Privacy Policy

This Privacy Policy explains how personal data is collected, used, disclosed, stored, and protected in connection with our services. It applies to all customers in the area and is intended to inform you clearly about your rights and our obligations under the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Scope of This Policy

This Policy applies to all customers in the area who use our products, services, or interact with us in any way that results in the collection or processing of personal data. It covers personal data collected online and offline, whether you are a current customer, prospective customer, or someone who communicates with us for support, billing, service, or administrative purposes.

We are committed to handling personal data in a lawful, fair, and transparent manner. We process only the data necessary for specified purposes and use safeguards to protect it against unauthorized access, loss, or misuse.

2. Data Collection

We may collect and process personal data directly from you, automatically through your interactions with our services, and from third parties where permitted by law. The types of data we may collect include:

  • Identity data: name, title, and similar identifiers.
  • Contact data: address, email address, phone number, and other communication details.
  • Transaction data: records of purchases, payments, service history, and related information.
  • Technical data: device information, IP address, browser type, operating system, and access logs.
  • Usage data: information about how you interact with our services, preferences, and patterns of use.
  • Communications data: messages, inquiries, complaints, feedback, and support requests.
  • Legal and verification data: information required to meet legal, regulatory, fraud prevention, or identity verification obligations.

Where required, we will indicate whether providing certain personal data is mandatory or optional. If you choose not to provide data that is necessary for a service or legal requirement, we may not be able to provide that service or complete the relevant request.

3. Purposes of Processing

We process personal data for the following purposes:

  • to provide and maintain our services;
  • to manage customer relationships and support requests;
  • to process payments, billing, refunds, and account administration;
  • to communicate with you about service updates, notices, and operational matters;
  • to improve service performance, security, and user experience;
  • to detect and prevent fraud, abuse, or unauthorized activity;
  • to comply with legal, tax, accounting, and regulatory obligations;
  • to establish, exercise, or defend legal claims;
  • to carry out internal reporting, analytics, and business planning.

We will not process your personal data in a way that is incompatible with the purposes described in this Policy unless we have a valid legal basis to do so.

4. Lawful Basis for Processing

Under the GDPR, we rely on one or more lawful bases to process personal data. These may include:

Consent

We may process personal data where you have given freely given, specific, informed, and unambiguous consent. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

Contract

We process personal data where it is necessary to enter into or perform a contract with you, or to take steps at your request before entering into a contract. This includes managing your account, delivering services, and completing transactions.

Legal Obligation

We may process personal data where necessary to comply with legal obligations, such as tax, accounting, consumer protection, anti-fraud, or record-keeping requirements.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by your rights and freedoms. Such interests may include improving services, ensuring network and information security, preventing fraud, and managing business operations. Where we rely on legitimate interests, we will consider and balance the impact on your privacy.

Vital Interests and Public Interest

In rare cases, we may process personal data to protect someone’s vital interests or where processing is necessary for tasks carried out in the public interest, in accordance with applicable law.

5. Sharing and Processors

We may share personal data with trusted third parties who act as data processors on our behalf or, in some cases, as independent controllers. These may include service providers that support payment processing, IT hosting, cloud storage, analytics, customer support, security monitoring, auditing, legal services, and document management.

All processors are selected carefully and are required to process personal data only on our instructions, to keep it secure, and to comply with GDPR obligations through written contracts or equivalent safeguards. They must not use your personal data for their own purposes unless legally permitted to do so.

We may also disclose personal data where required by law, court order, lawful request, or to protect our rights, customers, employees, property, or operations. Any such disclosure will be limited to what is necessary and proportionate.

6. International Transfers

If personal data is transferred outside the European Economic Area or to a country that does not provide an adequate level of data protection, we will implement appropriate safeguards. These may include standard contractual clauses, adequacy decisions, or other legally recognized transfer mechanisms. We take steps to ensure that any such transfer remains protected in line with GDPR requirements.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, reporting, or dispute-resolution requirements. The retention period depends on the nature of the data, the purpose of processing, and any legal obligations that apply.

In general, we may retain:

  • customer account and transaction records for the period required by applicable law;
  • support and communication records for as long as needed to address the request and maintain service history;
  • technical and security logs for a limited period necessary for security, diagnostics, and abuse prevention;
  • consent records for as long as needed to demonstrate compliance.

When personal data is no longer required, we will securely delete, anonymize, or archive it in accordance with our retention practices and legal obligations.

8. Your Rights Under GDPR

You have several rights regarding your personal data, subject to certain legal conditions and exceptions. These rights include:

  • Right of access: you may request confirmation of whether we process your personal data and obtain a copy of that data.
  • Right to rectification: you may request correction of inaccurate or incomplete personal data.
  • Right to erasure: you may request deletion of your personal data where there is no lawful reason for us to continue processing it.
  • Right to restrict processing: you may ask us to limit processing in certain circumstances.
  • Right to data portability: you may request a copy of certain personal data in a structured, commonly used, machine-readable format and, where technically feasible, transmission to another controller.
  • Right to object: you may object to processing based on legitimate interests, including profiling, and to processing for direct marketing.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.
  • Right not to be subject to solely automated decisions: you have the right to challenge decisions made solely by automated means that produce legal or similarly significant effects, where applicable.

You also have the right to lodge a complaint with your local data protection authority if you believe your rights have been infringed. We encourage you to raise concerns with us first so we can address them promptly and fairly.

9. Data Security

We use appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures may include access controls, encryption where appropriate, secure storage, staff training, and regular review of security practices.

Although we take reasonable steps to protect personal data, no method of transmission or storage is entirely secure. We therefore cannot guarantee absolute security, but we continuously work to improve our safeguards and minimize risk.

10. Children’s Data

Our services are not intended for children unless specifically stated otherwise. We do not knowingly collect personal data from children without appropriate legal basis and, where required, verifiable parental or guardian consent. If we become aware that data has been collected improperly, we will take steps to delete it or obtain the necessary authorization.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any updated version will apply from the date it is made effective. We encourage you to review this Policy periodically so that you remain informed about how we process personal data.

12. Final Statement

By using our services, you acknowledge that you have read this Privacy Policy and understand how your personal data is handled. We are committed to processing personal data lawfully, transparently, and securely, and to respecting your rights under GDPR. This Policy applies to all customers in the area and governs our handling of personal data in connection with those services.

Call Now!
Call Now Get a Quote
Crystalpalace Cleaners

GDPR-compliant privacy policy covering data collection, lawful basis, retention, processors, and user rights for all customers in the area.

Get a Quote

What Our Customers Say

Excellent on Google
4.9 (10)

Absolutely brilliant! The pride in cleaning shines through. I'd recommend to everyone.

Google Logo
J

Highly recommend this service. The team member was patient while we moved, cleaned the canopy and extractor fans extremely well, and left the kitchen pristine.

Google Logo
K

Amazing service from the very beginning. The cleaner provided a good value quote and the cleaning team left my home spotless.

Google Logo
L

Incredible service! The professionals were attentive and truly cared for our home.

Google Logo
C

We have been pleased with Crystal Palace Office Cleaners's three-hour cleaning every other week for several months. The quality of the products and the cleaner's punctuality and thoroughness are top-notch.

Google Logo
K

We received very courteous and friendly service from the cleaner. They went above and beyond, staying double their time since a colleague was unwell, so the property was as clean as always.

Google Logo
M

Booking the service was very straightforward, the cleaner arrived ahead of schedule, and the thoughtful call from the office before they left showed great customer care.

Google Logo
C

Excellent job by CrystalPalace-Cleaners! My house feels clean and cozy again. The efficient staff covered everything thoroughly. Their expertise left me impressed. I'll definitely return for future cleanings.

Google Logo
J

Crystal clear windows and an exceptionally reasonable price.

Google Logo
L

Wonderful cleaning service! The professional cleaner was prompt, amiable, and did a thorough job. The booking system was user-friendly and quick. Would recommend.

Google Logo
T

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.