Privacy Policy -

Introduction

This Privacy Policy applies to all customers in the area. It explains what personal data we collect, why we collect it, the lawful basis we rely on, how long we retain data, which processors may process data on our behalf, and the rights available to data subjects under the General Data Protection Regulation (GDPR). This policy applies whenever we provide services or interact with customers and their representatives in the area.

1. Data We Collect

We collect and process personal data necessary to provide our services, manage accounts, comply with legal obligations, and improve user experience. Categories of data we collect include:

  • Identity and contact data: name, title, user IDs, postal address, email address, telephone numbers.
  • Account and transactional data: account identifiers, payment and billing information, purchase history, invoices and receipts.
  • Technical and usage data: IP addresses, browser type, device identifiers, log files, cookies and analytics data, service usage patterns.
  • Customer support and communications: records of communications, support tickets, feedback and preferences.
  • Sensitive data: we generally do not collect special category data such as health or biometric data, except where you voluntarily provide such information and we have a lawful basis to process it (for example to comply with a legal requirement or to provide specific services you request).

2. Lawful Basis for Processing

Under the GDPR, we rely on one or more of the following lawful bases to process personal data:

  • Performance of a contract: processing necessary to perform a contract to which you are a party or to take steps at your request prior to entering into a contract.
  • Legal obligation: processing necessary to comply with applicable law, regulation, court order or governmental request.
  • Consent: where we ask for and obtain your clear consent to process personal data for specified purposes (for example for marketing communications or cookies beyond strictly necessary).
  • Legitimate interests: where processing is necessary for our legitimate interests or those of a third party, provided such interests are not overridden by your rights and freedoms. Examples include fraud prevention, network and information security, and improving our services.

Special category data (sensitive data) will only be processed where an additional lawful condition applies, such as explicit consent or where processing is necessary for reasons of substantial public interest or to establish, exercise, or defend legal claims.

3. How We Use Personal Data

We use personal data to:

  • Provide, operate, and maintain our services and products;
  • Manage accounts, process orders, and handle billing and payments;
  • Communicate about updates, service changes, and administrative matters;
  • Deliver customer support and respond to enquiries;
  • Detect, prevent and respond to fraud, abuse, security risks and technical issues;
  • Comply with legal obligations and professional standards;
  • Analyze usage to improve and personalize our services and to develop new features.

4. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this policy, including for the purposes of satisfying legal, accounting, or reporting requirements. Retention periods are determined by the type of data and the purpose of processing:

  • Account and transactional data: retained for the duration of the customer relationship and for a defined period thereafter to meet contractual, legal and tax obligations (commonly up to 7 years where required by law).
  • Support and communication records: retained for a period necessary to resolve issues and for service improvement (typically 2–5 years, unless longer retention is required by law).
  • Usage logs and technical data: retained for security, analytics and diagnostic purposes (commonly 6 months to 2 years, subject to specific operational needs).
  • Marketing consents and preferences: retained until you withdraw consent or for as long as a legitimate interest exists, followed by a period to respect audit and regulatory needs.

When personal data is no longer required, we will securely delete, anonymize or aggregate it in accordance with applicable law.

5. Processors and Third-Party Disclosures

We use third-party service providers to process personal data on our behalf, acting as data processors. These processors are contractually required to implement appropriate technical and organizational measures to protect personal data and to process data only on our documented instructions. Examples include:

  • Payment processors for billing and payment handling;
  • Cloud and hosting providers that store and process data;
  • Analytics and monitoring providers to analyze service usage;
  • Customer support platforms that manage communication and support tickets.

We may also share personal data with authorities or third parties when required by law, to protect rights, to comply with legal processes, or to prevent fraud or imminent harm.

6. International Transfers

If personal data is transferred outside the area or to jurisdictions without an adequacy decision, we will ensure appropriate safeguards are in place, such as Standard Contractual Clauses, binding corporate rules, or other mechanisms recognized under data protection law.

7. Security Measures

We implement reasonable technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. Measures include encryption where appropriate, access controls, secure development practices, and regular security assessments. While we strive to protect personal data, no security measure is perfect and we cannot guarantee absolute security of information.

8. Your Rights

You have certain rights in relation to your personal data under the GDPR. These include:

  • Right of access: you can request a copy of personal data we hold about you.
  • Right to rectification: you can ask us to correct inaccurate or incomplete data.
  • Right to erasure (right to be forgotten): where applicable, you can request deletion of personal data.
  • Right to restrict processing: you can request limitation of processing while certain disputes are resolved.
  • Right to data portability: you can request a machine-readable copy of the personal data you provided to us to transmit to another controller where technically feasible.
  • Right to object: you can object to processing based on legitimate interests, including profiling, or to direct marketing processing.
  • Right to withdraw consent: where processing is based on consent, you can withdraw consent at any time without affecting prior lawful processing.

To exercise your rights, please use the account tools and privacy controls made available in the services or the mechanisms set out within the services themselves. If additional assistance is needed, you may use the official channels provided to you as a customer in the area to submit a request. We will respond to verified requests without undue delay and in accordance with applicable law. You also have the right to lodge a complaint with a supervisory authority.

9. Automated Decision-Making and Profiling

We may use automated systems to support business operations such as fraud detection, risk scoring, and personalization. Where automated decision-making produces legal or similarly significant effects, we will provide meaningful information about the logic involved, the significance and the envisaged consequences, and ensure appropriate safeguards including the right to obtain human intervention.

10. Changes to This Policy

We may update this policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will provide notice through our services or by other means available to you in the area.

11. Additional Information

Please note: this policy does not create contractual rights beyond those in any written agreement you have with us. If you have questions about how your personal data is handled, please use the customer-facing mechanisms and account controls provided to you when using our services. You retain the right to exercise all rights set out above and to seek remedies under applicable law.

Effective Date: This policy is effective from the date published in the services and applies to all customers in the area.

Call Now!
Call Now Get a Quote
Chelsea Cleaners

GDPR-compliant Privacy Policy covering data collection, lawful bases, retention, processors, transfers, security, and user rights; applies to all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.