Privacy Policy - Oven Cleaning Wandsworth
This Privacy Policy explains how Oven Cleaning Wandsworth collects, uses, stores, shares, and protects personal data. It applies to all Oven Cleaning Wandsworth customers in area, including anyone who requests a quote, books a service, receives a service, or communicates with us in connection with oven cleaning and related household cleaning services.
We are committed to handling personal data in a lawful, fair, and transparent way in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is designed to help you understand what information we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have.
1. Information We Collect
We may collect and process different categories of personal data depending on how you interact with us. The information we collect is limited to what is necessary for our business operations and service delivery.
Information you provide directly
- Identity details such as your name.
- Contact details such as your telephone number and email address.
- Service details such as your address, preferred appointment time, access instructions, and information about the appliance or area to be cleaned.
- Communication records including messages, notes from calls, and feedback.
- Billing and payment-related information where necessary to process payments or issue invoices.
Information collected automatically
When you contact us or use digital systems connected to our services, we may collect limited technical data such as IP address, device type, browser type, and interaction logs. This data helps us maintain security, improve performance, and prevent misuse. Where possible, this data is aggregated or pseudonymised.
Information from third parties
We may receive personal data from third parties where lawful and appropriate, for example from referral partners, booking systems, payment providers, or publicly available business directories. If someone books on your behalf, we may also receive your details from that person to complete the service.
2. How We Use Personal Data
We use personal data only where we have a valid legal basis and a clear business purpose. Typical uses include:
- providing quotes and confirming appointments;
- delivering oven cleaning and related services;
- managing customer communication before, during, and after a booking;
- processing payments, refunds, and invoices;
- maintaining service records and customer history;
- responding to complaints, disputes, and legal claims;
- improving our service quality, training, and operational efficiency;
- meeting legal, accounting, and tax obligations;
- protecting against fraud, misuse, and security incidents.
We do not use your personal data for purposes that are incompatible with the original reason it was collected unless permitted by law or you have been informed otherwise.
3. Lawful Basis for Processing
Under UK GDPR, we must have a lawful basis for each processing activity. We rely on the following bases, depending on the situation:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes handling your booking, arranging access, carrying out the cleaning service, and managing payment.
Legitimate interests
We may process data where it is necessary for our legitimate interests, provided your rights and freedoms do not override those interests. Examples include service improvement, business administration, fraud prevention, quality assurance, and record keeping.
Legal obligation
We process some data to comply with legal obligations, such as tax records, accounting requirements, insurance obligations, and responding to lawful requests from authorities.
Consent
In limited cases, we may rely on your consent, for example where it is needed for certain marketing activities or optional communications. Where consent is used, you may withdraw it at any time.
Vital interests
In exceptional circumstances, we may process data to protect someone’s vital interests, such as in an emergency.
4. Sharing and Processors
We may share personal data with trusted third parties known as processors or service providers who help us operate our business. These parties act on our instructions and are required to protect your data.
Examples of processors may include:
- Payment providers who handle card or online payment processing.
- Booking and scheduling platforms that help manage appointments.
- Cloud storage and IT providers that support secure record storage and communications.
- Accountants and bookkeeping providers who assist with tax and financial reporting.
- Customer management tools used for administration and service tracking.
- Professional advisers such as insurers, auditors, or legal advisers where necessary.
We may also disclose personal data if required by law, court order, regulatory request, or to protect our rights, customers, staff, or the public. We do not sell personal data.
Where a processor is used, we aim to ensure appropriate safeguards are in place, including data processing agreements, confidentiality obligations, security controls, and limits on international transfers where applicable.
5. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected and to meet legal, accounting, or operational requirements. Retention periods may vary depending on the type of record and the reason it is held.
- Customer and booking records are generally retained for a period necessary to manage service history and business administration.
- Payment and invoice records are retained for the period required by tax and accounting laws.
- Communication records are kept for as long as needed to manage queries, complaints, or ongoing customer relations.
- Technical and security logs are kept for a limited period unless a longer period is needed for investigation or legal reasons.
When data is no longer needed, it is securely deleted, anonymised, or archived in accordance with our retention practices. Retention periods are reviewed periodically to ensure they remain appropriate.
6. Security of Your Data
We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, encryption where appropriate, staff confidentiality obligations, and limited access on a need-to-know basis.
While we take data protection seriously, no system can be guaranteed completely secure. If a personal data breach occurs, we will assess the risk and take any action required by applicable law.
7. Your Rights
As a data subject under UK GDPR, you have a number of rights in relation to your personal data. These rights may be subject to legal limitations and exemptions.
- Right of access - you can request confirmation of whether we process your personal data and obtain a copy of it.
- Right to rectification - you can ask us to correct inaccurate or incomplete data.
- Right to erasure - you may request deletion of your data in certain circumstances.
- Right to restrict processing - you can ask us to limit how we use your data in some situations.
- Right to data portability - where applicable, you may request a copy of your data in a structured, commonly used format.
- Right to object - you may object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent - if processing relies on consent, you can withdraw it at any time.
You also have the right to raise concerns with the Information Commissioner’s Office (ICO) if you believe your data protection rights have been infringed. We encourage you to contact us first so we can try to resolve any issue promptly and fairly.
8. Marketing Communications
We may send service-related communications that are necessary for bookings, reminders, or administrative purposes. Where we send optional marketing messages, we will do so only where permitted by law and, if required, with your consent. You can opt out of marketing communications at any time.
Please note: opting out of marketing will not affect essential messages relating to an existing booking, invoice, complaint, or legal matter.
9. Children’s Data
Our services are intended for adults and households arranging cleaning services. We do not knowingly collect personal data from children as part of our normal operations. If we become aware that we have inadvertently collected such data, we will take reasonable steps to delete it, unless we are required to retain it by law.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, business practices, or the way we process personal data. Any revised version will apply from the date it is made available. We recommend reviewing this policy periodically so you remain informed about how your information is used.
11. Summary of Key Principles
In summary, we collect only the personal data needed to deliver and manage our services, we process it on valid lawful bases, and we keep it only for as long as necessary. We work with processors who are required to protect your information, and we respect your rights under UK GDPR. Our aim is to keep your data secure, use it responsibly, and maintain transparency for all Oven Cleaning Wandsworth customers in area.