Mx. Neat and Tidy Customer Privacy Notice

Registered name: JdS Consulting Ltd.
Company Number: 14974139
ICO Registration: ZB705394

This privacy notice tells you what to expect us to do with your personal information.

Contact Details

Email: hello@neat-tidy.co.uk
Phone: 07769 065404
Address: 62 Edward Road, Croydon, CR0 6DY

What Information We Collect, Use, and Why for Providing Our Decluttering and Organising Services

We collect and use the following information:

• Names and contact details (phone, email, address)

• Health information - to tailor our services to your needs and ensure we can work safely in your environment

• Property information - details about spaces we're organising

• Usage data - how you interact with our website and services

• Communication records - emails, WhatsApp messages, meeting notes

• Video and photographic recordings - with your explicit consent, for marketing purposes on social media

• Financial information - payment details and transaction history

For Customer Account Management

• Account registration details

• Service history and preferences

• Marketing preferences

• Billing and payment information

For Marketing (with your consent)

• Contact details

• Service preferences

• Before/after photos/videos of your spaces

• Testimonials and reviews

For Legal Compliance

• Identity verification information

• Financial transaction records

• Correspondence and complaint records

Our Lawful Bases for Processing Your Data

We process your personal data under the following legal grounds:

Contract - We need your information to provide our decluttering services and manage your account.

Consent - For marketing communications, photography/videography, and sharing health information.

Legitimate Interests - For improving our services, preventing fraud, and business administration. Our legitimate interests include providing tailored organising services and maintaining business records.

Legal Obligation - For tax records, regulatory compliance, and safeguarding requirements.

Special Category Data (Health Information): We process health data under Article 9(2)(a) GDPR - with your explicit consent.

Circumstances Where We May Share Your Information:

With Your Consent

• Marketing photos/videos on our social media platforms

• Testimonials and case studies

• Referrals to other service providers you've requested

Without Your Consent (Legal Requirements)

We may share your personal information without consent only in exceptional circumstances:

• Safeguarding concerns - Where we have reasonable concerns about the safety of a child, vulnerable adult, or any person at risk of harm

• Legal obligations - Where required by law to disclose to authorities

• Emergency situations - Where immediate disclosure is necessary to prevent serious harm

• Court orders - Where compelled by court or tribunal

• Regulatory investigations - To comply with ICO or other regulatory body requests

In such cases, we will only share the minimum information necessary and will inform you unless doing so would increase risk of harm or we are legally prevented.

Service Providers

We may share data with trusted service providers who help us deliver our services:

• Cloud storage and email providers - For secure data storage and communication

• Website hosting and domain services - For maintaining our online presence

• Customer relationship management systems - For managing client relationships

• Payment processors - For handling transactions securely

• Video editing and content creation platforms - For creating marketing materials (with consent)

• Design and marketing tools - For business communications and content creation

• Appointment booking and automation systems - For scheduling and workflow management

• Professional advisors - Accountants, lawyers, and business consultants

We may also work with other service providers as our business needs evolve. All service providers are selected carefully and are contractually required to protect your data and use it only for specified purposes.

International Transfers

Some of our service providers store or process data outside the UK, including:

• Cloud storage and email services - For secure data storage and communication

• Website hosting and domain services - For our online presence and booking systems

• Customer relationship management systems - For managing client records and communications

• Video editing and content creation platforms - For creating marketing materials with your consent

• Design and marketing tools - For business communications and social media content

• Appointment booking and automation systems - For scheduling and workflow management

• Social media platforms - For marketing content with your explicit consent

We may also use other business software and online services that process data internationally as our business needs evolve.

All international transfers are protected by:

• Adequacy decisions by the UK government, or

• Standard contractual clauses approved by the ICO, or

• Other appropriate safeguards under UK GDPR

Data Security

We implement appropriate technical and organisational measures to protect your data:

• Digital security: Password protection with two-factor authentication (2FA)

• Cloud storage: Secure Microsoft cloud services with encryption

• Access controls: Only authorised personnel (currently just the business owner) can access personal data

• Communication security: WhatsApp end-to-end encryption for client communications

• Regular updates: Software and security systems kept current

• Data minimisation: We only collect and retain data necessary for our services

How Long We Keep Your Information

We retain personal data for 8 years after our last interaction with you. This allows us to:

• Handle any queries about past services

• Comply with tax and legal record-keeping requirements

• Maintain professional insurance coverage

Marketing photos/videos are retained indefinitely with your ongoing consent (which you can withdraw at any time).

Automated Decision-Making

We do not use automated decision-making or profiling that would significantly affect you. All decisions about our services are made by humans.

Your Data Protection Rights

Under UK data protection law, you have the following rights:

Right of Access - Request copies of your personal data and information about how we use it

Right to Rectification - Ask us to correct inaccurate or incomplete data

Right to Erasure - Request deletion of your data (subject to legal retention requirements)

Right to Restrict Processing - Limit how we use your data in certain circumstances

Right to Object - Object to processing based on legitimate interests or for marketing

Right to Data Portability - Request transfer of your data to another organisation

Right to Withdraw Consent - Remove consent for processing that requires it (e.g., marketing, health data)

To exercise any of these rights, contact us using the details above. We will respond within one month.

Note: Some rights may be limited where we need to retain data for legal compliance or safeguarding purposes.

Marketing Communications

We will only send marketing communications with your consent. You can:

• Unsubscribe at any time using links in our emails

• Contact us to update your preferences

• Withdraw consent for use of your photos/videos in marketing

Complaints

If you're unhappy with how we handle your personal data:

1. Contact us first: hello@neat-tidy.co.uk

2. Contact the ICO: If we cannot resolve your concern

Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Helpline: 0303 123 1113
Website: https://www.ico.org.uk/make-a-complaint

Changes to This Notice

We may update this privacy notice from time to time. Any significant changes will be communicated to you directly.

Last Updated: 26th September 2025

This privacy notice should be read alongside our service contract, which contains additional information about confidentiality and data processing.