1. Introduction

This is an important notice regarding your privacy and the way in which Penrose Professional Housekeeping (referred to as “we”, “our”, “us” in this policy) collects and makes use of your personal data (referred to throughout this privacy policy as personal information). This policy outlines the basis on which any personal data we collect from or about you, or that you provide to us, will be processed by us.

We take our privacy responsibilities seriously and are committed to respecting and protecting your privacy. This policy applies to our clients, prospective clients, contractors, prospective contractors, suppliers and business contacts (for example, accountants, financial advisors and other professionals).

We urge you to read this privacy notice carefully so that you know why and how we use the personal information we collect and hold about you. We encourage you to contact us if you have any questions about this policy or the ways in which we use your personal data. You can do so via telephone (0118 3361633) or email.

2. What personal information may we hold about you?

We may collect, store and use the following personal information about you:

Clients and Prospective Clients

  • Personal contact details such as name, title, address, telephone numbers and email address.
  • All information, whether personal data or otherwise, supplied by you, relevant to your housekeeping service or instructions to facilitate your requests.
  • Payment information such as bank account details, credit/debit card number, expiration date, security code (CVV), name as it appears on the card or bank account, and address the card or bank account is registered to. Details of payments, including dates and amounts.
  • Personal information you provide to us by telephone, email or via our website or social media accounts, for example, by using the Contact Us page on our website or by contacting us through Facebook or Instagram. 

Contractors and Prospective Contractors

  • Personal contact details such as name, title, address, telephone numbers and email address. Emergency contact details.
  • Personal information that may allow for you to be indirectly identifiable, for example your national insurance number or date of birth.
  • Recruitment information (including copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process).
  • Personal information provided by you to us during the course of your application, for example, qualifications and employment records (including job titles, work history, working hours and training records).
  • Payment details as provided by you.
  • Personal information you provide to us by telephone, email or via our website or social media accounts, for example, by using the Contact Us page on our website or by contacting us through Facebook or Instagram.
  • Personal information contained on your social media accounts, for example, LinkedIn, Facebook or Instagram, if such information is necessary or provided to us by you.

Suppliers and Business Contacts

(for example, accountants, financial advisors and other professionals)

  • Contact details such as your name, title, business telephone number and email address, or personal telephone number and email address if you provide them to us.
  • Information you provide or we collect during our interactions with you or your employer, such as how long we have done business with you, or how long you have worked at your company.
  • Bank account information.
  • Personal information you provide to us by telephone, email or via our website or social media accounts, for example, by using the Contact Us page on our website or by contacting us through Facebook or Instagram.
  • Personal information contained on your social media accounts, for example, LinkedIn, Facebook or Instagram, if such information is necessary or provided to us by you.

Please note that if you fail to provide certain information when requested, we may not be able to provide you with our services.

3. How will we use information about you and what is the lawful base we rely on for doing so?

Complying with the General Data Protection Regulation (GDPR), we will only use your personal information when there is legal ground for doing so. Such legal grounds include:

a) Consent – Where you have provided us with your consent for us to do so.

b) Contractual Obligations – Where we enter into a contract with you or perform our obligations to you under a contract we have entered into with you.

c) Legal Obligations – Where we need to comply with a legal obligation by which we are bound.

d) Legitimate Interests – Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

More specifically, taking the above into consideration, your personal information will be used by us in the following circumstances:

Clients and Prospective Clients

  • To enroll you as a client and facilitate your business with us.
  • To manage your client file.
  • To provide you with information regarding the service(s) booked with us.
  • To provide you with marketing information, in pursuit of our legitimate interests (keeping the client informed about our services and business updates), where we have your consent to do so.
  • To process your order and obtain payment from you for goods / services purchased.
  • To deal with your enquiry made by telephone, email or via the Contact Us page on our website or social media accounts – in pursuit of our legitimate interests to ensure your enquiry is dealt with promptly and efficiently.

Contractors and Prospective Contractors

  • To deal with your enquiry made by telephone, email or via the Contact Us page on our website or social media accounts – in pursuit of our legitimate interests to ensure your enquiry is dealt with promptly and efficiently.
  • To evaluate and advance your application to work with us.
  • To verify your suitability to work with us – in pursuit of our legitimate interests.
  • To keep a record of your application.
  • To carry out right to work checks – to comply with a legal obligation to which we are bound.
  • To carry out background checks – in pursuit of our legitimate interests to ensure protection of client information and possessions.
  • To carry out reference checks.
  • To enter into a contract with you.
  • To provide you with housekeeping job offers.
  • To manage your contractor file.
  • To provide payment for work completed.
  • To transfer to our insurance providers.

Suppliers and Business Contacts

(for example, accountants, financial advisors and other professionals)

  • In pursuit of our legitimate interests – to facilitate business between your organisation and ours.

Generally

  • To allow our third parties access to our systems when appropriate and necessary – in pursuit of our legitimate interests (outsourcing for effectiveness and efficiency).
  • To contact you if we wish to use your information for a purpose not set out in this policy – to comply with a legal obligation.
  • To understand how website visitors use our website and interact with it via data analysis – in pursuit of our legitimate interests (to better understand how people interact with our website and solve any issues it may have).

4. How long will we keep your personal information for?

We will only retain your personal information for as long as is necessary to fulfil the purposes we collected it for, in accordance with the GDPR. We will not retain your information for longer than is necessary, taking account of factors such as:

  • how long we need to keep the data to fulfil the original purpose for which it was collected;
  • the nature and sensitivity of the information;
  • how long we need to keep the personal information for in the event of any claims or litigation;
  • compliance with legal obligations, such as in relation to accounting, auditing or tax purpose.

5. Your rights regarding your personal information

We process the personal information we hold about you in line with your rights under applicable law. Under the GDPR, you have the following rights:

a) Right to be informed: The right to be informed about what data we collect, how it is used, how long it will be kept and whether it will be shared with any third parties.

b) Right of access: The right to obtain a copy of the personal information that we hold about you.

c) Right of rectification: The right to request that any incorrect personal information held by us is corrected and that any incomplete personal information is completed.

d) Right to be forgotten: Applicable in certain circumstances. The right to request us to erase all of your personal information.

e) Right of portability: The right to ask us to transfer personal information we hold about you to someone else.

f) Right to restrict processing: Applicable in certain circumstances. The right to request that we limit the way we use your personal information.

g) Right to object: The right to object to certain types of processing of your personal information where we do so for the purposes of our legitimate interests, such as marketing.

In addition to the rights mentioned above, in situations in which we rely on consent as the legal basis for using your personal information, you have the right to withdraw your consent. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so.

If you would like to exercise the above rights, please contact us using the contact details set out in the Introduction section of this policy. Please note that:

  • We may need to confirm your identity;
  • We do not charge a fee for exercising your rights unless your request is unfounded or excessive;
  • We may refuse to action your request if it is unfounded or excessive.

6. Right to complain

If you are unhappy with regards to how we have processed your personal information, please contact us using the contact details set out in the Introduction section of this policy, so that we can discuss this with you. We hope that we can resolve any query or concern you raise about our use of your personal information.

The GDPR also gives you the right to lodge a formal complaint with a supervisory authority. The supervisory authority for data protection in the UK is the Information Commissioner’s Office (ICO).

7. Which types of third parties might we share your personal information with?

We require third parties to respect the security of your information and to treat it in accordance with the law. We may share your information with the following types of third parties:

  • Professional advisers such as accountants, tax advisors, auditors and insurance brokers.
  • Technical support providers, for example, assisting with our website and computing infrastructure.
  • Third party software providers, where the provider hosts the relevant personal data on our behalf.

Examples include:

  • scheduling software;
  • providers of credit and debit card transaction processing services and software;
  • providers which help us generate and collate reviews in relation to our services;
  • providers which assist us in transferring information effectively and securely for HMRC purposes;
  • providers which help us store and organise information effectively and securely, for marketing purposes.

8. Changes to this Privacy Policy

We keep this Privacy Policy under regular review and place any updates on this webpage. Any changes will become effective immediately. This Privacy Policy was last updated January 2020.