Privacy Policy - Endoftenancycleanlondon
This Privacy Policy explains how Endoftenancycleanlondon collects, uses, stores, shares, and protects personal data when providing services to customers in the area. It applies to all Endoftenancycleanlondon customers in the area, including individuals who enquire about services, receive quotations, make bookings, or otherwise interact with us in connection with end of tenancy cleaning services.
1. Who We Are
Endoftenancycleanlondon acts as a data controller for the personal data processed in connection with our services. This means we determine why and how personal data is used. We are committed to handling personal data in line with the UK GDPR, the Data Protection Act 2018, and other applicable privacy laws.
We only process personal data where there is a lawful basis to do so, and we take appropriate technical and organisational measures to protect it.
2. Personal Data We Collect
We may collect the following categories of personal data:
- Identity data such as your name and, where relevant, the name of your landlord, letting agent, or authorised representative.
- Contact data such as address, email address, telephone number, and property access details necessary to arrange and complete services.
- Service and booking data such as cleaning requirements, preferred dates and times, service instructions, quotations, and records of appointments or completed work.
- Billing and transaction data such as payment status, invoices, receipts, and records needed for accounting and tax purposes.
- Communication data such as enquiries, complaints, feedback, messages, and any correspondence related to our services.
- Technical data such as limited device or usage information if you interact with us electronically, including IP-related information where required for security and operational purposes.
We do not intentionally collect special category data unless it is provided by you and is necessary for a specific lawful purpose. If any such data is received unintentionally, it will be handled with extra care and only where permitted by law.
3. How We Use Personal Data
We use personal data for the following purposes:
- to respond to enquiries and provide quotations;
- to arrange, deliver, and manage cleaning services;
- to communicate about bookings, schedules, access arrangements, and service updates;
- to issue invoices, process payments, and manage refunds where applicable;
- to maintain internal records and customer service histories;
- to handle complaints, disputes, or claims;
- to comply with legal, accounting, and regulatory obligations;
- to improve our services, administration, and customer experience;
- to protect against fraud, misuse, or security incidents.
We only collect what is necessary and use personal data in a way that is fair, lawful, and transparent.
4. Lawful Basis for Processing
Under data protection law, we must have a lawful basis for each processing activity. Depending on the context, Endoftenancycleanlondon relies on one or more of the following lawful bases:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes managing bookings, delivering cleaning services, and handling payment-related matters.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include service administration, record keeping, responding to enquiries, improving our operations, and preventing misuse.
Legal Obligation
We may process and retain certain information to comply with legal obligations, including tax, accounting, insurance, and record-keeping requirements.
Consent
In limited cases, we may rely on your consent, for example where it is required by law for a particular type of communication or optional processing. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
5. Sharing and Processors
We may share personal data with trusted third parties only where necessary for the purposes described in this Policy. These third parties act as processors or independent controllers, depending on the service they provide.
Examples of processors may include:
- booking and scheduling system providers;
- payment processing providers;
- invoicing, accounting, and bookkeeping providers;
- IT support, cloud storage, and data hosting providers;
- customer communication and administrative service providers;
- professional advisers such as accountants, insurers, or legal advisers where necessary.
Where a processor is used, we ensure appropriate contractual safeguards are in place so that your data is processed only on our instructions and with adequate security. We do not sell personal data.
We may also disclose information where required by law, to protect our rights, or to prevent fraud, abuse, or security threats.
6. Data Retention
We keep personal data only for as long as necessary for the purpose for which it was collected, and in line with legal, accounting, and operational requirements. Retention periods may vary depending on the type of information and the reason it is held.
In general:
- quotation and enquiry records may be retained for a reasonable period to manage follow-up, disputes, and service history;
- customer booking and service records may be retained for operational and administrative purposes;
- financial and tax records are typically retained for the period required by law;
- correspondence and complaint records may be retained for the time needed to resolve the issue and demonstrate compliance;
- data no longer needed is securely deleted or anonymised.
When determining retention periods, we consider legal obligations, the nature of the service, the need to resolve queries or claims, and whether retention remains reasonably necessary.
7. Data Security
We use appropriate security measures to protect personal data from unauthorised access, loss, alteration, disclosure, or destruction. These measures may include restricted access, secure systems, password protection, data minimisation, and staff confidentiality obligations. While no system can be guaranteed to be completely secure, we take reasonable steps to reduce risks and respond promptly to incidents.
8. International Transfers
If any personal data is transferred outside the UK, we will ensure that appropriate safeguards are used so that the data continues to receive a level of protection that is consistent with applicable law. Such safeguards may include adequacy regulations, standard contractual clauses, or equivalent legal mechanisms.
9. Your Rights
Under data protection law, you have a number of rights regarding your personal data. These rights are subject to certain conditions and exemptions.
- Right of access – you may request a copy of the personal data we hold about you.
- Right to rectification – you may ask us to correct inaccurate or incomplete information.
- Right to erasure – you may ask us to delete personal data in certain circumstances.
- Right to restriction – you may ask us to limit how we use your data in certain situations.
- Right to object – you may object to processing based on legitimate interests, including direct marketing where applicable.
- Right to data portability – you may request that certain data be provided to you or another organisation in a structured, commonly used format.
- Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.
If you wish to exercise any of these rights, we will respond in accordance with data protection law. We may need to verify your identity before responding to your request.
10. Children’s Data
Our services are intended for adults and are not directed at children. We do not knowingly collect personal data from children in connection with our services. If we become aware that we have collected such data without lawful basis, we will take appropriate steps to delete it.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this Policy periodically to stay informed about how we use personal data.
12. Summary of Our Commitment
Endoftenancycleanlondon is committed to respecting privacy and processing personal data responsibly. We collect only the information needed to deliver our services, rely on lawful bases recognised by data protection law, retain information only for as long as necessary, and use trusted processors with appropriate safeguards. We also recognise and support your rights over your personal data. This policy applies to all Endoftenancycleanlondon customers in the area.
By using our services, you acknowledge that personal data may be processed in accordance with this Privacy Policy and applicable law.