Privacy Policy - .

Introduction

This Privacy Policy explains how personal data relating to customers is collected, used, retained, disclosed and protected in compliance with the General Data Protection Regulation (GDPR). This policy applies to all customers in the area and governs personal data processed in connection with our services and products. By using our services, customers acknowledge that their personal data will be processed in accordance with this policy.

1. Scope and Applicability

This Privacy Policy applies to all individuals who are customers in the area and whose personal data we process in the context of providing services. It covers all forms of personal data processing, whether electronic or paper-based, and applies to internal and external processing operations.

1.1 Definitions

  • Personal data: Any information relating to an identified or identifiable natural person.
  • Processing: Any operation performed on personal data, including collection, storage, use, disclosure and deletion.
  • Controller: The entity determining the purposes and means of processing.
  • Processor: Third-party service providers processing personal data on our behalf under contract.

2. Categories of Data Collected

We collect and process the following categories of personal data from customers as necessary to deliver services and comply with legal obligations:

  • Identity and account data: names, identity numbers, account identifiers.
  • Contact data: postal addresses, telephone numbers, and electronic contact details.
  • Transactional data: order histories, service usage records, billing and payment information.
  • Technical data: IP addresses, device identifiers, browser type and operating system, log files.
  • Communication data: correspondence and support requests submitted by customers.
  • Location data: where necessary for service provision, approximate or precise location information.
  • Special categories: only collected where strictly necessary and with explicit consent, such as health or biometric data when required for a specific service.

3. Lawful Bases for Processing

We rely on one or more of the following lawful bases under the GDPR to process personal data:

  • Performance of a contract: Processing necessary to enter into or perform a contract with the customer, such as delivering services, billing and fulfilling orders.
  • Legal obligation: Processing required to comply with applicable laws and regulatory requirements, including tax, anti-money laundering and safety obligations.
  • Consent: Where required, we will obtain explicit and documented consent for processing activities, especially for marketing or special categories of data. Consent may be withdrawn at any time.
  • Legitimate interests: Processing necessary for the legitimate interests pursued by us or third parties, balanced against customer rights and interests. Examples include fraud prevention, network security and improving services.

4. Data Retention

Retention periods vary by category of data and purpose. We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, regulatory and contractual obligations.

  • Account and transactional data: retained for the duration of the contractual relationship and for a period after termination as required by applicable law (typically between 3 and 10 years for accounting and tax records).
  • Communication and support records: retained while relevant to ongoing matters and for a limited period thereafter (commonly up to 3 years).
  • Technical and usage data: retained for operational and security purposes, generally for up to 24 months unless longer retention is justified for fraud prevention or legal claims.
  • Marketing data: retained until consent is withdrawn or the individual objects to processing.
  • Special categories: retained only with explicit consent or when legally required, and for the minimum period necessary.

After the retention period expires, personal data will be securely deleted, anonymized or archived in accordance with our data retention and disposal policies.

5. Use of Processors and Third Parties

We engage third-party processors to perform certain functions on our behalf, such as payment processing, data hosting, analytics, customer support platforms and delivery services. When we use processors:

  • We conduct due diligence and select processors that provide sufficient guarantees to implement appropriate technical and organizational measures to protect personal data.
  • We enter into written contracts with processors that include GDPR-compliant data processing agreements, specifying the subject matter, duration, nature and purpose of processing, types of personal data and categories of data subjects.
  • We require processors to process data only on documented instructions, to assist with data subject rights, and to ensure confidentiality and security of processing.

International Transfers

If personal data is transferred outside the European Economic Area (EEA), we will ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other legally recognized transfer mechanisms to protect the data.

6. Security Measures

We implement appropriate technical and organizational measures to secure personal data against accidental or unlawful destruction, loss, alteration, disclosure or access. Measures include access controls, encryption where appropriate, regular security assessments, employee training and incident response procedures. While we strive to protect personal data, no security measure is absolute; customers should be aware of residual risks when transmitting data online.

7. Rights of Data Subjects

Under the GDPR, customers have the following rights in relation to their personal data. We respect and facilitate these rights:

  • Right of access – the right to obtain confirmation as to whether personal data concerning them is being processed, and access to that data.
  • Right to rectification – the right to have inaccurate or incomplete personal data corrected without undue delay.
  • Right to erasure (right to be forgotten) – the right to request deletion of personal data where there is no lawful ground for retention.
  • Right to restriction of processing – the right to request the restriction of processing under certain conditions.
  • Right to data portability – the right to receive personal data in a structured, commonly used and machine-readable format and to transmit those data to another controller where applicable.
  • Right to object – the right to object to processing based on legitimate interests or direct marketing at any time.
  • Right to withdraw consent – where processing is based on consent, the right to withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

Exercising Rights

If you wish to exercise any of these rights, you may use the channels available within your account or the service. We will respond to requests in accordance with applicable law, typically within one month of receipt. Where requests are complex, we may extend the period and will inform you of any extension and the reasons for it.

8. Automated Decision-Making and Profiling

We may use automated systems and profiling to enhance service delivery, detect fraud and personalize experiences. Decisions that produce legal effects or significantly affect individuals will be subject to appropriate safeguards, including human review, where required by law. Where profiling is based on consent, individuals may withdraw consent at any time.

9. Children and Minors

Our services are not directed to children under the age of 16, and we do not knowingly collect personal data from minors without appropriate parental or guardian consent where required by law. If we become aware that personal data of a child has been processed without consent, we will take steps to delete the data.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. Material changes will be communicated through the service or other available channels. Continued use of the service after such updates constitutes acceptance of the revised policy.

11. Complaints and Supervisory Authority

Individuals have the right to lodge a complaint with a competent data protection supervisory authority if they consider that the processing of their personal data infringes applicable data protection laws. Complaints will be handled in accordance with statutory procedures.

12. Final Provisions

This Privacy Policy sets out our commitments for processing personal data of all customers in the area. We maintain appropriate records of processing activities and review our data protection measures periodically to ensure compliance with the GDPR and related laws. Customers are encouraged to review this policy periodically to stay informed of how their personal data is handled.

End of Privacy Policy

Call Now!
Call Now Get a Quote
Bromley Cleaners

GDPR-compliant privacy policy covering data collection, lawful bases, retention, processors, security, and data subject rights; applies to all customers in the area.

Get a Quote

What Our Customers Say

Excellent on Google
4.9 (10)

They deliver a very professional experience with lovely staff. Honest and reliable, they do excellent work on our house--always satisfied.

Google Logo
D

Showed up on time as arranged. Quality of work was excellent considering the weather. The team was pleasant and answered all questions. Exceptional service all round!

Google Logo
F

Their efficiency and effectiveness stood out. Punctual and easy to work with. Highly recommended.

Google Logo
C

Very happy with Bromley Cleaning Company. Customer service is helpful and courteous, and the cleaners are consistently professional and efficient. Strongly recommend them.

Google Logo
K

Bromley Cleaners was amazing! My carpet looks refreshed and clean. Will absolutely refer them to everyone I know.

Google Logo
M

We are always impressed by this company's professionalism and efficiency. Both deep cleaning and regular services are excellent. Thanks, team!

Google Logo
F

The cleaning exceeded my expectations! The home is neat, tidy, and smells fantastic. The staff was efficient, amiable, and attentive. Highly recommend!

Google Logo
T

Absolutely pleased with the team's professionalism and attitude. They were on time and managed to make my old carpet look fresh and spotless.

Google Logo
H

I'm thrilled with the cleaning job from Cleaners Bromley. The staff was professional and went above and beyond to ensure everything was spotless. They left my property looking better than ever.

Google Logo
A

We've had a great experience with Bromley House Cleaners over the years. They're reliable and professional, and our cleaner is friendly and great with the children.

Google Logo
M

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.