Privacy Policy - Tree Surgeons Southfields
This Privacy Policy explains how Tree Surgeons Southfields collects, uses, stores, shares, and protects personal data when providing tree surgery, arboricultural, and related services. It applies to all Tree Surgeons Southfields customers in the area, including prospective customers, current customers, former customers, and anyone who enquires about our services. We are committed to handling personal information in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who this policy applies to
This policy applies to all Tree Surgeons Southfields customers in area, as well as individuals who contact us for quotations, site surveys, emergency callouts, tree maintenance, stump removal, hedge cutting, or other arboricultural services. It also applies to property owners, tenants, managing agents, contractors, and any third parties whose personal data we may process while delivering our services.
2. Personal data we collect
We only collect personal data that is necessary to provide our services, manage our business, and comply with legal obligations. The types of data we may collect include:
- Identity data such as your name and title.
- Contact data such as postal address, email address, and telephone number.
- Property and service data such as property access details, site notes, work specifications, photographs, and records of the trees or vegetation we have been asked to inspect or treat.
- Payment data such as payment status, billing details, and transaction references. We do not store full card details if payments are processed through secure third-party providers.
- Communication data such as enquiries, complaint details, and correspondence history.
- Technical data such as limited information collected through our systems, for example IP address or device information where required for security or fraud prevention.
In some cases, we may also process special category data if it is voluntarily provided by you or is necessary for safeguarding, accessibility, or legal reasons. We only do this where a valid legal condition applies and where additional protections are in place.
3. How we collect your data
We may collect personal data directly from you when you:
- request a quote or consultation;
- book a service;
- communicate with us by phone, email, or other means;
- provide information during a site visit;
- make a payment or request an invoice;
- submit feedback, a complaint, or a general enquiry.
We may also receive personal data from third parties where necessary, such as landlords, letting agents, management companies, insurers, or local authorities, when they arrange services or authorise work on your behalf.
4. Lawful basis for processing
We process personal data only when we have a lawful basis under UK GDPR. Depending on the purpose, our lawful bases may include:
4.1 Contract
We process your data where it is necessary to enter into or perform a contract with you, including providing quotes, arranging visits, completing tree surgery work, issuing invoices, and managing aftercare.
4.2 Legal obligation
We may process data to comply with legal obligations, including accounting requirements, tax laws, health and safety duties, insurance requirements, and record-keeping obligations.
4.3 Legitimate interests
We may process data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights. This may include managing customer relationships, improving services, handling enquiries, preventing fraud, and maintaining business records. We always consider whether the processing is proportionate and respectful of your privacy.
4.4 Consent
In limited situations, we may rely on your consent, for example for optional marketing communications or for processing certain information where no other lawful basis applies. Where consent is used, you can withdraw it at any time.
4.5 Vital interests and public task
These bases are unlikely to apply in most cases, but may be used in exceptional circumstances where necessary to protect someone’s life or where required by law.
5. How we use personal data
We use personal data to:
- respond to enquiries and provide quotations;
- schedule and deliver tree surgery and related services;
- carry out risk assessments and site planning;
- communicate about appointments, delays, or follow-up work;
- issue invoices, process payments, and manage accounts;
- keep accurate business and compliance records;
- deal with disputes, complaints, and claims;
- improve our services and customer experience;
- maintain the security and integrity of our systems and operations.
We do not use your data for purposes that are incompatible with the reasons it was collected unless we have a lawful basis to do so.
6. Data sharing and processors
We may share personal data with carefully selected third parties who act as processors or independent controllers, only where necessary and appropriate. These may include:
- IT and cloud service providers that host or support our systems;
- accounting, bookkeeping, and invoicing platforms;
- payment processors;
- health and safety advisers or insurers;
- professional advisers such as legal or tax advisers;
- subcontractors assisting with service delivery, where required;
- public authorities, regulators, or law enforcement where legally required.
Where a processor acts on our behalf, we ensure there is a written agreement in place requiring them to protect your data, use it only for our instructions, and implement appropriate security measures. We do not sell personal data.
7. International transfers
If any processor stores or accesses data outside the UK, we will ensure that appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or other approved transfer mechanisms. We take care to ensure your personal data remains protected to a standard consistent with UK GDPR.
8. Data retention
We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Retention periods may vary depending on the type of record and the reason for processing.
- Customer and service records are generally retained for the period needed to manage the relationship and for a reasonable time afterwards in case of disputes or follow-up work.
- Financial and tax records are retained for the period required by law.
- Health and safety records may be retained for longer where required for legal defence or compliance.
- Marketing preferences are retained until you withdraw consent or object to processing.
When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.
9. Data security
We use reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, password protection, staff training, and restricted sharing of information on a need-to-know basis. Although no system can be completely secure, we work to reduce risks and protect your privacy as far as reasonably possible.
10. Your rights
Under UK GDPR, you have several rights in relation to your personal data. Subject to legal limits, you may have the right to:
- Access your personal data and receive a copy of it;
- Rectify inaccurate or incomplete information;
- Erase your data in certain circumstances;
- Restrict how we use your data in certain situations;
- Object to processing based on legitimate interests or direct marketing;
- Data portability for information you provided to us, where applicable;
- Withdraw consent at any time where processing is based on consent.
You also have the right to make a complaint to the Information Commissioner’s Office (ICO) if you are unhappy with how your data has been handled. We encourage you to raise concerns with us first so we can try to resolve the issue promptly and fairly.
11. Children’s data
Our services are directed at adult customers and property-related contacts. We do not knowingly collect personal data from children unless it is incidental to a service and lawful to do so. If we become aware that we have collected data from a child without an appropriate basis, we will take steps to delete it.
12. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data protection practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage you to review the policy periodically so you remain informed about how your data is used.
13. Further information
If you have questions about this policy or how we handle personal data, you may request further information about our data protection practices. We will aim to respond clearly, promptly, and in a way that respects your privacy rights.
Summary statement: Tree Surgeons Southfields processes personal data lawfully, securely, and only as needed to provide services, comply with obligations, manage records, and respect the rights of all customers in area.