Privacy Policy - Man And Van Harrow
This Privacy Policy explains how Man And Van Harrow collects, uses, stores, shares, and protects personal data when providing removal, transport, delivery, and related services. It applies to all Man And Van Harrow customers in the area, including individuals and businesses who enquire about, book, or receive our services. We are committed to handling personal information in a lawful, fair, and transparent way in accordance with the UK GDPR and the Data Protection Act 2018.
By using our services, you acknowledge that we may process personal data as described in this policy. We only collect data that is relevant, adequate, and limited to what is necessary for the purposes explained below.
1. Information We Collect
We may collect different types of personal data depending on how you interact with us. This can include information you provide directly, information generated during service delivery, and information received from third parties where necessary.
Information you provide to us
- Identity details such as your name and title.
- Contact details including address, email address, and phone number.
- Booking information such as moving date, collection and delivery addresses, item lists, access details, and service preferences.
- Payment-related information needed to process transactions and issue invoices.
- Communication records including enquiries, complaints, feedback, and correspondence.
- Special instructions you choose to share to support the service, such as access limitations or handling requests.
Information collected automatically or during service provision
- Service records such as job notes, attendance details, and completion status.
- Location and route information used to manage collections, deliveries, and logistics.
- Technical data such as device or browser information if you contact us electronically.
- Operational data including timestamps, proof of service, and internal records relating to the booking.
Information from third parties
In some cases, we may receive information from landlords, estate agents, business partners, payment providers, or other parties involved in arranging or supporting the service. We only use such data where it is relevant and permitted by law.
2. How We Use Personal Data
We use personal data only for defined and legitimate purposes. These may include:
- responding to enquiries and providing quotations;
- managing bookings, scheduling services, and carrying out removals or deliveries;
- communicating service updates and instructions;
- processing payments, invoices, and refunds where applicable;
- maintaining internal records and service history;
- handling complaints, claims, and disputes;
- improving our operations, service quality, and customer experience;
- meeting legal, tax, accounting, and regulatory obligations;
- protecting our business, staff, and customers from fraud, misuse, or security incidents.
We do not use personal data for purposes that are incompatible with the original reason it was collected unless we have a lawful basis to do so and have informed you where required.
3. Lawful Basis for Processing
Under the GDPR, we must have a lawful basis before processing personal data. The lawful bases we rely on may include the following:
- Contract: We process data to take steps before entering into a service agreement and to perform that agreement once a booking is made.
- Legal obligation: We process certain information to comply with tax, accounting, insurance, safety, and other legal requirements.
- Legitimate interests: We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include managing operations, preventing fraud, improving services, and keeping business records.
- Consent: In limited situations, we may rely on your consent, for example where you voluntarily agree to receive certain types of non-essential communication. You can withdraw consent at any time where it is the basis used.
Where special category data is involved, we will only process it if a lawful condition applies and it is necessary for the specific purpose. We aim to avoid requesting such data unless it is genuinely needed.
4. Sharing and Processors
We may share personal data with trusted third parties who support our operations. These parties act as processors or, in some cases, independent controllers. We only share information where necessary and with appropriate safeguards.
Examples of processors may include:
- IT and cloud service providers that host data, email systems, and business records;
- Payment processors that help handle card or electronic payments;
- Accounting and bookkeeping providers that support invoicing and financial administration;
- Customer management or scheduling tools used to organise bookings and communications;
- Insurance, claims, or legal advisers where needed to resolve disputes or protect our rights;
- Subcontracted service providers assisting with delivery or moving tasks under our instructions.
All processors are required to protect personal data, act only on our instructions, and use it solely for the services they provide to us. We do not sell personal data.
We may also disclose personal data where required by law, court order, government authority, or law enforcement request, or where disclosure is necessary to protect the rights, property, or safety of our business, customers, staff, or the public.
5. Data Retention
We keep personal data only for as long as necessary for the purpose it was collected, unless a longer retention period is required or permitted by law. Retention periods may vary depending on the type of information and the reason for processing.
- Booking and service records are retained for a period appropriate to manage the contract, handle queries, and maintain operational records.
- Accounting and tax records are retained for the period required by law.
- Communication records may be kept for a reasonable period to respond to follow-up questions, complaints, or legal claims.
- Security and incident records may be retained for as long as necessary to investigate and resolve issues.
When personal data is no longer needed, we will delete it securely or anonymise it so that it can no longer identify you. Where data is retained for legal reasons, access will be limited to what is necessary.
6. Data Security
We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff awareness, and limited data sharing. While no system can be guaranteed to be completely secure, we take data protection seriously and regularly review our safeguards.
7. International Transfers
If any personal data is transferred outside the UK, we will only do so where appropriate protections are in place. This may include adequacy regulations, standard contractual clauses, or equivalent safeguards required by law. We ensure that any such transfer is carried out in line with applicable data protection rules.
8. Your Rights
Under data protection law, you have several rights in relation to your personal data. These rights may apply subject to legal limits and exemptions.
- Right of access: You can request confirmation of whether we process your data and ask for a copy of it.
- Right to rectification: You can ask us to correct inaccurate or incomplete information.
- Right to erasure: In certain circumstances, you can request deletion of your data.
- Right to restrict processing: You can ask us to limit how we use your data in specific situations.
- Right to object: You can object to processing based on legitimate interests and to direct marketing where applicable.
- Right to data portability: You can ask for certain data in a structured, commonly used, machine-readable format, where legally applicable.
- Right to withdraw consent: If we rely on consent, you may withdraw it at any time.
If you wish to exercise your rights, we will respond in accordance with GDPR time limits and legal requirements. We may need to verify your identity before fulfilling a request to protect your information.
9. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children unless it is necessary in connection with a booking arranged by an adult or lawful representative. If we become aware that we have collected data inappropriately, we will take steps to delete it where required.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, our services, or our internal practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how personal data is handled.
11. Contact and Complaints
If you have concerns about how your personal data is handled, you should contact us through the appropriate customer service channels for review and resolution. You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.
Man And Van Harrow values privacy and transparency. We only process personal information where we have a lawful basis, we keep it only as long as necessary, and we take steps to ensure it is treated securely and responsibly at every stage of the service.