Privacy Policy

Who We Are

All Services 4U is the data controller responsible for your personal information.

Company Name: All Services 4U Limited Registered Address: [Address] Company Number: [Number] ICO Registration Number: [Number]

Data Protection Contact: Email: dataprotection@allservices4u.co.uk Phone: [Phone number] Address: Data Protection Officer, All Services 4U, [Address]

Information We Collect

We collect different types of personal information depending on your relationship with us.

Clients and Client Representatives

Residents and Property Occupants

Suppliers and Subcontractors

Job Applicants

Employees

Employee data is covered in our separate Employee Privacy Notice, provided during onboarding.

Website Visitors

How We Collect Information

We collect personal information through various means:

Directly from You

• Contact forms and enquiries
• Quote requests and service bookings
• Contract negotiations and agreements
• Phone calls and emails
• Appointments and site visits
• Job applications
• Feedback and surveys

From Third Parties

• Our clients (property managers, housing associations, landlords)
• Referees and previous employers (job applicants)
• Credit reference agencies
• Background check providers (DBS)
• Trade bodies and certification bodies
• Public sources (Companies House, professional registers)

Automatically

• Website cookies and analytics
• CCTV at our premises
• Vehicle telematics (employee vehicles)
• Call recordings (with notification)

How We Use Your Information

We use personal information for the following purposes:

Providing Our Services

Managing Client Relationships

Legal and Regulatory Compliance

Business Operations

Recruitment

Security and Safety

Legal Basis for Processing

Under UK GDPR, we must have a legal basis for processing personal data:

Contract Performance

Processing necessary to perform a contract with you or take steps before entering a contract.

Legal Obligation

Processing necessary to comply with legal requirements, such as health and safety regulations, tax laws, or Building Safety Act requirements.

Legitimate Interests

Processing necessary for our legitimate business interests, where these are not overridden by your rights. Our legitimate interests include:

• Providing and improving our services
• Managing client and supplier relationships
• Business administration and planning
• Fraud prevention and security
• Marketing (to existing clients)

Consent

Where you have given clear consent for specific processing, such as receiving marketing communications.

Vital Interests

Processing necessary to protect someone’s life, such as emergency contact in case of accident.

Special Category Data

Some personal data is classified as special category data and requires additional protection:

• Racial or ethnic origin
• Political opinions
• Religious or philosophical beliefs
• Trade union membership
• Genetic or biometric data
• Health data
• Sex life or sexual orientation

When We Process Special Category Data

We may process special category data in limited circumstances:

We will always tell you why we need special category data and obtain your explicit consent where required.

Criminal Record Data

We process criminal record data for:

• DBS checks on employees working in residents’ homes
• Compliance with safeguarding requirements
• Assessment of supplier and subcontractor suitability

This processing is necessary for compliance with legal obligations and our policies on safeguarding and safer recruitment.

Who We Share Your Information With

We may share personal information with:

Service Delivery Partners

Our Clients

Professional Advisers

Regulatory Bodies

Technology Providers

Other Parties

Safeguards

When sharing data with third parties:

• We only share data necessary for the specific purpose
• We have contracts requiring data protection compliance
• We ensure adequate security measures are in place
• We do not sell personal data to third parties

International Transfers

We primarily process personal data within the UK and European Economic Area (EEA).

If we transfer data outside the UK/EEA, we ensure appropriate safeguards:

• Transfers to countries with adequate data protection laws
• Standard contractual clauses approved by the ICO
• Binding corporate rules (where applicable)
• Explicit consent for specific transfers

Data Retention

We retain personal data only for as long as necessary.

Retention Periods

Retention Review

We regularly review retained data and securely delete or anonymise data that is no longer needed.

Exceptions

We may retain data longer if:

• Required by law or regulation
• Needed for legal proceedings
• Subject to a legal hold
• Required for Building Safety Act Golden Thread

Data Security

We implement appropriate security measures to protect personal data.

Technical Measures

• Encryption of data in transit and at rest
• Secure password policies and multi-factor authentication
• Firewalls and intrusion detection systems
• Regular security updates and patching
• Secure backup and disaster recovery
• Access controls and user permissions

Organisational Measures

• Data protection policies and procedures
• Staff training on data protection
• Confidentiality obligations in contracts
• Incident response procedures
• Regular security audits and testing
• Supplier due diligence

Physical Measures

• Secure premises with access controls
• Locked storage for paper records
• Clear desk policy
• Secure disposal of documents
• CCTV monitoring

Breach Response

If a data breach occurs:

• We will contain and assess the breach
• We will notify the ICO within 72 hours if required
• We will notify affected individuals if there is high risk
• We will take steps to prevent recurrence

Your Rights

Under UK GDPR, you have the following rights:

Right to Be Informed

You have the right to know how we use your personal data. This Privacy Policy provides that information.

Right of Access

You have the right to request a copy of the personal data we hold about you (a Subject Access Request).

Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data.

Right to Erasure

You have the right to request deletion of your personal data in certain circumstances, such as:

• Data is no longer needed for the original purpose
• You withdraw consent (where consent is the legal basis)
• You object to processing and there are no overriding legitimate grounds
• Data was unlawfully processed

This right does not apply where we need to retain data for legal obligations or legal claims.

Right to Restrict Processing

You have the right to request restriction of processing in certain circumstances, such as:

• You contest the accuracy of the data
• Processing is unlawful but you do not want deletion
• We no longer need the data but you need it for legal claims
• You have objected to processing pending verification

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format where:

• Processing is based on consent or contract
• Processing is carried out by automated means

Right to Object

You have the right to object to processing based on legitimate interests. We will stop processing unless we have compelling legitimate grounds.

You have an absolute right to object to direct marketing at any time.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or significant effects.

We do not currently use automated decision-making that would be subject to this right.

Exercising Your Rights

How to Make a Request

To exercise any of your rights, contact us:

Email: dataprotection@allservices4u.co.uk Phone: [Phone number] Post: Data Protection Officer, All Services 4U, [Address]

Please provide:

• Your name and contact details
• Details of your request
• Any information to help us locate your data
• Proof of identity (we may request this)

Our Response

• We will respond within one month
• We may extend this by two months for complex requests
• We will inform you of any extension and the reasons
• We will provide information free of charge (reasonable fees may apply for excessive requests)

Verification

To protect your data, we may ask you to verify your identity before processing requests.

Complaints

If you are not satisfied with our response:

1. Contact our Data Protection Officer
2. Escalate to senior management
3. Complain to the Information Commissioner’s Office

Information Commissioner’s Office Website: www.ico.org.uk Phone: 0303 123 1113 Post: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Cookies

Our website uses cookies to improve your experience.

What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and understand how you use the site.

Cookies We Use

Essential Cookies

These cookies are necessary for the website to function. They cannot be disabled.

• Session management
• Security features
• Load balancing

Analytics Cookies

We use Google Analytics to understand how visitors use our website. These cookies collect anonymous information about:

• Pages visited
• Time spent on site
• How you arrived at our site
• Your general location (country/city)

Managing Cookies

You can manage cookies through:

• Our cookie consent banner
• Your browser settings
• Opting out of Google Analytics: tools.google.com/dlpage/gaoptout

More Information

For more details, see our separate Cookie Policy.

Marketing

How We Market

We may send marketing communications about our services if:

• You are an existing client and have not opted out
• You have given consent to receive marketing
• You have enquired about our services

Your Choices

You can opt out of marketing at any time:

• Click “unsubscribe” in any marketing email
• Contact us at marketing@allservices4u.co.uk
• Call us on [Phone number]

We will action opt-out requests within 10 working days.

What We Will Not Do

• We will not sell your data to third parties for marketing
• We will not share your data with unrelated companies for their marketing
• We will not send excessive communications

Children’s Privacy

Our services are not directed at children under 16. We do not knowingly collect personal data from children.

If we become aware that we have collected data from a child under 16 without parental consent, we will delete it.

Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of other websites. Please read their privacy policies.

CCTV

We operate CCTV at our premises for security purposes.

Purpose

• Preventing and detecting crime
• Protecting staff, visitors, and property
• Health and safety monitoring

Signage

Signs are displayed to notify people that CCTV is in operation.

Retention

CCTV footage is retained for 30 days unless:

• An incident requires longer retention
• Footage is requested by law enforcement
• Footage is needed for legal proceedings

Access

You may request access to CCTV footage featuring you. We may redact or withhold footage featuring other individuals.

Call Recording

We may record phone calls for:

• Training and quality purposes
• Accurate record of instructions
• Dispute resolution
• Regulatory compliance

You will be informed at the start of a call if it is being recorded.

Changes to This Policy

We may update this Privacy Policy from time to time.

Notification

• Significant changes will be notified via email or website notice
• Minor changes will be reflected in the “last updated” date
• Continued use of our services constitutes acceptance of changes

Version History

Contact Us

If you have questions about this Privacy Policy or how we handle your personal data:

Data Protection Officer Email: dataprotection@allservices4u.co.uk Phone: [Phone number] Address: Data Protection Officer, All Services 4U, [Address]

General Enquiries Email: info@allservices4u.co.uk Phone: [Phone number]

Quick Reference

We Will

✓ Only collect data we need
✓ Tell you how we use your data
✓ Keep your data secure
✓ Respect your rights
✓ Only keep data as long as necessary
✓ Train our staff on data protection
✓ Report breaches as required

We Will Not

✗ Sell your data to third parties
✗ Use your data for purposes you wouldn’t expect
✗ Keep data longer than necessary
✗ Share data without appropriate safeguards
✗ Ignore your rights requests
✗ Send marketing without consent or legitimate basis

Your Rights

✓ Access your data
✓ Correct inaccurate data
✓ Request deletion (in certain circumstances)
✓ Restrict processing
✓ Object to processing
✓ Data portability
✓ Withdraw consent
✓ Complain to the ICO

All Services 4U is committed to protecting your privacy. This policy explains how we handle your personal information in compliance with UK data protection law.