Privacy Policy - Tree Surgeons Walthamstow
This Privacy Policy explains how Tree Surgeons Walthamstow collects, uses, stores, shares, and protects personal data in connection with the services we provide. It applies to all Tree Surgeons Walthamstow customers in the area, including prospective customers, current customers, and people who enquire about our services.
We are committed to handling personal data in a lawful, fair, and transparent way in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We respect your privacy and only process data where we have a valid legal basis to do so.
1. Who We Are
Tree Surgeons Walthamstow provides tree surgery and related arboricultural services to residential and commercial customers. In this policy, “we”, “us”, and “our” refer to Tree Surgeons Walthamstow. “You” refers to any individual whose personal data we process.
For the purposes of data protection law, we act as the data controller for personal data collected and used in relation to our services, quotations, appointments, and customer communications.
2. Personal Data We Collect
We may collect and process the following categories of personal data:
- Identity details such as your name and title.
- Contact details such as address, email address, and telephone number.
- Property and service details relating to the location of the work, site access, tree conditions, and service requirements.
- Communication records including enquiries, quotations, service updates, complaints, and feedback.
- Payment and billing information where necessary for invoicing and payment processing.
- Technical data such as website usage information if you submit a form or interact with digital services we use.
- Photographs and site notes where required to assess tree work, document completed services, or support health and safety records.
We do not intentionally collect special category data unless it is provided by you and is necessary for a specific lawful purpose. If such information is shared with us, we will only process it where permitted by law and with appropriate safeguards.
3. How We Collect Your Data
We collect personal data directly from you when you:
- request a quotation or consultation;
- book a service;
- contact us by phone, email, or other communication channels;
- provide site access or service instructions;
- make a payment or request an invoice;
- leave feedback or make a complaint.
We may also collect limited information from third parties where necessary, such as property owners, managing agents, contractors, or other persons acting on your behalf. In some cases, we may use publicly available sources to verify property details or service locations.
4. Lawful Basis for Processing
We only process personal data when we have a lawful basis under UK GDPR. Depending on the circumstances, we rely on the following bases:
Performance of a contract
We process data to provide quotations, arrange appointments, carry out tree surgery services, issue invoices, and fulfil our obligations to you.
Legal obligation
We may process and retain certain records to comply with legal, tax, accounting, insurance, and health and safety requirements.
Legitimate interests
We may process data for legitimate business interests, such as responding to enquiries, managing customer relationships, maintaining service quality, preventing fraud, and keeping operational records, provided these interests do not override your rights and freedoms.
Consent
Where required, we will rely on your consent, for example in relation to optional communications or certain uses of images. You may withdraw consent at any time where processing is based on consent.
Important: We do not rely on consent where another lawful basis is more appropriate and more reliable for service delivery.
5. How We Use Personal Data
We may use your data to:
- provide quotes and assess job requirements;
- deliver tree surgery and related services;
- manage bookings, cancellations, and follow-up work;
- send invoices, receive payments, and manage accounts;
- maintain service records and health and safety documentation;
- respond to questions, complaints, and customer support requests;
- improve our services and internal operations;
- meet legal, regulatory, and insurance obligations.
We will only use your information for the purposes for which it was collected unless we reasonably determine that it is necessary for a compatible purpose and permitted by law.
6. Data Sharing and Processors
We may share personal data with trusted third parties who act as processors or independent controllers, only where this is necessary and appropriate. These may include:
- Payment providers for secure payment processing.
- Accounting and bookkeeping providers for financial administration.
- IT, cloud storage, and software providers that support our records, communications, and operational systems.
- Waste disposal or site clearance providers where coordination is required for service completion.
- Professional advisers such as insurers, legal advisers, or auditors when necessary.
- Public authorities where disclosure is required by law or necessary to protect rights, safety, or property.
Where we use processors, we ensure they are contractually required to protect personal data, act only on our instructions, and maintain appropriate technical and organisational security measures. We do not sell personal data.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, tax, insurance, and record-keeping requirements.
Retention periods may vary depending on the type of information and the nature of the work. For example:
- Customer and service records may be kept for as long as needed to manage the service relationship and for a reasonable period afterwards.
- Financial records are typically retained for the period required by tax and accounting law.
- Health and safety records may be retained for longer where necessary to demonstrate compliance or manage claims.
- Enquiry records from people who do not proceed with our services may be kept for a limited time for business administration and follow-up, unless you ask us to delete them sooner and we are not required to keep them.
When data is no longer needed, we will delete it securely or anonymise it so that it can no longer identify you.
8. Data Security
We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, or alteration. These measures may include access controls, secure storage, staff confidentiality obligations, and careful management of records. While no system can be guaranteed completely secure, we take data protection seriously and review our practices regularly.
9. Your Rights
Under data protection law, you have a number of rights in relation to your personal data. These include:
- Right of access - you can request a copy of the personal data we hold about you.
- Right to rectification - you can ask us to correct inaccurate or incomplete information.
- Right to erasure - you can ask us to delete your data in certain circumstances.
- Right to restrict processing - you can ask us to limit how we use your data in certain cases.
- Right to data portability - you can ask for certain data to be provided to you or another controller in a structured format.
- Right to object - you can object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent - where processing is based on consent, you can withdraw it at any time.
These rights are not absolute, and they may be subject to legal exceptions or limitations. If you wish to exercise any of your rights, we will respond in line with applicable law and within the required timeframes.
10. International Transfers
Where any service provider stores or processes data outside the UK, we will take appropriate steps to ensure that personal data remains protected to a standard consistent with UK GDPR. This may include using approved safeguards and contractual protections where required.
11. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children unless it is necessary in relation to a service request made by a parent, guardian, or authorised adult. If we become aware that we have collected child-related data without proper authority, we will take appropriate steps to address it.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. Any updated version will apply from the date it is published. We encourage you to review this policy periodically so that you remain informed about how we handle personal data.
13. Complaints and Concerns
If you have concerns about how your personal data is handled, you may raise them with us so that we can review and address the issue. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you believe your data protection rights have been infringed.
14. Summary of Our Commitment
Tree Surgeons Walthamstow is committed to processing personal data responsibly, securely, and lawfully. We collect only the information needed to provide our services, rely on valid lawful bases, retain data for appropriate periods, and use trusted processors under contract. We also respect your rights and will act on valid requests in accordance with data protection law.
This Privacy Policy applies to all Tree Surgeons Walthamstow customers in the area.