Privacy Policy
Last Updated: December 12, 2025 | Version: 4.0
West Mid Window Cleaning (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website westmidwindowcleaning.co.uk (the “Site”), use our services for window and gutter cleaning bookings in the West Midlands, UK, or otherwise interact with us. We are the data controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
If you have questions, contact us at:
westmidwindowcleaning@gmail.com
We do not have a Data Protection Officer (DPO), but our team handles data protection queries.
1. Information We Collect
We collect personal data to provide our booking and cleaning services. Types include:
Booking Data (via Alteg.io): Name, surname, phone number, email address, date of birth (if required), preferred service date/time, address (including postcode-based autocomplete via Google Maps), and payment details (processed securely by Alteg.io and Stripe)
Contact Data: Name, email, phone from contact forms or inquiries
Technical Data: IP address, browser type, device info, cookies (for site functionality and analytics)
Location Data (via Google Maps API): Postcode or partial address entered by you for autocomplete suggestions
Other: Feedback or marketing preferences (if you opt-in)
We do not collect sensitive data (e.g., health info) unless explicitly provided and consented to.
2. How We Collect Your Information
Directly from you: Via booking forms, contact forms, or emails (including postcode/address inputs)
Automatically: Cookies, Google Analytics, and Google Maps API (e.g., postcode autocomplete sends input to Google for suggestions)
From third parties: Via Alteg.io for booking confirmations; Stripe for payments
3. How We Use Your Information
We use your data only as necessary, under UK GDPR Article 6:
You can withdraw consent anytime without affecting prior processing.
4. Sharing Your Information
We do not sell your data. We share it only with:
Alteg.io (booking system) under a Data Processing Agreement (DPA)
Stripe (payments) under their DPA; processes card/payment data securely
Google LLC (Analytics and Maps API) under their terms; processes IP/postcode/address inputs
Service providers: E.g., email tools (limited access)
Legal: If required by law (e.g., ICO, police)
All processors are UK GDPR-compliant; no routine transfers outside UK/EEA without safeguards (e.g., Standard Contractual Clauses).
5. Data Storage and Retention
Storage
Data is stored securely on processors’ servers (e.g., Alteg.io EU/UK, Stripe/Google with encryption). We use technical measures (firewalls, access controls) to protect it.
Retention
Bookings/payments – 6 years (for tax/accounting)
Inquiries – 2 years or until resolved
Analytics logs – 26 months (Google default)
Location inputs (e.g., postcodes) – as needed for service (deleted post-booking unless required)
Marketing – until opt-out
We review and delete unnecessary data periodically. After retention, data is securely erased.
6. Your Rights Under UK GDPR
You have rights (Art. 15-22):
Access: Request a copy of your data
Rectification: Correct inaccurate data
Erasure (“right to be forgotten”): Delete data if no longer needed
Restriction: Limit processing in disputes
Portability: Receive data in machine-readable format (for bookings)
Objection: Oppose processing based on legitimate interests/marketing
Withdraw consent: Easy opt-out
To exercise your rights, email us. We’ll respond within 1 month (free, unless excessive). For third-parties: Contact them directly (e.g., Google My Activity for location data, Stripe DPO at dpo@stripe.com). If unsatisfied, complain to ICO (ico.org.uk).
7. Cookies and Similar Technologies
Essential cookies: For site functionality (no consent needed)
Analytics/Performance cookies (e.g., Google Analytics): For usage insights (consent via banner; opt-out via tools.google.com)
Functional cookies (e.g., Google Maps): For location services like postcode autocomplete (consent required; data sent to Google only on input)
See our Cookie Policy. Manage via browser or our banner. We comply with PECR for cookies.
8. International Transfers
No routine transfers outside UK/EEA. If needed (e.g., via Google/Stripe affiliates in US), we use adequacy decisions or Standard Contractual Clauses.
9. Children’s Privacy
Our services are not for under-16s. If we discover child data, we’ll delete it.
10. Changes to This Policy
We’ll update this policy and notify via Site/email. Check “Last Updated” date. Continued use = acceptance.
