Privacy Policy - Tree Surgeons Sevenkings
This Privacy Policy explains how Tree Surgeons Sevenkings collects, uses, stores, shares, and protects personal data. It applies to all Tree Surgeons Sevenkings customers in the area, including prospective customers, current customers, and anyone who has contacted us for services, quotations, surveys, or related support. We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK GDPR and the Data Protection Act 2018.
1. Who We Are
Tree Surgeons Sevenkings provides tree surgery and related outdoor services. In the course of delivering these services, we may collect and process personal data about customers, property owners, tenants, site managers, and other individuals connected with a booking or enquiry. For the purposes of data protection law, we act as a data controller when we decide why and how personal data is processed.
2. Information We Collect
We only collect personal data that is relevant and necessary for providing our services, managing our customer relationship, meeting legal obligations, and maintaining our records. The types of information we may collect include:
- Identity details such as name, title, and, where relevant, business name.
- Contact details such as telephone number, email address, and postal address.
- Property and service details such as site address, service instructions, access notes, and work specifications.
- Payment and billing information such as invoice records, payment status, and transaction references.
- Communication records including emails, messages, call notes, complaints, and service updates.
- Technical information where relevant, such as basic website or device information collected through standard security and performance tools.
- Photographs and site records taken before, during, or after works for quoting, project management, evidence, or quality control.
We do not intentionally collect special category data unless it is necessary and lawful to do so. If such information is provided to us unexpectedly, we will handle it with appropriate care and in accordance with legal requirements.
3. How We Use Personal Data
We use personal data for the following purposes:
- to respond to enquiries and provide quotes;
- to arrange site visits, deliver services, and manage bookings;
- to issue invoices, process payments, and keep financial records;
- to communicate about work progress, schedule changes, and service outcomes;
- to maintain records of the work carried out and customer instructions;
- to handle complaints, disputes, and warranty or follow-up matters;
- to meet tax, accounting, insurance, and legal obligations;
- to improve our services, operations, and customer experience;
- to protect our business, our staff, and our customers from fraud, misuse, or unlawful activity.
We will not use your personal data for unrelated purposes without first ensuring that we have a lawful basis to do so.
4. Lawful Basis for Processing
We rely on one or more of the following lawful bases under the UK GDPR:
a) Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes providing quotes, arranging work, carrying out tree surgery services, and managing invoices or post-service issues.
b) Legal Obligation
We may process personal data to comply with legal duties, such as accounting, tax, health and safety, insurance, and record-keeping requirements.
c) Legitimate Interests
We may process data where it is necessary for our legitimate interests, provided your rights and freedoms do not override those interests. This may include record management, service improvement, preventing fraud, maintaining security, and responding to customer enquiries.
d) Consent
In limited situations, we may rely on your consent, for example where it is required for optional communications or specific uses of certain information. Where consent is used, you may withdraw it at any time.
5. How Long We Keep Data
We retain personal data only for as long as necessary for the purpose for which it was collected, and to satisfy legal, accounting, or reporting obligations. Retention periods may vary depending on the nature of the information and the service provided. In general:
- customer enquiry records are kept for a reasonable period after the enquiry ends;
- quotation and service records are kept for the duration of the customer relationship and for a further period where needed for administration, disputes, or audit purposes;
- invoice, payment, and accounting records are kept in line with legal and tax requirements;
- site photographs and work notes are retained where needed to evidence work completed or to resolve issues;
- data no longer required is securely deleted or anonymised.
When deciding retention periods, we consider the volume, nature, and sensitivity of the data, potential risks, and legal requirements. We do not keep personal data longer than necessary.
6. Sharing Personal Data and Processors
We may share personal data with trusted third parties where necessary to operate our business and provide services. These third parties act either as independent controllers or as processors acting on our instructions. We use processors only where they provide suitable safeguards, confidentiality commitments, and appropriate security measures.
Examples of processors and service providers may include:
- accounting and bookkeeping providers;
- payment processing services;
- cloud storage and data hosting providers;
- email, messaging, and communication systems;
- IT support and security services;
- customer administration and scheduling tools;
- professional advisers such as insurers, legal advisers, or auditors where needed.
We may also disclose data where required by law, court order, regulatory request, or to protect our legal rights. We do not sell personal data.
7. International Transfers
Where a processor or service provider stores or accesses data outside the UK, we will ensure that appropriate safeguards are in place to protect that information. These safeguards may include adequacy regulations, standard contractual clauses, or equivalent lawful transfer mechanisms. We aim to ensure that any international transfer is carried out securely and in compliance with data protection law.
8. Data Security
We use appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include secure storage, access controls, password protection, staff confidentiality obligations, and careful selection of service providers. While no system can be guaranteed completely secure, we take data protection seriously and review our safeguards regularly.
9. Your Rights
Under data protection law, you have a number of rights in relation to your personal data. These include:
- Right of access – to ask for a copy of the personal data we hold about you.
- Right to rectification – to ask us to correct inaccurate or incomplete data.
- Right to erasure – to ask us to delete your data in certain circumstances.
- Right to restriction – to ask us to limit how we use your data in certain situations.
- Right to object – to object to processing based on legitimate interests or direct marketing.
- Right to data portability – to receive certain data in a portable format where applicable.
- Right to withdraw consent – where processing is based on consent.
These rights are not absolute and may be subject to exemptions or limits under the law. If you exercise a right, we may need to verify your identity before responding. We will aim to respond within the timescales required by law.
10. Children’s Data
Our services are generally intended for adults and business customers. We do not knowingly collect personal data from children unless it is incidental to a service arrangement and collected lawfully. If we become aware that data has been collected improperly from a child, we will take steps to address it.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how we handle personal data.
12. Complaints
If you have concerns about how we handle your personal data, we encourage you to raise the issue so that we can try to resolve it. You also have the right to complain to the relevant data protection authority if you believe your rights have been infringed.
By using our services or contacting Tree Surgeons Sevenkings, you acknowledge that your personal data may be processed as described in this Privacy Policy.