Privacy Policy - Tree Surgeons Hatchend
This Privacy Policy explains how Tree Surgeons Hatchend collects, uses, stores, and protects personal data when providing tree surgery and related arboricultural services. It applies to all Tree Surgeons Hatchend customers in the area, including prospective customers, current customers, and anyone who interacts with us in connection with an enquiry, quotation, booking, or service visit.
We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy should help you understand what information we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have over your data.
1. Information We Collect
We may collect and process the following categories of personal data:
- Identity information: name, title, and where relevant, business or property ownership details.
- Contact information: address, email address, and phone number.
- Service information: details of the work requested, site notes, quotation history, job records, and service preferences.
- Payment information: billing details, payment status, and transaction records. We do not intentionally store full card details unless required by a secure payment provider.
- Communication records: emails, messages, call notes, and any other correspondence relating to enquiries, complaints, or service delivery.
- Technical information: limited device or browser information if you contact us through digital services, where relevant for security or troubleshooting.
- Photographs and site images: images of trees, properties, access points, or completed work, when necessary for quoting, safety, documentation, or quality control.
We generally collect personal data directly from you. In some cases, we may also receive information from third parties such as landlords, managing agents, neighbours, commercial clients, insurers, or local authorities where this is necessary for the work to be carried out or arranged.
2. How We Use Your Data
Tree Surgeons Hatchend uses personal data for the following purposes:
- to respond to enquiries and provide quotations;
- to assess site conditions and plan tree surgery work;
- to arrange and deliver services safely and efficiently;
- to manage customer relationships and service updates;
- to issue invoices, record payments, and maintain financial records;
- to meet legal, regulatory, tax, insurance, and safety obligations;
- to maintain internal records and improve service quality;
- to deal with complaints, disputes, or claims;
- to protect the security of our systems, staff, and customers;
- to keep evidence of completed work where required for operational or compliance reasons.
We only use your data where we have a valid legal reason to do so. We do not use personal data for unrelated purposes without informing you, unless the law permits or requires us to do so.
3. Lawful Basis for Processing
Under UK GDPR, we rely on one or more of the following lawful bases when processing personal data:
Contract
We process data where it is necessary to enter into or perform a contract with you. This includes providing quotations, arranging work, carrying out tree surgery, invoicing, and managing related customer communications.
Legal Obligation
We may process data when necessary to comply with legal requirements, including accounting, tax, health and safety, insurance, and record-keeping obligations.
Legitimate Interests
We may process data for our legitimate business interests where those interests are not overridden by your rights and freedoms. This can include managing customer records, improving services, preventing fraud, securing our systems, and documenting work for operational purposes. Where we rely on legitimate interests, we consider whether the processing is necessary and proportionate.
Consent
In limited cases, we may rely on your consent, for example for optional marketing communications or certain forms of non-essential contact. Where consent is used, you can withdraw it at any time.
4. Retention of Personal Data
We keep personal data only for as long as necessary for the purposes for which it was collected, including for legal, accounting, insurance, and operational requirements. Retention periods may vary depending on the type of data and the reason it is held.
- Enquiry and quotation records: typically kept for a reasonable period to manage follow-up, quotations, and customer history.
- Job and service records: retained for the duration required to evidence completed work, handle aftercare, and support any disputes or claims.
- Financial and invoicing records: retained in line with tax and accounting obligations.
- Safety and compliance records: kept for as long as required under applicable laws, industry standards, or insurance requirements.
When personal data is no longer needed, we will delete, anonymise, or securely archive it so that it is not kept longer than necessary. Where data is stored in backups or archival systems, it will remain protected until it is permanently removed in line with our retention procedures.
5. Processors and Third Parties
We may share personal data with trusted third parties who process data on our behalf or act as independent controllers. These may include:
- IT and cloud service providers: for secure storage, email, and document management;
- accounting and bookkeeping providers: for invoicing, tax, and financial administration;
- payment processors: for handling secure transactions;
- insurance providers and brokers: where claims, risk, or policy administration is involved;
- professional advisers: such as legal or compliance advisers;
- subcontractors or specialist contractors: where additional expertise or support is required to deliver a project;
- regulators, public authorities, or law enforcement: where disclosure is required by law.
Where a third party acts as a processor, they are required to handle personal data only on our instructions and to apply appropriate security and confidentiality measures. We do not sell your personal data.
6. Data Security
We take the security of personal data seriously and use appropriate technical and organisational measures to protect it from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, password protection, staff confidentiality obligations, and careful management of documents and site records.
Although no system can be guaranteed to be completely secure, we work to reduce risks and respond promptly if a data incident occurs. Where required by law, we will notify affected individuals and the relevant authorities of a personal data breach.
7. International Transfers
If any personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place to protect it. Such safeguards may include adequacy regulations, standard contractual clauses, or equivalent legal mechanisms recognised under data protection law.
8. Your Rights
Under data protection law, you have a number of rights regarding your personal data. These rights may be subject to exemptions or limitations depending on the circumstances.
- Right of access: you can request a copy of the personal data we hold about you.
- Right to rectification: you can ask us to correct inaccurate or incomplete information.
- Right to erasure: in certain situations, you can request that we delete your personal data.
- Right to restriction: you may ask us to limit how we use your data in some circumstances.
- Right to object: you can object to processing based on legitimate interests or direct marketing.
- Right to data portability: where applicable, you can request that data be provided in a structured, commonly used format.
- Right to withdraw consent: if we rely on consent, you may withdraw it at any time.
If you wish to exercise any of these rights, we will consider your request in accordance with applicable law and respond within the required timeframes. We may need to verify your identity before acting on your request.
9. Marketing Communications
We will only send marketing messages where permitted by law and, where required, with your consent. You can opt out of marketing at any time. Where you object to marketing, we will stop using your data for that purpose as soon as reasonably practicable.
10. Cookies and Online Interactions
If you interact with our digital systems, limited technical information may be collected to support security, functionality, or performance. Any use of cookies or similar technologies will be managed in accordance with applicable law. Where consent is required for non-essential cookies, you will be given appropriate choices.
11. Children
Our services are intended for adults and business customers. We do not knowingly collect personal data from children unless it is necessary in a specific case and appropriate safeguards are in place.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, business practices, or service arrangements. The latest version will apply from the date it is published or otherwise communicated. We encourage you to review it periodically to stay informed about how we protect your personal data.
13. Summary of Our Commitment
Tree Surgeons Hatchend is committed to protecting customer privacy and handling personal data responsibly. We collect only the information needed to provide our services, use it for clear and lawful purposes, retain it only as long as necessary, and work with trusted processors who are bound by appropriate safeguards. You also have important rights over your information, and we will respect and support those rights in accordance with data protection law.
By using our services, making an enquiry, or engaging with us in the area, this Privacy Policy applies to you as a Tree Surgeons Hatchend customer.