Privacy Policy -

This Privacy Policy explains how personal data is collected, used, shared, and protected in connection with our services. It applies to all customers in area, and it is intended to meet the requirements of the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using our services, individuals acknowledge that their personal data may be processed in accordance with this Policy.

1. Scope of This Policy

This Policy applies to personal data processed when individuals interact with our services, whether as a customer, prospective customer, or authorized representative. It covers data collected through direct interactions, automated means, and third parties where lawful. It does not apply to information that has been anonymized so that no individual can be identified.

This Policy applies to all customers in area. Where local law provides additional protections, those rights and obligations will also apply.

2. Categories of Personal Data We Collect

We collect only the personal data necessary for specific, explicit, and legitimate purposes. Depending on the nature of the relationship, the categories may include:

  • Identity data such as name, title, and user identifiers;
  • Contact data such as email address, postal address, and telephone number;
  • Account data such as login credentials, preferences, and profile settings;
  • Transaction data such as service requests, order details, and payment-related records;
  • Technical data such as IP address, device type, browser type, and system logs;
  • Usage data such as pages viewed, features used, and interaction patterns;
  • Communication data such as messages, inquiries, and feedback;
  • Verification data where needed for security, fraud prevention, or compliance purposes.

We do not intentionally collect special category data unless it is strictly necessary, permitted by law, and subject to additional safeguards. If such data is ever processed, it will be handled under an appropriate legal basis and enhanced protection measures.

3. How We Collect Personal Data

We may collect personal data directly from individuals, automatically through technical systems, and from authorized third parties. Examples include data provided when an account is created, when a service is requested, when support is contacted, or when a payment or verification step occurs. Automated collection may occur through cookies or similar technologies used for essential functionality, security, analytics, and service improvement, where permitted by law.

Where data is collected from third parties, we ensure that the source is authorized to share that information and that the transfer complies with applicable data protection requirements.

4. Purposes of Processing

We process personal data only for lawful and defined purposes. These may include:

  • Providing and operating our services;
  • Creating and managing accounts;
  • Processing transactions and fulfilling requests;
  • Communicating important service-related information;
  • Responding to inquiries and support requests;
  • Maintaining security, preventing fraud, and protecting systems;
  • Complying with legal and regulatory obligations;
  • Improving service performance, user experience, and reliability;
  • Establishing, exercising, or defending legal claims.

We will not process personal data in a manner that is incompatible with the original purpose for which it was collected, unless we have a lawful basis to do so and, where required, have informed the individual.

5. Lawful Basis for Processing

Under GDPR, we must have a lawful basis to process personal data. Depending on the context, we rely on one or more of the following:

Consent

Where required, we process personal data based on freely given, specific, informed, and unambiguous consent. Individuals may withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

Contract

We process personal data when it is necessary to enter into or perform a contract with the individual, such as providing requested services or managing account-related activities.

Legal obligation

We may process personal data when necessary to comply with legal requirements, such as tax, accounting, fraud prevention, recordkeeping, or regulatory obligations.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by the individual’s rights and freedoms. This may include maintaining service security, improving offerings, or preventing misuse.

Vital interests and public interest

In rare circumstances, we may process personal data to protect vital interests or where processing is necessary for a task carried out in the public interest, as permitted by law.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Policy, including to meet legal, accounting, tax, and reporting requirements. The retention period depends on the type of data, the purpose of processing, and applicable legal obligations.

When determining retention, we consider:

  • The nature and sensitivity of the data;
  • The risk of harm from unauthorized use or disclosure;
  • Whether the processing purpose can be achieved by other means;
  • Mandatory legal retention periods;
  • Whether the data is needed for dispute resolution or enforcement.

When personal data is no longer required, we will either delete it securely or anonymize it so that it can no longer identify an individual.

7. Data Sharing and Processors

We may share personal data with trusted third parties only where necessary and lawful. These third parties may act as processors or, in some cases, as independent controllers. When we engage processors, they are bound by written agreements requiring them to process data only on our documented instructions and to implement appropriate security measures.

Examples of processors may include providers of hosting, data storage, security, analytics, communication, payment, identity verification, and customer support services. Processors are selected carefully and are required to maintain confidentiality, integrity, and availability of personal data.

Where personal data is transferred outside the European Economic Area, appropriate safeguards will be used, such as adequacy decisions, Standard Contractual Clauses, or other lawful transfer mechanisms permitted under GDPR.

8. Data Security

We use technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. Such measures may include access controls, encryption where appropriate, role-based permissions, logging, secure storage, and staff training.

No system can be guaranteed to be completely secure, but we take reasonable and proportionate steps to reduce risk and to respond appropriately to suspected incidents.

9. Your Rights Under GDPR

Individuals whose personal data is processed under this Policy have rights under GDPR, subject to certain conditions and exceptions. These rights include:

  • Right of access — to obtain confirmation and a copy of personal data we hold;
  • Right to rectification — to correct inaccurate or incomplete data;
  • Right to erasure — to request deletion where the conditions for deletion are met;
  • Right to restriction — to limit processing in certain situations;
  • Right to data portability — to receive data in a structured, commonly used, machine-readable format where applicable;
  • Right to object — to object to processing based on legitimate interests or direct marketing;
  • Right to withdraw consent — where processing is based on consent;
  • Right not to be subject to automated decisions — including profiling, where such decisions have legal or similarly significant effects, unless lawful exceptions apply.

Requests will be assessed in accordance with applicable law. We may need to verify identity before fulfilling a request to protect personal data from unauthorized disclosure.

10. Children’s Data

Our services are not intended for children unless explicitly stated otherwise. We do not knowingly collect personal data from children without appropriate authorization where required by law. If we learn that personal data has been collected without lawful basis, we will take reasonable steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. When material changes are made, the revised version will apply from the stated effective date. Continued use of the services after such changes indicates acknowledgment of the updated Policy, to the extent permitted by law.

12. Accountability

We are committed to data protection by design and by default. This means that privacy considerations are integrated into our processes, systems, and decisions from the outset. We also maintain internal controls designed to ensure personal data is handled lawfully, fairly, transparently, and securely.

In summary, we collect only necessary data, process it on a valid legal basis, retain it for a limited period, use trusted processors under contract, and respect the rights of individuals under GDPR. This Privacy Policy applies to all customers in area.

Call Now!
Call Now Get a Quote
Tooting Cleaners

GDPR Privacy Policy covering data collection, lawful basis, retention, processors, user rights, and applicability to all customers in area.

Get a Quote

What Our Customers Say

Excellent on Google
4.9 (10)

For about a year now, Cleaning Tooting has been our go-to cleaning service, and the quality has been consistently great. Our main cleaner is excellent, shows up reliably, and works carefully. Our house is always kept nice and clean.

Google Logo
R

I love this cleaning crew! Every visit leaves my home looking perfect. They're also great at responding to messages.

Google Logo
L

Amazing experience with their cleaning service! Thorough, reliable, and trustworthy. I absolutely recommend them.

Google Logo
J

Cleaning Tooting - top-quality service at a fair price. Very pleased with how it turned out.

Google Logo
E

Pricing is great, and I was extremely impressed with their cleaning of stubborn stains and marks.

Google Logo
R

I booked a deep clean from Tooting Cleaning for my home. The cleaners were very professional and approachable. They respected my things and proactively organized some clutter as well.

Google Logo
A

From start to finish, communication was excellent. Flexible with my needs, easy to book, and the staff delivered top-notch cleaning for the price. Will book them again.

Google Logo
J

Top-level service by Tooting Cleaning Companies. They took all the necessary steps to ensure we were satisfied and their cleaning was outstanding.

Google Logo
C

Our Airbnb feels like a five-star hotel thanks to Cleaning Tooting. They accommodate our schedule and bring a personal approach. Cleaning and essentials restocking are done seamlessly every time.

Google Logo
N

Thanks to Tooting Cleaner, our holiday property is always guest-ready. Their reliable service has made a noticeable impact.

Google Logo
W

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.