Oven Cleaning Shoreditch Privacy Policy
This Privacy Policy explains how Oven Cleaning Shoreditch collects, uses, stores and protects personal data relating to our oven cleaning services. It applies to all Oven Cleaning Shoreditch customers and prospective customers located within our service area in and around Shoreditch.
We are committed to protecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation and all applicable data protection laws. By using our services, you acknowledge that you have read and understood this Privacy Policy.
Personal Data We Collect
We collect and process personal data that is necessary for the provision of our oven cleaning services and the day-to-day running of our business. The types of personal data we may collect include:
Identification and contact data: name, address, postcode, and other contact details you provide such as email address or other communication details.
Service details: information about the property where the service is to be carried out, details of the oven or related appliances, preferred dates and times for appointments, and any special instructions you choose to provide.
Booking and transaction data: records of bookings, invoices, payments, and any related financial information necessary to process and confirm your payments. Actual card or bank details are only processed where strictly necessary and only through secure payment channels provided by our payment processors.
Communication data: information contained in or relating to any communication you send to us, including enquiries about our services, feedback, complaints, and any follow-up correspondence.
Technical and usage data: limited technical information that may be collected when you visit our website or interact with our online booking tools, such as IP address, browser type, and basic usage statistics, where applicable and subject to cookie or similar technology settings.
How We Use Your Personal Data
We use your personal data only for specified, explicit and legitimate purposes. These purposes include:
To provide our oven cleaning services: managing enquiries, confirming bookings, scheduling and carrying out visits, issuing invoices, and providing customer support.
To manage our relationship with you: sending booking confirmations, reminders, service updates, and responding to any questions or concerns you raise.
To improve our services: monitoring the quality of our services, reviewing feedback, training staff, and improving our processes and offerings.
To comply with legal obligations: maintaining accounting and tax records, responding to lawful requests from regulators or public authorities, and managing any disputes or legal claims.
To send relevant information: providing service-related information such as changes to our terms, prices or opening hours, and, where permitted, news or offers about similar services you have previously used.
Lawful Basis for Processing
We process personal data only when we have a valid lawful basis under the UK GDPR. Depending on the context, we rely on one or more of the following legal grounds:
Performance of a contract: processing necessary to enter into and perform our contract with you, including taking steps at your request before entering into a contract, such as preparing a quote or confirming a booking.
Legal obligations: processing necessary to comply with legal requirements, including tax, accounting, and health and safety obligations.
Legitimate interests: processing necessary for our legitimate business interests, provided that your interests and fundamental rights do not override those interests. These legitimate interests may include improving our services, managing and growing our business, and ensuring the security and efficiency of our operations.
Consent: where required by law, we will seek your explicit consent for certain types of processing, such as particular forms of marketing communications. You have the right to withdraw your consent at any time.
Data Retention
We keep personal data only for as long as is necessary to fulfil the purposes for which it was collected and to meet any legal, accounting or reporting requirements.
Service and contact data: records relating to bookings, services provided and customer communications are generally retained for a period that enables us to handle queries, complaints, and potential legal claims, and to comply with statutory limitation periods.
Financial and transaction data: invoices, payment records and related documentation are retained in accordance with legal and tax requirements, typically for a number of years after the end of the financial year in which the transaction occurred.
Marketing data: if you have consented to receive marketing communications, we keep your information until you opt out or withdraw consent, or until it is no longer needed for that purpose. We will periodically review and delete data that is no longer required.
When the applicable retention period expires, we will securely delete or anonymise your personal data so that it can no longer be associated with you.
Data Sharing and Processors
We do not sell your personal data. We may share your personal data with trusted third parties where this is necessary for the purposes described in this Privacy Policy or where we are legally required to do so.
Service providers and processors: we may use third party providers to support our operations, such as payment processing services, accounting or bookkeeping providers, website hosting and maintenance services, scheduling tools, and IT or customer support services. These third parties act as data processors and process personal data only on our instructions, subject to strict confidentiality and data protection obligations.
Professional advisers: we may share personal data with professional advisers such as accountants, legal advisers, or insurers where necessary for the establishment, exercise or defence of legal claims or for compliance and advisory purposes.
Public authorities: we may disclose personal data if required by law, regulation, court order, or at the request of a public authority exercising lawful powers.
Whenever we engage a processor, we ensure that appropriate data processing agreements are in place to protect your data in accordance with the UK GDPR.
International Data Transfers
If any of our service providers are located outside the United Kingdom or the European Economic Area, we will only transfer personal data where appropriate safeguards are in place to ensure an adequate level of protection. Such safeguards may include the use of standard contractual clauses approved by relevant authorities or reliance on an adequacy decision.
Data Security
We take reasonable and appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction or damage. These measures include limiting access to personal data to those who have a business need to know it, using secure systems and backups, and regularly reviewing our security practices.
While we strive to protect your personal data, no method of transmission over the internet or method of electronic storage is entirely secure. We therefore cannot guarantee absolute security but will act promptly to investigate and mitigate any suspected data breach.
Your Data Protection Rights
As a data subject under the UK GDPR, you have a number of rights in relation to your personal data. These rights apply to all Oven Cleaning Shoreditch customers and prospective customers within our service area, subject to certain conditions and legal exceptions:
Right of access: you have the right to request confirmation as to whether we process your personal data and to obtain a copy of that data, together with information about how it is processed.
Right to rectification: you have the right to request correction of any inaccurate personal data we hold about you and to have incomplete data completed.
Right to erasure: in certain circumstances, you may request that we delete your personal data, for example where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent and there is no other legal basis for processing.
Right to restriction of processing: you may request that we restrict the processing of your personal data in specific situations, such as while we verify the accuracy of data or assess an objection.
Right to data portability: where processing is based on consent or on a contract and carried out by automated means, you may request to receive your personal data in a structured, commonly used and machine-readable format and to have it transmitted to another controller where technically feasible.
Right to object: you have the right to object at any time to processing based on our legitimate interests, including profiling, and to object to your personal data being used for direct marketing.
Right to withdraw consent: where we rely on your consent for processing, you may withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
You also have the right to lodge a complaint with the relevant data protection supervisory authority if you believe that your rights have been infringed. We encourage you to contact us first so we can attempt to resolve your concerns directly.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services or legal obligations. Any significant changes will be highlighted on our website or communicated to you through appropriate channels. The version posted on our website will always show the date from which it is effective.
By continuing to use our services after any changes take effect, you acknowledge the updated Privacy Policy as the basis for our processing of your personal data.
