Privacy Policy - Deep Deep Cleaning
Deep Deep Cleaning is committed to protecting personal data and respecting privacy. This Privacy Policy explains how we collect, use, share, store, and protect personal data when we provide cleaning and related services. It applies to all Deep Deep Cleaning customers in the area, including individuals, households, landlords, tenants, businesses, and any other customers receiving our services.
We process personal data in accordance with the UK GDPR and the Data Protection Act 2018, and, where applicable, the EU GDPR. This policy is intended to be clear, fair, and transparent, so customers understand how their information is handled.
1. Personal Data We Collect
We collect only the personal data needed to manage bookings, deliver services, manage accounts, and meet legal obligations. The types of data we may collect include:
- Identity details such as your name, and where relevant, the name of your business or property manager.
- Contact details such as address, email address, and phone number.
- Service information such as property access notes, cleaning preferences, appointment history, service instructions, and special requests.
- Payment and billing details such as payment records, invoices, and transaction references. We do not intentionally store full card details where payment is handled by a third-party payment provider.
- Communication records such as emails, text messages, call notes, complaints, reviews, and customer feedback.
- Technical data if you interact with our digital systems, such as IP address, device information, browser type, and usage logs, where this is necessary for security and service management.
- Special category data only where you voluntarily provide it and it is strictly necessary, for example if a cleaning instruction reveals health-related access needs or safety considerations. We seek to minimise this data and apply extra protection where required.
We generally collect data directly from you when you make an enquiry, book a service, request a quote, communicate with us, or provide instructions. In some cases, we may receive information from third parties such as property owners, landlords, managing agents, payment providers, or business clients who book services on your behalf.
2. How We Use Personal Data
We use personal data only for legitimate and necessary purposes connected to our services. These purposes include:
- Managing enquiries, quotes, and bookings.
- Providing cleaning services and related support.
- Coordinating access to premises and confirming appointments.
- Preparing invoices, processing payments, and handling refunds where applicable.
- Managing customer accounts, service history, and preferences.
- Responding to questions, complaints, and service requests.
- Improving our services, training staff, and maintaining quality standards.
- Meeting legal, tax, accounting, insurance, and regulatory obligations.
- Protecting against fraud, misuse, security incidents, and unlawful activity.
We do not use personal data for purposes that are incompatible with the reason it was collected, unless we have a lawful basis to do so and have informed you where necessary.
3. Lawful Basis for Processing
We process personal data only where we have a valid lawful basis under data protection law. Depending on the context, our lawful bases include:
Contract
We process data where it is necessary to enter into or perform a contract with you. This includes managing bookings, delivering cleaning services, taking payment, and communicating about the service.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights and freedoms. This includes maintaining records, improving operations, managing customer relationships, preventing fraud, and protecting our business.
Legal Obligation
We may process data where needed to comply with legal obligations, such as tax, accounting, employment, insurance, health and safety, and record-keeping requirements.
Consent
Where required, we rely on your consent, for example for certain optional communications or where special category data is provided and consent is the appropriate basis. You may withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.
Vital Interests
In rare cases, we may process personal data to protect someone’s vital interests, such as where immediate action is needed to address an emergency.
4. Sharing Personal Data and Processors
We may share personal data with trusted third parties only where necessary and appropriate. These third parties act as processors or independent controllers depending on the service they provide.
Examples of processors and service providers may include:
- Payment processors that handle card or electronic transactions securely on our behalf.
- Booking and scheduling systems that help us manage appointments and service routes.
- Accounting and invoicing providers that support billing, finance, and reporting.
- IT and cloud service providers that store or support our business systems.
- Communication providers that enable email, messaging, or telephone support.
- Professional advisers such as insurers, accountants, lawyers, or consultants where needed for legitimate business purposes.
We require processors to act only on our instructions, to keep personal data secure, and to use it only for the agreed purpose. Where personal data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place.
We may also share information where required by law, to respond to legal claims, to protect our rights, or to prevent fraud or security incidents. We do not sell personal data.
5. Data Retention
We keep personal data only for as long as necessary for the purpose it was collected, and no longer than required by law. Retention periods vary depending on the type of data and the reason for processing.
- Booking and service records are retained for the period needed to manage the customer relationship and service history.
- Accounting and tax records are retained for the period required by applicable legal and financial rules.
- Complaints and correspondence may be retained for a reasonable period to handle disputes, improve service, and maintain business records.
- Technical logs are retained for security, monitoring, and troubleshooting purposes for a limited time.
When data is no longer required, we delete it securely or anonymise it so that it can no longer identify you.
6. Data Security
We take reasonable technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and limited access to data on a need-to-know basis.
Although no system can be completely secure, we work to maintain an appropriate level of protection and review our practices regularly.
7. Your Rights
Under data protection law, you have rights in relation to your personal data. These rights may be subject to legal conditions and exceptions. They include:
- Right of access – you may request a copy of the personal data we hold about you.
- Right to rectification – you may ask us to correct inaccurate or incomplete information.
- Right to erasure – you may request deletion of your data in certain circumstances.
- Right to restriction – you may ask us to restrict processing in certain situations.
- Right to object – you may object to processing based on legitimate interests.
- Right to data portability – you may request certain data in a structured, commonly used format where legally applicable.
- Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.
You also have the right to lodge a complaint with the relevant data protection authority if you are unhappy with how your data is handled. We encourage you to raise concerns with us first so we can address them promptly.
8. Children’s Data
Our services are not directed at children. We do not knowingly collect personal data from children unless it is provided by a parent, guardian, or authorised adult in connection with a service request and only where necessary.
9. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, service practices, or operational needs. Any updated version will apply from the date it takes effect. We encourage customers to review this policy periodically to stay informed.
10. Summary of Our Commitment
Deep Deep Cleaning is committed to using personal data fairly, lawfully, and transparently. We collect only what we need, keep it secure, retain it only as long as necessary, and respect your rights under data protection law. This policy applies to all Deep Deep Cleaning customers in the area and supports our commitment to responsible data handling in every service we provide.