Privacy Policy - Tree Surgeons Thorntonheath
This Privacy Policy explains how Tree Surgeons Thorntonheath collects, uses, stores, shares, and protects personal data. It applies to all Tree Surgeons Thorntonheath customers in area, including prospective customers, existing customers, property owners, tenants, commercial clients, and anyone who interacts with our services in relation to tree surgery, arboricultural maintenance, hedge work, stump removal, and related site visits.
We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018. This policy is designed to help you understand what information we process, why we process it, and what rights you have.
1. Information We Collect
We may collect and process different types of personal data depending on how you interact with us and the services requested. The data we collect may include:
- Identity details such as your name or the name of your business or organisation.
- Contact details such as telephone number, email address, and postal address.
- Property details such as site location, access information, photographs, and notes relevant to the work.
- Service information such as quotes, estimates, job instructions, invoices, payment records, and service history.
- Communications including emails, messages, call notes, and records of enquiries or complaints.
- Technical information if you interact with us electronically, such as basic device or usage data where applicable.
- Health and safety information where relevant to carrying out work safely, for example access restrictions, hazards, or site conditions.
We normally collect personal data directly from you. In some cases, we may also receive data from property managers, landlords, contractors, insurers, local authorities, or other third parties where they are arranging or supporting the work.
2. How We Use Your Data
We use personal data only where it is necessary and lawful to do so. The information we hold may be used for the following purposes:
- To respond to enquiries and provide quotes or estimates.
- To arrange site visits, carry out tree surgery services, and manage customer bookings.
- To assess work requirements, risk, and site safety.
- To issue invoices, process payments, and maintain financial records.
- To manage customer relationships and provide aftercare or follow-up services.
- To handle complaints, queries, and disputes.
- To comply with legal, tax, insurance, and regulatory obligations.
- To improve the quality, efficiency, and safety of our services.
We will only use your personal data for the purposes for which it was collected, unless we reasonably consider that we need to use it for another compatible purpose and that the law allows this.
3. Lawful Basis for Processing
Under data protection law, we must have a lawful basis for processing your personal data. Depending on the situation, Tree Surgeons Thorntonheath may rely on one or more of the following bases:
- Contract — when processing is necessary to provide a quotation, enter into a service agreement, perform the work requested, or manage billing and payment.
- Legal obligation — when we must process data to comply with accounting, tax, health and safety, or other legal requirements.
- Legitimate interests — when processing is necessary for our legitimate business interests, such as managing customer relationships, maintaining records, preventing fraud, or improving our operations, provided your rights do not override those interests.
- Consent — in limited situations where we rely on your consent, such as for certain optional communications or non-essential uses. Where consent is used, you may withdraw it at any time.
- Vital interests — in rare circumstances where processing is necessary to protect someone’s life or safety.
We do not rely on unnecessary or excessive processing, and we ensure that the information used is relevant to the purpose for which it is collected.
4. Data Sharing and Processors
We may share personal data with trusted third parties where this is necessary for the operation of our business or the provision of services. These third parties may act as processors on our behalf or as separate controllers in their own right.
Examples of processors may include:
- Accounting and invoicing providers used to manage payments, financial records, and tax compliance.
- IT and cloud service providers used for secure storage, email, document management, and system support.
- Customer administration tools used to organise enquiries, schedules, and service records.
- Communication service providers used to send operational messages or service updates.
Where we use processors, we require them to process personal data only on our instructions, to keep it secure, and to use it only for the agreed purpose.
We may also disclose data where required by law, for example to HMRC, courts, regulators, insurers, emergency services, or law enforcement authorities. Any disclosure will be limited to what is necessary and proportionate.
5. Retention of Personal Data
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including meeting legal, accounting, or reporting obligations. Retention periods depend on the type of data and the reasons for processing it.
- Customer enquiry and quotation records are usually kept for a reasonable period after the enquiry ends.
- Service, invoice, and payment records are generally retained for the period required by tax and accounting law.
- Safety, contract, and work records may be retained longer where needed to address claims, disputes, or insurance matters.
- Data collected on the basis of consent will be kept until you withdraw consent or until it is no longer needed for the original purpose.
When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.
6. Data Security
We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures are designed to reflect the nature of the information held and the risks associated with processing it.
Examples may include access controls, secure storage, password protection, limited staff access, and careful management of paper and electronic records. While no system can be guaranteed completely secure, we take data protection seriously and review our safeguards regularly.
7. Your Rights
Under data protection law, you have several rights in relation to your personal data. These rights may be subject to conditions or exceptions, depending on the circumstances.
- Right of access — you may request a copy of the personal data we hold about you.
- Right to rectification — you may ask us to correct inaccurate or incomplete data.
- Right to erasure — you may ask us to delete your data in certain situations.
- Right to restrict processing — you may ask us to limit how we use your data in specific cases.
- Right to object — you may object to processing based on legitimate interests or direct marketing.
- Right to data portability — you may request that certain data be provided to you or another controller in a structured format.
- Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.
These rights are not absolute. For example, we may need to retain some information to comply with legal obligations or to defend against claims. We will always consider requests carefully and respond in line with the law.
8. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children unless it is necessary in connection with a property, household, or service arrangement and appropriate safeguards are in place.
9. International Transfers
In some cases, personal data may be stored or processed by service providers outside the UK. Where this occurs, we will take appropriate steps to ensure that your data receives a level of protection that is consistent with UK data protection standards.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. The latest version will apply to all Tree Surgeons Thorntonheath customers in area from the date it is published or otherwise made available.
If we make material changes, we will take reasonable steps to bring them to your attention.
11. Complaints and Further Information
If you have concerns about how your personal data is handled, you have the right to raise them with us and, if necessary, to lodge a complaint with the Information Commissioner’s Office (ICO). We encourage you to contact us first so that we can try to resolve any issue promptly and fairly.
This Privacy Policy is intended to be clear, transparent, and compliant with applicable data protection law. By using our services, you acknowledge that we may process personal data as described above for legitimate business and service-related purposes.