Privacy Policy - Tree Surgeons Woodgreen
This Privacy Policy explains how Tree Surgeons Woodgreen collects, uses, stores, shares, and protects personal data. It applies to all Tree Surgeons Woodgreen customers in the area, including people who request quotes, book services, receive site visits, or otherwise interact with our services. We are committed to handling personal information in a lawful, fair, and transparent way in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Tree Surgeons Woodgreen provides tree surgery and related outdoor services to customers in and around Woodgreen. In the context of this policy, we act as the data controller for the personal information we collect and use. This means we decide how and why your personal data is processed.
We only collect and use personal data where there is a valid legal reason to do so and where it is necessary for the service we provide, our legal obligations, or our legitimate business interests.
2. Personal Data We Collect
We may collect and process a range of personal data depending on how you interact with us. The information we collect is limited to what is relevant and necessary for the service.
Examples of data collected
- Identity data, such as your name.
- Contact data, such as address, email address, and telephone number.
- Service information, such as details about the work requested, site access, property details, and instructions relevant to the job.
- Communication data, such as messages, emails, call notes, and records of enquiries or complaints.
- Billing and payment data, such as invoice details, payment status, and transaction records.
- Technical data, such as basic website or device information if you submit an enquiry online, where applicable.
- Marketing preferences, such as whether you have agreed to receive promotional updates.
We do not intentionally collect special category data unless it is required for a specific and lawful reason, and only where appropriate safeguards are in place. If such information is ever provided to us accidentally, we will handle it carefully and securely.
3. How We Use Your Data
We use personal data to manage customer relationships and to provide our services effectively. This may include the following purposes:
- Responding to enquiries and providing quotations.
- Arranging visits, carrying out work, and managing bookings.
- Communicating about service updates, scheduling, and follow-up matters.
- Preparing invoices, processing payments, and maintaining financial records.
- Handling complaints, queries, and dispute resolution.
- Maintaining internal records and business administration.
- Meeting legal, tax, accounting, and insurance obligations.
- Improving service quality, safety, and operational efficiency.
- Sending marketing messages where permitted and where you have the right to opt out.
We only use data for the purposes for which it was collected, unless we reasonably believe we need to use it for another compatible purpose and we are allowed to do so by law.
4. Lawful Basis for Processing
Under data protection law, we must have a lawful basis for each type of processing. Tree Surgeons Woodgreen relies on one or more of the following lawful bases:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes responding to a request, providing a quote, carrying out agreed work, and managing payment.
Legal obligation
We may process data where required to meet our legal duties, such as tax record keeping, accounting, health and safety compliance, and insurance requirements.
Legitimate interests
We may process personal data where it is necessary for our legitimate business interests, provided these interests are not overridden by your rights and freedoms. Examples include record keeping, service improvement, fraud prevention, and managing customer communications.
Consent
In some cases, we rely on your consent, particularly for certain forms of marketing communication. Where consent is used, you can withdraw it at any time.
Important: We will always identify and apply the appropriate lawful basis depending on the specific activity and type of information involved.
5. Sharing and Processors
We do not sell personal data. However, we may share data with trusted third parties where necessary to operate our business and deliver services. These third parties may act as data processors or independent controllers depending on the circumstances.
Examples of processors and recipients
- IT and cloud service providers who help us store, secure, and manage business data.
- Accounting and bookkeeping services that support invoicing, tax records, and financial administration.
- Payment service providers that process customer payments securely.
- Communication tools used to manage emails, messages, or service updates.
- Professional advisers, such as insurers, lawyers, or consultants, where needed for legal or business purposes.
- Subcontractors or specialist service partners involved in delivering a requested service, where relevant and necessary.
Where we use processors, we ensure they are subject to appropriate contractual obligations and security measures. They may only process personal data on our instructions and for agreed purposes.
We may also disclose information where required by law, regulation, court order, or to protect our rights, safety, property, customers, or staff.
6. Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected, and in line with legal and business requirements. Retention periods depend on the type of information and the reason it is held.
Typical retention approach
- Quotation and enquiry records may be retained for a reasonable period to manage follow-up, customer service, and business records.
- Contract and job records may be retained for the duration of the service relationship and afterwards for a period needed to handle queries, claims, or legal matters.
- Financial and tax records are kept for the period required by law.
- Communication records are retained only as long as necessary for administration, evidence, or customer support.
- Marketing preferences are kept until you opt out or withdraw consent.
When data is no longer needed, we will delete it securely or anonymise it so it can no longer identify you.
7. Data Security
We take reasonable technical and organisational measures to protect personal data from unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures may include access controls, secure storage, restricted sharing, and staff awareness procedures.
Although no system can be guaranteed to be completely secure, we work to reduce risks and handle personal data responsibly. If a data breach occurs that affects your rights or freedoms, we will respond in line with legal requirements.
8. Your Rights
As a data subject under UK GDPR, you have important rights regarding your personal data. These rights may apply in full or in part depending on the circumstances and any legal exemptions.
Your rights include:
- Right of access – to request a copy of the personal data we hold about you.
- Right to rectification – to ask us to correct inaccurate or incomplete data.
- Right to erasure – to request deletion of your data in certain situations.
- Right to restriction – to ask us to limit how we use your data in certain circumstances.
- Right to object – to object to processing based on legitimate interests or direct marketing.
- Right to data portability – to request your data in a reusable format where applicable.
- Right to withdraw consent – where we rely on consent, you may withdraw it at any time.
You also have the right to raise concerns about how your data is handled. If you believe your data protection rights have been breached, you may contact the UK Information Commissioner’s Office (ICO).
9. Marketing Preferences
If you receive marketing communications from us, they will only be sent where allowed by law. You can opt out of marketing at any time. When you opt out, we will stop sending promotional messages, although we may still contact you for service-related or legal reasons.
We respect your choices and aim to keep marketing communications limited, relevant, and appropriate.
10. Children’s Data
Our services are directed to adult customers and property owners or authorised representatives. We do not knowingly collect personal data from children as part of our normal business operations. If we learn that we have inadvertently received information relating to a child, we will take appropriate steps to delete or protect it.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in law, business practices, or the way we process personal data. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their information is handled.
12. Summary of Our Commitment
Tree Surgeons Woodgreen is committed to protecting personal data, using it fairly, and being transparent about how it is processed. We collect only what we need, use it for clear and lawful purposes, retain it for no longer than necessary, and share it only with trusted processors or where required by law.
In short: your privacy matters to us, and we aim to manage your information responsibly at every stage of our service.