UK GDPR Compliant
1. Who we are & how to contact us
This Privacy Notice explains how Butlers Inc. Limited collects, uses, stores, and protects your personal data. It applies to all clients, website visitors, staff, and contractors.
Butlers Inc. Limited (“we”, “us”, “our”) is registered in England and Wales under Company Number 17150882. Registered office: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ. We are the data controller for all personal data processed in connection with our services and website at www.butlersinc.com. ICO Registration: [INSERT ICO REGISTRATION NUMBER].
We are committed to handling your personal data lawfully, fairly, and transparently in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
For all data protection queries, to exercise your rights, or to submit a Subject Access Request, contact us at hello@butlersinc.com with the subject line “Data Rights Request”.
You have the right to complain at any time to the Information Commissioner’s Office (ICO): www.ico.org.uk | 0303 123 1113.
2. What personal data we collect
2.1 Client and family data
Identity data: full name, date of birth.
Contact data: home address, email address, phone number.
Children’s data: name, age, school details, medical/dietary/behavioural needs, custody arrangements.
Financial data: payment card or bank details (processed via secure third-party payment processor).
Transaction data: booking history, service records, invoices.
Communications data: emails, messages, and correspondence with us.
Body camera data: audio-visual footage captured during opted-in Bookings only.
Technical data: IP address, browser type, and website usage data.
Special category data: health or medical information about a child relevant to safe care.
Pet and property data: animal details, property access codes, and security arrangements (relevant to house sitting and errand Bookings).
2.2 Staff and contractor data
Identity and contact data: full name, date of birth, photo ID, address, email, phone, emergency contacts.
Employment data: right-to-work documents, employment history, professional references.
DBS data: Enhanced DBS certificate number and status.
Financial data: bank details, National Insurance number, tax information.
Performance data: supervision notes, incident reports, training records, body camera footage.
We do not collect personal data directly from children. All children’s data is provided by the parent or guardian.
3. How and why we use your data
We process your personal data only where we have a lawful basis. The key purposes and bases are:
Performance of contract. Providing booked services (childcare, errands, school runs, house sitting, luggage and travel assistance, courier services).
Performance of contract. Processing payments and managing accounts.
Legal obligation + Vital interests (Art. 6(1)(c)+(d); Art. 9(2)(c)). Safeguarding children during service delivery.
Legal obligation (Art. 6(1)(c)). Conducting and recording DBS checks for staff.
Legal obligation + Legitimate interest. Inspecting items for courier Bookings to ensure legal compliance.
Legitimate interest + Consent (Art. 6(1)(a)+(f)). Body camera monitoring (opt-in Clients only).
Legitimate interest (Art. 6(1)(f)). Responding to complaints and resolving disputes.
Legal obligation (Art. 6(1)(c)). Complying with legal and regulatory obligations.
Legal obligation. Maintaining HMRC and Companies House records.
Performance of contract. Sending booking confirmations and service updates.
Legitimate interest (Art. 6(1)(f)). Marketing to existing clients where not opted out.
Legitimate interest (Art. 6(1)(f)). Website analytics and service improvement.
Pre-contractual steps + Legal obligation. Recruiting and onboarding staff and contractors.
Special category data (children’s health information) is processed only to safeguard the child’s welfare. It is never used for marketing, analytics, or any other purpose.
4. How long we keep your data
We retain personal data only for as long as necessary for the purpose collected, or as required by law:
Client booking records and financial data: 6 years from date of service (HMRC/Companies Act).
Children’s safeguarding data: until the child turns 25, or 6 years after last service if over 19 at last contact (Children Act 1989 guidance).
Body camera footage (no active matter): 30 days from recording date, then permanently deleted.
Body camera footage (active complaint/safeguarding/legal matter): until resolved plus 12 months.
Staff DBS records: duration of employment/contract plus 6 months (DBS Code of Practice).
Staff employment records: 6 years after employment ends.
Complaint records: 6 years from resolution (Limitation Act 1980).
Website analytics data: 26 months (ICO guidance).
Marketing consent records: until consent is withdrawn plus 12 months.
At the end of each retention period, data is securely deleted or anonymised. Anonymised data may be retained indefinitely for statistical purposes.
5. Who we share your data with
We do not sell, rent, or trade your personal data. We share only where necessary and with appropriate safeguards:
Assigned Staff Members: relevant client, booking, and child care details to perform the Booking.
Encrypted cloud storage provider (UK/EEA): body camera footage, under a data processing agreement.
Payment processor: financial data to process payments securely (we do not store full card details).
Disclosure and Barring Service: staff identity data for enhanced checks.
HMRC and Companies House: financial and employment records as legally required.
Schools and nurseries: assigned Staff Member identity for authorised school run collections.
Third-party luggage carriers: Client name and delivery details where you request carrier booking.
Emergency services and safeguarding authorities: any data necessary to protect life or safety.
Legal advisers and courts: data required for legal proceedings or regulatory matters.
ICO: data subject to regulatory investigation.
5.1 International transfers
We do not routinely transfer personal data outside the UK or EEA. Any such transfer will be subject to UK GDPR Chapter V safeguards.
6. Your rights under UK GDPR
You can exercise any of the following rights by contacting us at hello@butlersinc.com. We will respond within one calendar month and may need to verify your identity first.
Right of access: request a copy of all personal data we hold about you (Subject Access Request).
Right to rectification: ask us to correct inaccurate or incomplete data.
Right to erasure: ask us to delete your data where there is no compelling reason to continue (does not apply where retention is legally required).
Right to restrict processing: ask us to pause processing in certain circumstances.
Right to data portability: receive your data in a structured, machine-readable format (where processing is automated and based on consent or contract).
Right to object: object to processing based on legitimate interest, including direct marketing.
Right to withdraw consent: withdraw consent at any time (e.g. body camera monitoring, marketing) without affecting prior processing.
Rights regarding automated decisions: we do not use automated decision-making that produces legal or significant effects.
If you are dissatisfied with our response, you have the right to complain to the ICO at www.ico.org.uk or 0303 123 1113. We would appreciate the opportunity to address your concerns first.
7. How we keep your information safe
All digital personal data is stored on password-protected, encrypted systems.
Access to personal data is restricted to authorised personnel on a strict need-to-know basis.
All staff and contractors are contractually bound to maintain confidentiality of client and children’s data.
Body camera footage is uploaded to encrypted UK/EEA cloud storage immediately after each Booking. Local device recordings are deleted upon successful upload.
Access to body camera footage is restricted to the designated compliance officer, senior management (safeguarding or complaints review only), and relevant statutory authorities.
Cameras are never activated in bathrooms, changing areas, or any private space.
In the event of a data breach likely to risk individual rights and freedoms, we will notify the ICO within 72 hours and affected individuals without undue delay.
No method of transmission over the internet is entirely secure. While we take all reasonable steps, we cannot guarantee absolute security.
8. Children’s data — special provisions
Given the nature of our services, we apply the highest standard of care to any personal data relating to children.
Children’s personal data is collected and processed solely to deliver safe and appropriate care during Bookings. It is never used for marketing, analytics, or any other purpose. All children’s data is treated with the same rigour as special category data under UK GDPR. Access is limited to the assigned Staff Member for the relevant Booking and to senior management for safeguarding oversight.
Where a safeguarding concern arises, we may be legally required to share information with schools, social services, the police, or other statutory authorities. We will always act in the best interests of the child.
We do not accept direct use of our website or services by persons under 18 without parental consent. Clients are responsible for ensuring information provided about their child is accurate and current.
9. Updates to this notice
We may update this Privacy Notice at any time. The current version is always at www.butlersinc.com. Where changes are material, existing clients will be notified by email before they take effect.
Contact
Butlers Inc. Limited
71-75 Shelton Street, Covent Garden, London, WC2H 9JQ
Email: hello@butlersinc.com
Website: www.butlersinc.com
Company No. 17150882
© Butlers Inc. Limited · Company No. 17150882 · Privacy Notice v1.1 · Effective April 2026