Privacy Policy - Cardiff Removals
Cardiff Removals is committed to protecting the privacy and personal data of everyone who uses our services. This Privacy Policy explains how we collect, use, store, share, and protect personal data in connection with our removal, storage, packing, delivery, and related services. It applies to all Cardiff Removals customers in area, including prospective customers, existing customers, and any individual whose data we process while delivering our services.
We aim to handle personal information in a fair, transparent, and lawful way, in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy describes the types of information we collect, the legal reasons we rely on to process it, how long we keep it, who we may share it with, and the rights available to individuals.
1. Information We Collect
We collect only the information necessary to provide our services, manage customer relationships, and meet legal or operational requirements. Depending on the service requested, we may collect the following categories of personal data:
- Identity details such as full name and title.
- Contact details including address, telephone number, and email address.
- Service information such as moving dates, property access details, inventory information, and service preferences.
- Billing and payment information including payment status, invoice details, and records of transactions.
- Communication records such as emails, messages, call notes, and enquiries.
- Special instructions relating to fragile items, storage requirements, or accessibility needs.
- Technical information if you interact with our digital systems, such as device or browser details, where applicable.
We generally collect data directly from you when you request a quote, make a booking, communicate with us, or use our services. In some cases, we may receive information from third parties, such as estate agents, solicitors, landlords, employers, or payment providers, where it is necessary for the performance of a service or to complete an arrangement you have authorised.
2. How We Use Personal Data
We use personal data only for legitimate business purposes and in a manner that is relevant to the services we provide. Typical uses include:
- Providing quotations and managing bookings.
- Planning and delivering removals, packing, storage, and related services.
- Communicating about schedules, access, changes, and service updates.
- Processing payments and maintaining accounting records.
- Responding to enquiries, complaints, and customer support requests.
- Maintaining operational records, insurance evidence, and service documentation.
- Meeting legal, tax, regulatory, and contractual obligations.
- Protecting against fraud, misuse, or security incidents.
We do not use personal data for purposes that are incompatible with the original reason for collection unless we have a lawful basis to do so and, where required, have informed you.
3. Lawful Basis for Processing
Under data protection law, we must have a lawful basis for each activity involving personal data. Cardiff Removals relies on the following bases where appropriate:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes preparing quotations, arranging collections and deliveries, managing storage, and completing the removal service you have requested.
Legal Obligation
We may process and retain information where required to comply with legal duties, including accounting, tax, insurance, and record-keeping obligations.
Legitimate Interests
We may process personal data where it is necessary for our legitimate business interests, provided that these interests are not overridden by your rights and freedoms. This may include service management, customer support, security monitoring, fraud prevention, internal administration, and quality control.
Consent
In limited situations, we may rely on your consent, for example where specific optional processing is involved. If we rely on consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.
Vital Interests
In rare cases, we may process personal data where it is necessary to protect someone???s vital interests, such as in an emergency.
4. Data Sharing and Processors
We may share personal data with trusted third parties where necessary to deliver our services or meet legal responsibilities. These organisations may act as processors or independent data controllers depending on the context.
Processors are third parties that handle personal data on our behalf and only in accordance with our instructions. Examples may include:
- IT and cloud service providers that store or maintain business systems.
- Payment processing providers that handle card or bank transactions.
- Accounting and bookkeeping service providers.
- Storage facility operators where goods are held in secure storage.
- Customer communication tools used to manage service-related correspondence.
We may also share information with:
- Insurance providers or claims handlers.
- Professional advisers such as accountants, auditors, or legal advisers.
- Public authorities, regulators, or law enforcement where required by law.
- Other parties involved in the service, such as building managers, landlords, or agents, when necessary for access or coordination.
Where we engage processors, we ensure that appropriate contracts and safeguards are in place so that personal data is protected and processed only for authorised purposes. We do not sell personal data.
5. Data Retention
We keep personal data only for as long as necessary for the purpose for which it was collected, including to satisfy legal, accounting, insurance, or dispute-resolution requirements. Retention periods may vary depending on the type of data and the nature of the service.
In general:
- Customer and service records are retained for the period required to manage the service and handle post-service queries.
- Financial and invoice records are kept for the period required by tax and accounting law.
- Claims-related or dispute-related records may be kept longer where necessary to establish, exercise, or defend legal claims.
- Where data is no longer needed, it is securely deleted, anonymised, or archived in a way that prevents unnecessary access.
When deciding how long to retain information, we consider the volume, nature, and sensitivity of the data, the potential risk of harm from unauthorised use, and the legal requirements that apply to our business.
6. Data Security
We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, staff training, and regular review of our procedures. While no system can be guaranteed completely secure, we aim to maintain a level of protection appropriate to the risks associated with the data we process.
7. International Transfers
Where personal data is transferred outside the UK, we will only do so where appropriate safeguards are in place and where the transfer is permitted by law. Such safeguards may include adequacy regulations, contractual protections, or other approved transfer mechanisms.
8. Your Rights
Individuals whose personal data we process have a number of rights under data protection law. These rights may be subject to conditions and exceptions. They include:
- Right of access ??? to request a copy of the personal data we hold about you.
- Right to rectification ??? to ask us to correct inaccurate or incomplete data.
- Right to erasure ??? to request deletion of your data in certain circumstances.
- Right to restriction ??? to ask us to limit how we use your data in certain situations.
- Right to object ??? to object to processing based on legitimate interests, and to direct marketing where applicable.
- Right to data portability ??? to request transfer of data you have provided to us, where technically feasible and legally applicable.
- Right to withdraw consent ??? where processing is based on consent.
You also have the right to lodge a complaint with the UK Information Commissioner???s Office if you believe your data protection rights have been infringed. We encourage you to contact us first so that we can try to resolve any issue promptly and fairly.
9. Children???s Data
Our services are intended for adults arranging removals or related services. We do not knowingly collect personal data from children except where it is incidentally included in service records or where necessary for family-related arrangements. If we become aware that we have collected data inappropriately, we will take appropriate steps to remove it or obtain the required authority.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how we protect personal data.
11. Summary of Our Commitment
Cardiff Removals respects your privacy and processes personal data responsibly, lawfully, and transparently. We collect only what is needed, use it for clear service-related purposes, rely on appropriate lawful bases, retain it only as long as necessary, and share it only with trusted processors and other parties where justified. This policy applies to all Cardiff Removals customers in area and is intended to give you confidence that your information is handled with care and in accordance with data protection law.