Privacy Policy

This Privacy Policy explains how personal data is collected, used, stored, shared, and protected when you interact with our services. It applies to all customers in the area and is intended to meet the requirements of the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Introduction

We are committed to respecting your privacy and handling your personal data in a fair, lawful, and transparent manner. This policy describes what information we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have in relation to your personal data.

For the purposes of this policy, personal data means any information relating to an identified or identifiable natural person. This may include information that directly identifies you or information that can reasonably be used to identify you.

2. Data We Collect

We may collect and process different categories of personal data depending on how you use our services. The information collected may include:

  • Identity data such as your name, title, or similar identifiers.
  • Contact data such as postal address, email address, and telephone number.
  • Transaction data such as details about products, services, payments, and related records.
  • Technical data such as device type, operating system, browser type, IP address, and usage logs.
  • Usage data such as preferences, interactions, and activity related to our services.
  • Communication data such as information you provide when you contact us or respond to our communications.

We collect data either directly from you, automatically through technical means, or from third parties where permitted by law. We only collect data that is relevant and limited to what is necessary for the purposes set out in this policy.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to provide, operate, and maintain our services;
  • to manage customer relationships and respond to requests;
  • to process transactions and maintain records;
  • to improve performance, security, and user experience;
  • to detect, investigate, and prevent fraud, misuse, and security incidents;
  • to comply with legal obligations;
  • to establish, exercise, or defend legal claims;
  • to communicate service-related updates, notices, and administrative information.

Where applicable, we may also use personal data for analytics and service improvement, provided such use is consistent with our legal obligations and your rights.

4. Lawful Basis for Processing

Under GDPR, we must have a lawful basis for every processing activity. Depending on the context, we rely on one or more of the following lawful bases:

4.1 Performance of a Contract

We process personal data when it is necessary to enter into or perform a contract with you, or to take steps at your request before entering into a contract. This may include account administration, order fulfillment, service delivery, and customer support.

4.2 Legal Obligation

We may process personal data where needed to comply with a legal obligation, such as tax, accounting, regulatory, or record-keeping requirements.

4.3 Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Legitimate interests may include improving services, securing systems, preventing fraud, and maintaining internal business operations.

4.4 Consent

In limited cases, we may rely on your consent. Where consent is used, you have the right to withdraw it at any time. Withdrawal of consent will not affect processing already carried out before the withdrawal.

5. Data Sharing and Processors

We may share personal data with trusted third parties that act as processors on our behalf. These processors are only permitted to process data according to our instructions and are required to implement appropriate technical and organizational security measures.

Examples of processors may include:

  • IT and hosting service providers;
  • payment and transaction service providers;
  • customer support and communication tools;
  • analytics and monitoring providers;
  • professional advisors such as legal, accounting, or compliance partners;
  • security and fraud prevention providers.

We may also disclose personal data where required by law, court order, regulatory request, or to protect our rights, property, or safety, or the rights, property, or safety of others. If personal data is transferred outside the European Economic Area, we will ensure appropriate safeguards are in place, such as standard contractual clauses or equivalent legal mechanisms, as required by GDPR.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, reporting, and contractual requirements.

The retention period may vary depending on the type of data and the purpose of processing. In determining retention periods, we consider:

  • the nature and sensitivity of the data;
  • the risk of harm from unauthorized use or disclosure;
  • the purposes of processing;
  • legal or regulatory obligations;
  • whether a longer period is required to establish, exercise, or defend legal claims.

When personal data is no longer needed, we will delete it, anonymize it, or securely archive it where appropriate and lawful.

7. Data Security

We use reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. These measures may include access controls, encryption, secure storage, staff training, and regular review of security practices.

However, no system is completely secure. While we work to protect your information, we cannot guarantee absolute security. You are encouraged to use appropriate safeguards when interacting with any digital service.

8. Your Rights Under GDPR

Subject to legal conditions and exceptions, you have the following rights in relation to your personal data:

  • Right of access — to obtain confirmation of whether we process your data and receive a copy of it.
  • Right to rectification — to request correction of inaccurate or incomplete data.
  • Right to erasure — to request deletion of your data in certain circumstances.
  • Right to restriction — to request limited processing in specific situations.
  • Right to data portability — to receive data you provided in a structured, commonly used, machine-readable format, where applicable.
  • Right to object — to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.

You also have the right not to be subject to decisions based solely on automated processing, including profiling, where such decisions produce legal or similarly significant effects, unless permitted by law.

We may need to verify your identity before responding to a request. We will respond within the time limits required by GDPR, generally within one month, unless an extension is lawfully justified due to complexity or volume.

9. Children’s Privacy

Our services are not intended for children where processing would require special legal safeguards. We do not knowingly collect personal data from children in a manner that is inconsistent with applicable law. If we become aware that personal data has been collected unlawfully from a child, we will take appropriate steps to delete it.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or operational needs. Any revised version will apply from the date it becomes effective. We encourage you to review this policy periodically so that you remain informed about how we protect your personal data.

11. Additional Information

Where required by law, we will provide further information about particular processing activities, including the specific categories of data involved, the relevant lawful basis, and any special safeguards in place. We are committed to ensuring that our processing remains lawful, fair, and transparent at all times.

This Privacy Policy is intended to operate as a clear statement of our data protection practices for all customers in the area. If any part of this policy is found to be inconsistent with applicable law, the remaining provisions will continue to apply to the fullest extent permitted by law.

Summary of core commitments: we collect only necessary data, process it on valid lawful bases, retain it only as long as needed, use processors under strict safeguards, and respect your GDPR rights.

Bow Cleaners

GDPR-compliant privacy policy for all customers in the area, covering data collection, lawful basis, retention, processors, security, and user rights.

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.