Privacy Policy

This Privacy Policy explains how personal data is collected, used, stored, shared, and protected for all customers in the area. It is designed to meet the requirements of the General Data Protection Regulation (GDPR) and applies whenever personal data is processed in connection with the services, products, or interactions covered by this policy.

1. Scope of This Policy

This Privacy Policy applies to all individuals whose personal data is processed as part of serving customers in the area. It covers data collected directly from individuals, data generated through service use, and data received from third parties where permitted by law. Personal data means any information relating to an identified or identifiable person, including information that can directly or indirectly identify someone.

This policy does not apply to anonymous information that cannot reasonably be used to identify a person. It also does not apply where a separate privacy notice is provided for a specific service, unless that notice states otherwise.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data such as name, title, or similar identifiers.
  • Contact data such as address, email address, and telephone number.
  • Account or service data such as records of purchases, requests, preferences, and support interactions.
  • Technical data such as device information, browser type, IP address, and log data.
  • Usage data such as interactions with services, pages viewed, timestamps, and features used.
  • Communication data such as messages, feedback, complaints, and other correspondence.
  • Payment-related data where necessary to complete transactions, subject to applicable security standards.

We collect personal data directly from individuals when they provide it to us, automatically when services are used, and occasionally from third parties where lawful and appropriate. We limit collection to what is relevant and necessary for the purposes described in this policy.

3. How We Use Personal Data

We process personal data for specific, explicit, and legitimate purposes. These may include:

  • providing and managing services;
  • handling orders, requests, and account administration;
  • communicating about service updates, transactions, and support matters;
  • improving service quality, performance, and user experience;
  • maintaining security, preventing fraud, and detecting misuse;
  • meeting legal, regulatory, accounting, or reporting obligations;
  • resolving disputes and enforcing agreements.

We do not use personal data in ways that are incompatible with the original purposes for which it was collected unless a valid legal basis applies and the change is communicated where required.

4. Lawful Basis for Processing

Under GDPR, we process personal data only where a lawful basis exists. The lawful bases we may rely on are:

  • Consent – where an individual has given clear permission for a specific purpose. Consent can be withdrawn at any time.
  • Contract – where processing is necessary to perform a contract or to take steps at the request of the individual before entering into a contract.
  • Legal obligation – where processing is necessary to comply with a legal or regulatory requirement.
  • Vital interests – where processing is necessary to protect someone’s life in an emergency.
  • Legitimate interests – where processing is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by the individual’s rights and freedoms.

Where we rely on legitimate interests, we ensure that any processing is proportionate and that appropriate safeguards are in place. Special category data, if ever processed, will only be handled where a GDPR condition specifically allows it.

5. Sharing of Personal Data and Processors

We may share personal data with trusted third parties that act as processors on our behalf. These processors may provide services such as IT hosting, system maintenance, payment handling, analytics, customer support tools, document storage, and security services. Processors are only permitted to process personal data according to our instructions and must keep it secure and confidential.

Before engaging a processor, we assess its ability to protect personal data and require contractual commitments that include appropriate technical and organisational measures. We remain responsible for ensuring that any processor handles data in accordance with GDPR obligations.

We may also disclose personal data where required by law, where necessary to protect rights, property, or safety, or in connection with legal proceedings. If a transfer of personal data outside the European Economic Area is required, it will only take place where appropriate safeguards are in place, such as an adequacy decision or approved contractual protections.

6. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, tax, and reporting requirements. Retention periods may vary depending on the type of data, the purpose of processing, and applicable legal obligations.

When deciding how long to retain data, we consider:

  • the nature and sensitivity of the information;
  • the potential risk of harm from unauthorised use or disclosure;
  • the purposes for which we process the data;
  • legal limitation periods and statutory retention rules;
  • whether the data is needed for dispute resolution or compliance.

Once personal data is no longer required, it will be securely deleted, anonymised, or archived in accordance with applicable law and internal retention procedures. Data minimisation is an ongoing principle in our retention practices.

7. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, alteration, disclosure, or destruction. These measures may include access controls, encryption where appropriate, secure storage, staff confidentiality obligations, and regular review of security practices.

Although no system can be guaranteed to be completely secure, we aim to maintain a level of security appropriate to the risk presented by the processing. Where required, we also have procedures to identify, assess, and respond to personal data breaches.

8. User Rights Under GDPR

Individuals whose personal data we process have rights under GDPR. Subject to legal limits and applicable exemptions, these rights may include:

  • Right of access – to obtain confirmation of whether personal data is being processed and receive a copy of that data.
  • Right to rectification – to request correction of inaccurate or incomplete personal data.
  • Right to erasure – to request deletion of personal data in certain circumstances.
  • Right to restriction – to request that processing be restricted in specific situations.
  • Right to data portability – to receive data in a structured, commonly used, machine-readable format and, where feasible, have it transmitted to another controller.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right not to be subject to automated decision-making – including profiling, where such decisions produce legal or similarly significant effects, except where permitted by law.

Where processing is based on consent, individuals may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing carried out before consent was withdrawn.

How Rights Are Exercised

To exercise rights, individuals should make a clear request describing the right they wish to use and the data concerned. We may need to verify identity before fulfilling the request, in order to protect personal data from unauthorised disclosure. We aim to respond within the timeframes required by GDPR and applicable law.

9. Children’s Data

Where services are directed to or used by children, we take additional care to ensure that personal data is processed lawfully and fairly. If consent is the lawful basis relied upon for a child’s data in circumstances where consent is required, we will take steps appropriate to the child’s age and local legal requirements. We do not knowingly collect more information than is necessary.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, operational practices, or the way personal data is processed. The latest version will apply to all processing activities from the date it becomes effective. Individuals are encouraged to review the policy periodically to remain informed about how personal data is handled.

11. Governing Principles

In handling personal data, we follow the core GDPR principles of lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, confidentiality, and accountability. These principles guide how data is collected, used, shared, retained, and protected for all customers in the area.

We are committed to processing personal data in a manner that respects privacy and supports trust. By limiting collection, applying appropriate safeguards, and recognising user rights, this policy aims to ensure that personal data is handled responsibly and in compliance with GDPR.

Call Now!
Call Now Get a Quote
Harrow Cleaners

GDPR-compliant Privacy Policy covering data collection, lawful bases, retention, processors, security, and user rights for all customers in the area.

Get a Quote

What Our Customers Say

Excellent on Google
4.9 (10)

We're very pleased with the results and the professionalism of the service. The carpets look fantastic. The cleaner took his time to view each room and listen to us about where we wanted the most attention.

Google Logo
L

The work from Harrow Cleaning was fantastic and extremely detailed. Kept communication open, were punctual, and left everything very clean. Highly recommend.

Google Logo
E

Over ten years with this company and not a single issue. They respond fast if something needs attention.

Google Logo
R

Impeccable service. The cleaner comes right on time, is courteous and professional, and leaves the house in perfect order.

Google Logo
A

Exceptional cleaning service! End of tenancy and carpet cleaning were carried out to perfection. Their professionalism and customer care are commendable. Pricing was very competitive.

Google Logo
T

I'm very happy with the deep clean from this company. The staff was welcoming and efficient, giving my house a new look. The process went smoothly with no issues.

Google Logo
E

HarrowCleaners's crew truly did an impeccable job cleaning my place. They were very thorough, arrived as promised, and worked with professionalism. I will certainly become a repeat customer.

Google Logo
D

Being our initial experience with an End of Tenancy clean, we were impressed. The cleaner arrived exactly as scheduled and was so pleasant. Our flat looks sparkling clean and we're thrilled.

Google Logo
R

I am absolutely satisfied with the service from Cleaner Harrow. Every corner was cleaned thoroughly, reflecting their professionalism.

Google Logo
A

With Harrow Cleaning Firm, managing our Airbnb is stress-free. Their flexible scheduling and personal touch mean the property is always immaculate and ready for guests.

Google Logo
T

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.