Privacy Policy - Tree Surgeons Crouchend
This Privacy Policy explains how Tree Surgeons Crouchend collects, uses, stores, shares, and protects personal data. It applies to all Tree Surgeons Crouchend customers in the area, including prospective customers, property owners, tenants, and any person who makes an enquiry, requests a quote, books a service, or receives tree surgery, arboricultural, or related property maintenance services from us.
We are committed to handling personal data in a lawful, fair, and transparent way in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is intended to help individuals understand what information we collect, why we collect it, how long we keep it, and what rights they have.
1. Data We Collect
We only collect personal data that is necessary for running our business, providing services, and meeting legal obligations. The type of data we may collect includes:
- Identity details such as your name, title, and organisation name where relevant.
- Contact details such as telephone number, email address, and service address.
- Property and service information including details about trees, access requirements, site conditions, and work requested.
- Communication records including messages, enquiries, call notes, and correspondence relating to quotations, appointments, complaints, or follow-up care.
- Billing and payment information such as invoice details, payment status, and transaction references. We do not intentionally store unnecessary payment card information.
- Technical data where applicable, such as IP address or device information when enquiries are submitted through digital systems.
- Operational records including photographs of trees, site conditions, and completed work for quoting, safety, training, quality control, and evidence purposes.
We do not intentionally collect special category data unless it is provided to us for a specific reason and is necessary for a lawful purpose. If such information is received, we will only process it where permitted by law and with appropriate safeguards.
2. How We Use Personal Data
We use personal data for the following purposes:
- to respond to enquiries and provide quotations;
- to assess work requirements and plan safe delivery of services;
- to schedule appointments and carry out tree surgery or related services;
- to manage customer accounts, invoices, and payment processing;
- to maintain records of completed work and service history;
- to handle complaints, disputes, and service follow-up;
- to comply with legal, regulatory, insurance, and health and safety obligations;
- to improve our services, business operations, and customer experience;
- to protect our legitimate interests, including preventing fraud and ensuring security.
We will only use personal data for the purposes for which it was collected, unless we reasonably believe another compatible purpose applies or we are required by law to do otherwise.
3. Lawful Basis for Processing
Under UK GDPR, we must have a lawful basis to process personal data. Depending on the activity, Tree Surgeons Crouchend may rely on one or more of the following lawful bases:
Contract
We process data where it is necessary to enter into or perform a contract with you. This includes preparing quotations, arranging services, performing agreed work, issuing invoices, and managing payments.
Legal obligation
We process data when required to comply with legal obligations, including tax, accounting, insurance, health and safety, and record-keeping requirements.
Legitimate interests
We may process data where it is necessary for our legitimate business interests, provided these interests are not overridden by your rights and freedoms. This can include responding to customer enquiries, improving services, maintaining security, preventing misuse, and keeping essential business records.
Consent
In limited cases, we may rely on consent, for example where it is appropriate for optional communications or specific uses not covered by other lawful bases. Where consent is used, you may withdraw it at any time.
4. Sharing and Processors
We may share personal data with trusted third parties who help us operate our business. These organisations act as processors or independent controllers depending on the service they provide.
Examples of processors may include:
- Accounting and bookkeeping providers that manage invoices, tax records, and financial administration.
- IT and cloud service providers that store data securely and support business systems.
- Communication providers that support email, telephone, and message handling.
- Scheduling or job management systems used to organise bookings and service records.
- Professional advisers such as legal, insurance, or compliance advisers where necessary.
We only share data when it is necessary, and we require processors to handle information securely and only in accordance with our instructions and applicable data protection law.
We may also disclose personal data where required by law, by a court order, to protect our rights, or to prevent harm, fraud, or illegal activity.
5. Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected, including for legal, accounting, and insurance requirements. Retention periods may vary depending on the type of information and the context in which it was provided.
In general:
- enquiry records may be kept for a reasonable period to manage follow-up and customer service;
- quotation and service records may be kept to support business administration and future reference;
- invoice, tax, and accounting records are kept for the period required by law;
- health and safety-related documents and work records may be kept for longer where required for compliance, insurance, or dispute handling.
When data is no longer needed, we will delete it securely or anonymise it so that it can no longer identify an individual.
6. Security of Personal Data
We take reasonable technical and organisational measures to protect personal data from loss, misuse, unauthorised access, disclosure, or alteration. These measures may include restricted access, secure storage, staff awareness, and use of trusted systems.
While we work to protect personal data, no method of transmission or storage is completely secure. For that reason, we cannot guarantee absolute security, but we will act promptly and appropriately if an incident occurs.
7. Your Rights
Individuals have a number of rights under data protection law. Depending on the circumstances, you may have the right to:
- access the personal data we hold about you;
- rectify inaccurate or incomplete data;
- erase your data in certain situations;
- restrict processing in certain situations;
- object to processing based on legitimate interests or direct marketing;
- data portability for information you provided to us where applicable;
- withdraw consent where we rely on consent;
- lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your rights have been infringed.
We may need to verify your identity before responding to a rights request. Some rights may not apply in every situation, particularly where we are required to retain data for legal, administrative, or security reasons.
8. Children’s Data
Our services are directed at property owners, tenants, and adults responsible for premises. We do not knowingly collect personal data from children unless it is incidentally included in a service-related communication and is necessary for legitimate business purposes. If we become aware that data has been collected inappropriately, we will take appropriate steps to address it.
9. International Transfers
Where data processors or service providers store or access data outside the UK, we will take appropriate steps to ensure that personal data remains protected to a standard recognised by UK data protection law. This may include the use of approved safeguards and contractual protections.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in law, business practices, or the services we provide. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed.
11. Summary of Our Commitments
Tree Surgeons Crouchend is committed to processing personal data responsibly, securely, and only when necessary. We collect only the information needed to provide our services, manage our business, and meet our obligations. We use clear lawful bases, retain data for appropriate periods, and work with processors who are expected to protect personal data to a high standard.
By using our services, making an enquiry, or engaging with us in any way, customers in the area acknowledge that personal data may be processed in accordance with this Privacy Policy and the requirements of applicable data protection law.
This Privacy Policy is intended to support transparency and compliance while helping customers understand how their data is used and protected.