating with us, you acknowledge that you have read and understood this Privacy Policy.

Scope and data controller

This Privacy Policy applies to all Canary Wharf Cleaner customers in the area, including residential and commercial clients, as well as individuals who contact us to request information, quotes, or bookings. Canary Wharf Cleaner acts as the data controller for the personal data described in this Policy, meaning we determine the purposes and means of processing that data.

Personal data we collect

We collect and process different categories of personal data depending on how you interact with us and which services you use. This may include:

Identification and contact details, such as name, postal address, service address, billing address, and preferred contact details.

Communication data, such as messages you send to us via contact forms, enquiry forms, or other communication channels, and notes of conversations relating to the services provided.

Service and booking information, such as details of requested cleaning services, access instructions for your premises where necessary, dates and times of appointments, and information relevant to carrying out the service safely and effectively.

Billing and payment information, such as records of invoices issued and payments received. If we use third party payment processors, your card details are handled directly by those processors and not stored by us.

Technical and usage data, such as basic information about how you access our website or digital platforms, including date and time of access and general device or browser information. We do not seek to identify you from this information unless required for security, fraud prevention or legal reasons.

Feedback and complaint data, including your comments about our services, satisfaction information, and records of any complaints or disputes.

Lawful bases for processing your data

We only process personal data when we have a valid lawful basis under data protection law. Depending on the context, we will rely on one or more of the following:

Contract: We process personal data where it is necessary to enter into or perform a contract with you, for example to manage bookings, provide cleaning services, issue invoices, and handle customer support.

Legitimate interests: We process personal data for our legitimate business interests, provided your interests and fundamental rights do not override those interests. This includes managing our relationship with you, improving our services, maintaining security, preventing fraud, and handling routine business operations.

Legal obligation: We process personal data where we must comply with legal or regulatory obligations, such as maintaining financial and tax records, responding to lawful requests from authorities, and meeting health and safety requirements.

Consent: In limited cases we may process your data based on your consent, for example if we send you certain types of marketing communications that are not based on our legitimate interests. You can withdraw your consent at any time, although this will not affect processing that has already taken place.

How we use your personal data

We use the personal data we collect for the following purposes:

To provide and manage cleaning services, including organising appointments, allocating cleaners, and tailoring our services to your premises and preferences.

To communicate with you about your bookings, answer questions, respond to enquiries, and provide customer support before, during, and after the provision of services.

To manage payments, issue invoices, process refunds where applicable, and maintain accurate financial records.

To manage our business operations, including quality control, staff training, performance monitoring, and service improvement.

To send you service-related information, updates to our terms and policies, and important notices about changes to our operations.

To protect our business and customers, including fraud prevention, security checks, and the exercise or defence of legal claims.

To comply with legal and regulatory requirements, including those related to tax, accounting, and health and safety.

Data retention

We keep personal data only for as long as it is reasonably necessary for the purposes for which it was collected, and to meet our legal, regulatory, tax, accounting or reporting obligations. When determining appropriate retention periods, we consider the quantity, nature and sensitivity of the data, potential risk of harm from unauthorised use or disclosure, the purposes of the processing, and whether those purposes can be achieved through other means.

In general, we retain:

Customer and booking records for as long as you are an active customer and for a period after your last interaction, in line with limitation periods for legal claims and accounting requirements.

Financial and transaction data in accordance with statutory retention periods required for tax and accounting purposes.

Communication and complaint records for as long as necessary to resolve the matter and to demonstrate how we have handled the issue.

At the end of applicable retention periods, we will securely delete or anonymise your personal data so it can no longer be associated with you.

Data processors and third party recipients

We may share your personal data with carefully selected third parties that act as data processors on our behalf. These processors are only permitted to use your data in accordance with our instructions and for the purposes set out in this Privacy Policy, and they are required to implement appropriate security measures.

Such processors may include:

IT and hosting providers that supply and support our business systems and data storage.

Payment processing providers that handle transactions and related fraud prevention measures.

Customer relationship management and scheduling tools that help us manage bookings and communications.

Professional advisers such as accountants, auditors or legal advisers where this is necessary for the provision of their services to us.

We may also share personal data where required by law, for example with regulatory bodies, law enforcement agencies, or courts, or where necessary to establish, exercise or defend legal claims. We do not sell your personal data.

International data transfers

Where we use service providers or systems that involve the transfer of personal data outside the United Kingdom, we ensure that appropriate safeguards are in place to protect your information. These safeguards may include the use of standard contractual clauses or other mechanisms approved by relevant data protection authorities. Further information about these safeguards can be made available upon request.

How we protect your data

We take the security of your personal data seriously and use appropriate technical and organisational measures to protect it against unauthorised access, accidental loss, destruction or damage. These measures include access controls, secure storage, and restricting personal data to staff and contractors who have a genuine need to access it for their work and are subject to confidentiality obligations.

Your data protection rights

Under data protection law, you have various rights in relation to your personal data, subject to certain conditions and exemptions. These rights include:

Right of access: You can request confirmation of whether we process your personal data and obtain a copy of that data, together with certain additional information.

Right to rectification: You can request correction of inaccurate or incomplete personal data we hold about you.

Right to erasure: In some circumstances, you can request that we delete your personal data, for example where it is no longer needed for the purposes for which it was collected, or where you withdraw consent and there is no other legal basis for processing.

Right to restriction of processing: You can request that we restrict the processing of your personal data in certain situations, such as while we verify its accuracy or consider an objection you have raised.

Right to object: You can object to processing based on our legitimate interests, including profiling, and we will stop processing unless we can demonstrate compelling legitimate grounds which override your interests, rights and freedoms or the processing is required for legal claims.

Right to data portability: In certain circumstances, you can request that we provide your personal data in a structured, commonly used, machine readable format, or that we transmit it directly to another controller where technically feasible.

Right to withdraw consent: Where we rely on consent as the lawful basis for processing your personal data, you can withdraw that consent at any time. This will not affect the lawfulness of processing carried out prior to withdrawal.

You also have the right to lodge a complaint with a supervisory authority if you consider that our processing of your personal data infringes data protection law. We encourage you to contact us first so we can try to resolve your concerns.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations or data protection practices. Any changes will be posted in the latest version of this Policy. We encourage you to review this Privacy Policy periodically to stay informed about how we process and protect your personal data.