Privacy Policy - Tree Surgeons Catford
This Privacy Policy explains how Tree Surgeons Catford collects, uses, stores, shares, and protects personal data. It applies to all Tree Surgeons Catford customers in the area, including prospective customers, existing customers, property owners, tenants, business clients, and anyone who contacts us about our services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Introduction
We respect your privacy and aim to make our data practices clear. This policy applies whenever you use our tree surgery services, request a quote, make an enquiry, or otherwise interact with us. By engaging with our services, you acknowledge that your information may be processed for the purposes described in this policy.
We only collect and use personal data where we have a valid legal reason to do so. We also aim to collect only the information that is necessary for the relevant purpose.
2. Personal Data We Collect
We may collect and process the following categories of personal data:
- Identity data: name, title, and, where relevant, business or company name.
- Contact data: address, email address, telephone number, and service address.
- Service and property data: details about the trees, site conditions, access arrangements, and work requested.
- Communication data: records of emails, phone calls, forms, messages, and other correspondence.
- Transaction data: information relating to quotations, invoices, payments, and service history.
- Technical data: limited information such as IP address or device data if collected through online systems used to manage enquiries.
- Legal and compliance data: records needed to meet regulatory, insurance, health and safety, or tax obligations.
We do not seek to collect special category data unless it is necessary and lawful to do so. If such information is provided to us inadvertently, we will handle it carefully and only process it where we have an appropriate legal basis.
3. How We Collect Data
We collect personal data in several ways:
- Directly from you when you request a quote, make an enquiry, or instruct us to carry out work.
- When you communicate with us by phone, email, text, or other messaging methods.
- From property visits and site assessments required to provide an accurate service.
- From third parties where necessary, such as landlords, managing agents, business representatives, insurers, or subcontracted professionals acting on your behalf.
- From publicly available sources when required for verification, compliance, or business administration.
We do not sell personal data. We also do not collect more information than is reasonably needed for the purpose of delivering our services and meeting our legal obligations.
4. How We Use Your Data
We use personal data for the following purposes:
- To respond to enquiries and provide quotations.
- To assess trees, properties, and site conditions before carrying out work.
- To plan, deliver, and manage tree surgery services safely and efficiently.
- To issue invoices, take payments, and maintain financial records.
- To keep records of work completed, customer preferences, and service history.
- To comply with legal, insurance, tax, and health and safety requirements.
- To resolve complaints, disputes, or claims.
- To improve our services and business operations.
We process personal data only where it is necessary for these purposes and where a lawful basis applies.
5. Lawful Basis for Processing
Under UK GDPR, we must have a lawful basis for processing your personal data. Depending on the circumstances, we rely on one or more of the following:
Contract
We process data where it is necessary to enter into or perform a contract with you. This includes preparing quotations, booking work, carrying out tree surgery services, and managing payments.
Legal Obligation
We may process data where required to comply with legal obligations, including tax, accounting, insurance, health and safety, and record-keeping requirements.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided your rights do not override those interests. This may include responding to customer enquiries, managing and improving our services, maintaining business records, and protecting against fraud or misuse. We always consider whether the processing is proportionate and whether your privacy interests are affected.
Consent
In limited cases, we may rely on your consent, for example where optional marketing or certain non-essential uses of data are involved. If consent is used, you may withdraw it at any time.
6. Data Sharing and Processors
We may share personal data with trusted third parties who help us operate our business. These parties may act as data processors or, in some circumstances, as independent controllers. We require processors to handle personal data securely and only according to our instructions.
Examples of processors or service providers may include:
- Accountants and bookkeeping service providers.
- Payment processors and financial service providers.
- IT support, cloud storage, and software providers used for admin, scheduling, or record management.
- Subcontractors assisting with specialist work, where necessary for service delivery.
- Professional advisers, insurers, or legal advisers where required.
We may also disclose data where required by law, court order, regulatory authority, or to protect the rights, property, or safety of our business, customers, staff, or others.
Where personal data is transferred to a third party, we take steps to ensure it is protected and handled appropriately.
7. Retention of Personal Data
We keep personal data only for as long as necessary for the purpose for which it was collected, including legal, accounting, insurance, and dispute resolution requirements. Retention periods may vary depending on the type of data and the nature of the service provided.
- Enquiry records: kept for a reasonable period after the enquiry ends, unless longer retention is needed.
- Customer and job records: retained for the period required to manage service history, warranty issues, claims, and legal obligations.
- Financial records: kept in line with tax and accounting requirements.
- Legal or insurance-related records: retained as needed to defend or make claims.
When personal data is no longer required, we will delete it or anonymise it securely.
8. Data Security
We use appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, staff awareness, and limiting data access to those who need it for business purposes.
Although no system can be guaranteed as completely secure, we work to reduce risk and protect the information we hold.
9. Your Rights
Under data protection law, you have rights in relation to your personal data. These rights may include:
- Right of access: you can ask for a copy of the personal data we hold about you.
- Right to rectification: you can ask us to correct inaccurate or incomplete data.
- Right to erasure: you can ask us to delete your data in certain circumstances.
- Right to restrict processing: you can ask us to limit how we use your data in certain situations.
- Right to data portability: you can ask for certain information in a machine-readable format where applicable.
- Right to object: you can object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.
To exercise your rights, you should make a clear request and provide enough information for us to identify you and understand your request. We may need to verify your identity before responding. We will respond within the time limits set by data protection law.
10. Automated Decision-Making
We do not use personal data for automated decision-making or profiling that produces legal or similarly significant effects on individuals.
11. Complaints
If you are unhappy with how we handle your personal data, you may raise a concern with us so that we can review and address it. You also have the right to lodge a complaint with the relevant data protection authority if you believe your rights have been infringed.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any revised version will apply from the date it is published or otherwise made available.
13. Applicability
This Privacy Policy applies to all Tree Surgeons Catford customers in the area and to anyone whose personal data we process in connection with our services. By using our services or contacting us, you acknowledge that your data may be used in accordance with this policy and applicable law.
In summary: we collect only the data we need, use it lawfully, keep it secure, share it carefully with trusted processors, and respect your rights under data protection law.