£15 off your first clean — sign up

Shandy Dandy
The legal bit

Privacy Policy

Last updated 12 May 2026

This policy explains what personal information Shandy Dandy Cleaning collects when you use our website or book a clean, what we do with it, and the rights you have over it. We try to keep it plain English — if anything isn't clear, email us and we'll explain.

Who we are

Shandy Dandy Cleaning ("we", "us") is a residential cleaning business operating across Merseyside. We are the data controller for personal data collected through this website.

What we collect

The information we hold about you depends on how you use the site.

When you create an account

  • Name and email address
  • A hashed (one-way scrambled) version of your password — we never see the plaintext
  • Whether you opted in to our mailing list
  • If you arrived through a referral link, the referring customer's code

When you book a clean

  • Service address and postcode
  • Contact phone number (optional)
  • Service type, frequency, date and time
  • Any access notes, pets, allergies or special instructions you tell us
  • Booking history and amounts charged

When you pay

Payments are processed by Stripe. We do not see or store your full card number, expiry or CVC — Stripe handles those and we only receive a token and a confirmation of payment. Stripe's own privacy notice is at stripe.com/gb/privacy.

When you join the mailing list

  • Email address and the page or form you signed up from

Automatic information

Like most websites, we receive basic technical information from your browser (IP address, browser type, pages visited, referring URL). We use this only to keep the site running and secure. We do not use third-party analytics or advertising trackers.

Why we use it (lawful basis)

What we doWhyLawful basis (UK GDPR)
Manage your account and bookingsTo provide the service you asked forContract
Take paymentTo complete your bookingContract
Send booking confirmations and remindersTo deliver the serviceContract
Send marketing emailsOnly if you opted inConsent
Track referral creditTo honour the £15 referral offerContract / legitimate interests
Keep tax and accounting recordsTo meet HMRC obligationsLegal obligation
Prevent fraud and keep the site secureTo protect customers and the businessLegitimate interests

Who we share it with

We share personal data only with the providers we need to run the service:

  • Stripe — payment processing (UK and EEA, with some processing in the US under appropriate safeguards).
  • Our hosting provider — secure infrastructure where the site and database run.
  • The cleaner attending your booking — receives your name, address, access notes and booking details so they can carry out the clean.
  • HMRC, regulators, courts — only when legally required.

We never sell your personal data. We do not share it with marketing or advertising networks.

How long we keep it

  • Account details: while your account is active, plus 12 months after closure.
  • Booking records: 7 years (for HMRC accounting requirements).
  • Mailing list: until you unsubscribe.
  • Server access logs: 90 days.

Your rights

Under UK GDPR you can:

  • Ask for a copy of the personal data we hold about you
  • Ask us to correct anything that's wrong
  • Ask us to delete your data (subject to records we're required to keep)
  • Ask us to restrict or object to processing
  • Withdraw consent for marketing at any time
  • Ask for your data in a portable format

To exercise any of these, email hello@shandydandy.co.uk. We'll respond within one month.

If you're not happy with how we've handled your data you can complain to the Information Commissioner's Office at ico.org.uk or 0303 123 1113. We'd rather you came to us first so we can put it right.

Security

We protect personal data with measures including encryption in transit (HTTPS), one-way password hashing (bcrypt), access controls, and reputable infrastructure providers. No system is perfectly secure, but we take this seriously and will notify you and the ICO of any breach affecting you, as required.

Children

Our service is for adults. We don't knowingly collect personal data from anyone under 16. If you believe a child has given us their details, please let us know and we'll delete them.

Cookies

See our separate Cookie Policy for what we set and why.

Changes to this policy

If we change anything material we'll update the date at the top and, for significant changes, let you know by email or a notice on the site.

Questions about any of this? Drop us a line at hello@shandydandy.co.uk.
Privacy Policy · Shandy Dandy · Shandy Dandy