Privacy Policy.

1. Who we are

Black Diamond Chimney Sweep is a sole-trader business operated by Christoff Berlage, providing chimney sweeping, CCTV chimney inspection, and stove servicing across Newcastle, Sunderland, Durham, Gateshead and the wider North East of England.

For the purposes of UK GDPR, Black Diamond Chimney Sweep is the data controller for personal data we collect about you. That means we are responsible for deciding how and why your data is used, and accountable for keeping it safe.

You can contact us at:

• Email: christoff@blackdiamond-sweep.co.uk
• Phone: 07398 705 879
• WhatsApp: 07398 705 879

2. What information we collect

We only ever collect the information we need to deliver a safe, well-documented chimney sweep. In practice that means:

• Identification & contact details: your name, address, postcode, phone number, and email address — collected when you book or enquire about a job.
• Property & appliance details: the type of fire or appliance, fuel used, last sweep date, and any access notes you share. This is collected at booking and on site so we arrive with the right equipment.
• Service records: the date, time, scope and outcome of each visit, the certificate number we issue, and any condition notes — cracked liners, worn rope seals, structural concerns — that we observe.
• Photographs: photos you send us of your stove or fireplace, and photos we may take on site to document the condition of the chimney, evidence of work carried out, or any defect we want to draw to your attention. These are kept as part of the service record.
• Communications: the content of emails, WhatsApp conversations, SMS, and phone calls you have with us. We may keep these as evidence of what was agreed.
• Payment information: we do not store card details. Payments are taken in cash, by bank transfer, or via a third-party card terminal. We retain a record that a payment was made and for how much, but not the underlying payment instrument.
• Website data: when you visit this website we collect standard analytics data (pages viewed, approximate location, device type, session duration) via Google Analytics. See section 8 below.

3. Lawful basis for processing

UK GDPR requires us to have a lawful basis for each purpose for which we process your data. Ours are:

• Contract (Article 6(1)(b)): processing your contact details, address and appliance information is necessary to perform the chimney sweep you have asked us to carry out.
• Legal obligation (Article 6(1)(c)): we are required to keep accounting records for at least six years under HMRC rules, and to retain certain service records under the terms of our trade association registration (HETAS) and our public liability insurance policy.
• Legitimate interests (Article 6(1)(f)): we may use your contact details to send annual sweep reminders, request reviews, respond to enquiries, defend ourselves against complaints, and improve our service. We balance these interests against your right to privacy — in particular, you can opt out of marketing reminders at any time without affecting service.
• Consent (Article 6(1)(a)): in the limited cases where we ask permission — for example, to use a photograph of your chimney or fireplace on our social media or website — we rely on your consent, which you can withdraw at any time.

4. How we use your information

We use the information described above to:

• Confirm and schedule your booking, and contact you about it
• Arrive prepared on the day with the correct tools and parts
• Issue your sweep certificate, condition report or service record
• Maintain a service history per property so we can advise on intervals, recurring issues, and future work
• Send annual sweep-due reminders if you want them (opt-out any time)
• Process payment and keep records for HMRC
• Defend a claim, respond to a complaint, or support an insurance investigation if one arises — including providing evidence to your home insurer of a sweep we carried out on your behalf
• Improve the website and the way we communicate with customers

5. Who we share your information with

We do not sell your data. We share it only with the third parties below, and only to the minimum extent needed:

• Cal.com — our online booking platform, which receives the name, email, phone, address, and any custom questions you submit when booking. Cal.com privacy policy.
• Google — we use Google Workspace for our business email (christoff@blackdiamond-sweep.co.uk), Google Calendar to manage appointments, and Google Analytics on the website. Google privacy policy.
• WhatsApp / Meta — if you contact us on WhatsApp, the message content is processed by WhatsApp under Meta's privacy terms. WhatsApp privacy policy.
• Cloudflare — we use Cloudflare Pages to host this website. Cloudflare may process basic technical information about your visit (IP address, browser type) for security and performance.
• Accounting software / accountant — invoice and payment data is shared with our bookkeeping software and, if instructed, with our accountant for the purpose of preparing tax returns and statutory accounts.
• Your home insurer — if you ask us to provide a copy of a sweep certificate or condition report to your insurer in connection with a claim, we will do so. We will not contact your insurer without your instruction.
• Authorities — if required by law, court order, or by a competent regulator (such as HMRC, the police, or the Information Commissioner's Office), we may be obliged to disclose your information.

All of our processors are based in the UK, the EEA, or operate under approved international transfer mechanisms (UK adequacy decisions or Standard Contractual Clauses).

6. How long we keep your information

We keep your information only as long as we need it for the purposes set out above, then we delete it. In practice:

• Service records and certificates: seven years from the date of the sweep. This covers the typical limitation period for a contract claim under the Limitation Act 1980 and the six-year HMRC accounting record requirement, plus a small buffer.
• Booking enquiries that did not result in a job: twelve months, in case you come back to us.
• Marketing reminders database: for as long as you remain a customer plus three years, unless you opt out earlier.
• Photographs: seven years if part of a service record; deleted as soon as the matter is resolved if taken for a complaint or claim.
• WhatsApp and email correspondence: typically three years, longer if part of an active matter.
• Website analytics: retained by Google Analytics for the period set in our property (currently 14 months).

7. Your rights

Under UK GDPR you have the following rights in respect of your personal data:

• Right of access — you can ask for a copy of the personal data we hold about you
• Right to rectification — you can ask us to correct information that is wrong
• Right to erasure — you can ask us to delete your data, subject to the legal and contractual exceptions above (we cannot delete service records that we are obliged to retain)
• Right to restrict processing — you can ask us to pause processing while a query is resolved
• Right to data portability — you can ask for your data in a portable electronic format
• Right to object — you can object to processing based on legitimate interests, including marketing
• Right to withdraw consent — where we rely on consent, you can withdraw it at any time

To exercise any of these rights, email christoff@blackdiamond-sweep.co.uk. We will respond within one calendar month. We may need to verify your identity before disclosing data, particularly where the request comes by email.

If you are not satisfied with how we have handled your data, you have the right to complain to the Information Commissioner's Office (ICO), the UK's data protection regulator, at ico.org.uk or by calling 0303 123 1113.

8. Cookies and website tracking

This website uses cookies and similar technologies for two purposes:

• Strictly necessary — cookies needed for the website to function (for example, when you book through the embedded Cal.com calendar). These do not require consent.
• Analytics — we use Google Analytics 4 to measure how visitors use the site, which pages are most read, and where visitors come from. This helps us improve the site. Analytics cookies are set on first visit. You can prevent these by enabling "Do Not Track" in your browser, using a browser extension that blocks Google Analytics, or by clearing your cookies after each visit.

We do not use behavioural-advertising cookies, retargeting pixels, or third-party social-media tracking.

9. Security

We take reasonable steps to protect your information:

• The website is served over HTTPS with valid TLS certificates
• Email is secured with industry-standard authentication (SPF, DKIM, DMARC) and is hosted by Google Workspace
• Our business devices are password-protected, encrypted at rest, and patched regularly
• Customer records are stored in access-controlled systems (Cal.com dashboard, our email, accounting software) rather than on paper or unsecured spreadsheets
• We limit who can access your data — in practice only the business owner

No system is completely secure. In the unlikely event of a data breach affecting your rights, we will notify you and the ICO within 72 hours where required by law.

10. Children

Our services are intended for adult homeowners and landlords. We do not knowingly collect data from anyone under the age of 18. If you believe a child has submitted personal information to us, please contact us and we will delete it.

11. Changes to this policy

We may update this policy from time to time to reflect changes in our practices, new third-party services, or changes to the law. The current version will always be available at this page, with the "Last updated" date at the top. We recommend you check it occasionally.

12. Contact us

If you have any question about this policy, or about how we look after your data:

• Email: christoff@blackdiamond-sweep.co.uk
• Phone or WhatsApp: 07398 705 879
• Post: available on request