Who we are: OSO Group Engineers (“we”, “us”, “our”) provides plumbing, heating, electrical and drainage services in the UK. This policy explains how we collect, use and protect your personal information.
1) Data controller
- Controller: [Company Legal Name], trading as OSO Group Engineers
- Registered office: [Address]
- Email: [privacy@domain] • Phone: [phone]
We comply with the UK GDPR and Data Protection Act 2018. If you are in the EEA, we process your data under the EU GDPR as applicable.
2) What data we collect
We may collect:
- Identity & contact: name, phone, email, address, postcode.
- Service details: property access info, appointment notes, photos you provide.
- Payment data: billing info (processed by our payment provider; we do not store full card details).
- Communications: emails, form submissions, chat messages, and (if enabled) call recordings for training and quality.
- Technical data: IP, device/browser info, pages viewed, and cookies/analytics IDs.
- Marketing preferences: opt-in/out choices.
3) How we collect data
- Directly from you (website forms, phone, email, chat, bookings).
- Automatically via cookies/analytics when you use our website.
- From third parties you authorise (e.g., payment provider, booking tool, messaging platforms, calls).
4) Why we use your data (lawful bases)
- Provide services & fulfil contracts (appointments, repairs, invoicing).
- Customer support & communication (legitimate interests / contract).
- Payments & fraud prevention (contract / legitimate interests / legal obligation).
- Analytics & site improvement (legitimate interests; consent where required).
- Marketing (consent; you can withdraw anytime).
- Legal & regulatory compliance (legal obligation).
5) Cookies & analytics
We use cookies to run our site, remember preferences, and measure performance. Non-essential cookies (e.g., analytics/advertising) run only with your consent via our cookie banner. You can change your choices anytime. See our Cookie Notice for details (types, duration, providers).
6) Sharing your data
We share data only with trusted service providers acting on our instructions—for example:
- Website hosting/CDN, email and SMS providers
- Booking and CRM systems
- Payment processors (e.g., Stripe, Best)
- Call, chat or analytics platforms (e.g., Google Analytics)
We require processors to protect your data and not use it for their own purposes. We do not sell your personal data.
7) International transfers
If data is transferred outside the UK/EEA, we use appropriate safeguards (e.g., UK IDTA / EU SCCs) and assess recipient protections.
8) Data retention
We keep data only as long as necessary:
- Enquiries: up to 24 months
- Booking/service records & invoices: 6 years (tax/accounting)
- Call recordings (if used): up to 12 months
- Analytics data: up to 14 months
We may retain longer if required by law or to establish/defend legal claims.
9) Security
We use reasonable technical and organisational measures: encryption in transit, access controls, staff training, and regular reviews. No method is 100% secure; we work to minimise risk and respond promptly to incidents.
10) Your rights
You can:
- Access your data and request a copy
- Rectify inaccurate or incomplete data
- Erase data (where applicable)
- Restrict or object to processing
- Data portability (where applicable)
- Withdraw consent (e.g., marketing) at any time
To exercise rights, contact [privacy@domain]. We will respond within one month. You also have the right to complain to the ICO: ico.org.uk.
11) Children
Our services are not directed to children under 13. We do not knowingly collect children’s data.
12) Third-party links
Our site may link to other websites. We are not responsible for their privacy practices. Please review their policies.
13) Changes to this policy
We may update this policy from time to time. We will post the latest version with a new “Effective date”.
14) Contact us
Questions or requests about this policy:
Email: [privacy@domain] • Address: [Address] • Phone: [phone]