Privacy Policy

Effective Date: June 2024 

At Hazard Heroes Northampton Ltd, we value your privacy and are committed to protecting your personal data in compliance with the General Data Protection Regulation (GDPR). This Privacy Policy explains how we collect, use, store, and protect your personal data. 

1. Who We Are 

Hazard Heroes is a cleaning service provider based in Northamptonshire. Our contact details are as follows:

  • Email: zoe@hazard-heroes.co.uk 
  • Phone: 07856169611 
  • Website: www.hazard-heroes.co.uk 

2. Information We Collect 

We collect and process the following types of personal data: 

  • Personal Identification Information: Name, email address, phone number. 
  • Service Information: Type of cleaning service requested, address, preferences for cleaning (e.g., time, frequency). 
  • Payment Information: Billing address, credit card details (if applicable, via a secure payment gateway). 

3. How We Use Your Data 

We use your personal data for the following purposes: 

  • To provide you with cleaning services as requested. 
  • To communicate with you about services, booking confirmations, reminders, or cancellations. 
  • To process payments and send invoices. 
  • To improve our services and customer experience. 
  • To comply with legal obligations. 

4. Legal Basis for Processing Your Data 

We process your personal data based on the following legal grounds under the GDPR: 

  • Consent: You have provided your explicit consent for us to use your personal data when you contact us or book services. 
  • Contractual Necessity: Processing is necessary to fulfill the contract you have entered into with us (e.g., providing cleaning services). 
  • Legal Obligation: We may be required to process certain personal data to comply with legal obligations (e.g., invoicing and tax compliance). 

5. Data Retention 

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Personal data related to financial transactions, such as invoices, will be kept for (insert duration) years in accordance with tax laws. 

6. Data Sharing and Disclosure 

We do not sell or share your personal data with third parties for marketing purposes. We may share your data with trusted service providers who help us deliver our services (e.g., payment processors or software providers). We ensure that all third-party providers are GDPR compliant. 

We may also disclose your personal data if required by law or in response to lawful requests by public authorities. 

7. Security Measures 

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. These include: 

  • Encryption of sensitive data during transactions. 
  • Access controls and employee training on data protection. 
  • Regular security audits and data protection assessments. 

8. Your Rights Under GDPR 

As a data subject, you have the following rights: 

  • Right to Access: You have the right to request a copy of the personal data we hold about you. 
  • Right to Rectification: You can request to correct any inaccurate or incomplete personal data. 
  • Right to Erasure: You may request to have your personal data deleted, subject to certain conditions. 
  • Right to Restriction of Processing: You can request to limit how we process your personal data. 
  • Right to Data Portability: You can request a copy of your data in a machine-readable format to transfer to another provider. 
  • Right to Object: You can object to processing your data for certain purposes, such as direct marketing. 

To exercise your rights, please contact us at zoe@hazard-heroes.co.uk. 

9. Cookies and Tracking Technologies 

We use cookies and similar tracking technologies to enhance your experience on our website. You can control cookie settings through your browser. For more information, please refer to our Cookie Policy

10. Changes to This Privacy Policy 

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes through our website or email. 

11. Contact Us 

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at: 

  • Email: zoe@hazard-heroes.co.uk 
  • Phone: 07856169611 

Data Protection for Hazard Heroes 

1. Data Collection & Processing 

  • Personal Data Minimisation: We collect only the personal data necessary to provide our services and fulfill our contractual obligations. 
  • Consent Management: We obtain explicit consent for collecting and processing personal data, ensuring that customers are aware of how their data will be used. Consent can be withdrawn at any time by contacting us. 
  • Clear Purpose: Personal data is collected for specific, legitimate purposes such as providing cleaning services, processing payments, and communicating with customers. 

2. Access Control & Employee Training 

  • Access Control: Personal data is accessible only to employees who need it to perform their job duties. We use secure login credentials and password protection for systems that store personal data. 
  • Employee Training: All employees handling personal data undergo regular training on data protection principles and GDPR compliance to ensure the highest standards of security and privacy. 

3. Data Security 

  • Encryption: Sensitive data (e.g., payment details) is encrypted during transmission and stored securely. 
  • Secure Networks: We implement firewalls, antivirus protection, and intrusion detection systems to protect against unauthorised access. 
  • Data Backup: Regular data backups are taken to ensure data can be restored in the event of a breach or data loss. 

4. Data Sharing & Third-Party Processors 

  • Due Diligence: We carefully vet third-party service providers who process personal data on our behalf, ensuring they are GDPR-compliant and have appropriate security measures in place. 
  • Data Processing Agreements: We have written agreements with third-party providers, specifying how personal data should be handled, and ensuring they respect confidentiality and security obligations. 

5. Incident Response & Breach Notification 

  • Incident Response Plan: We have a clear protocol in place for detecting, reporting, and responding to data breaches. In the event of a breach, we will notify affected individuals and the relevant supervisory authority within 72 hours, as required by GDPR.