Privacy Policy - Tree Surgeons Nottinghill
Tree Surgeons Nottinghill is committed to protecting the privacy and personal data of all customers in the area. This Privacy Policy explains how we collect, use, store, share, and protect personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all Tree Surgeons Nottinghill customers in the area, including anyone who requests a quotation, books a service, makes an enquiry, or otherwise engages our services.
1. Who We Are
For the purposes of data protection law, Tree Surgeons Nottinghill acts as the data controller for personal information collected in connection with our tree surgery and related services. This means we decide why and how your personal data is processed. We are responsible for ensuring that your information is handled lawfully, fairly, and transparently.
2. Information We Collect
We may collect and process different types of personal data depending on how you interact with us. The data we collect is limited to what is necessary for the purposes described in this policy.
Information you provide directly
- Identity details, such as your name
- Contact details, such as phone number, email address, and service address
- Property details relevant to the requested work
- Service preferences and instructions
- Billing information and payment-related records
- Communication records, including emails, call notes, and messages
- Photos or site information you choose to provide to help us assess work
Information collected automatically
When you contact us online or through digital communication channels, we may collect limited technical data such as device type, browser information, time and date of communication, and basic usage information. This helps us improve service quality, maintain security, and manage our operations. We do not use this information to identify you unless necessary for service delivery or legal compliance.
Information from third parties
In some situations, we may receive data from third parties such as referees, property managers, insurers, or subcontracted service partners where it is necessary to perform our services or meet legal obligations. We only process such data where appropriate and lawful.
3. How We Use Your Data
We use personal data only for specific, legitimate purposes related to our services. These include:
- Providing quotations and assessing service requirements
- Scheduling, carrying out, and managing tree surgery work
- Communicating with customers about appointments, updates, and service matters
- Processing payments and maintaining financial records
- Managing complaints, queries, and aftercare
- Meeting insurance, legal, tax, and accounting obligations
- Maintaining safety records and risk management documentation
- Improving service quality and customer experience
We will not use your personal data for purposes that are incompatible with the reasons it was collected unless we have a lawful basis to do so.
4. Lawful Basis for Processing
Under UK GDPR, we must have a lawful basis to process your personal data. Tree Surgeons Nottinghill relies on the following lawful bases depending on the circumstance:
Contract
We process your data when it is necessary to enter into or perform a contract with you. This includes preparing quotes, confirming bookings, delivering services, and handling related administrative tasks.
Legal obligation
We process certain personal data to comply with legal and regulatory requirements, such as tax records, accounting rules, health and safety obligations, and insurance-related documentation.
Legitimate interests
We may process data where it is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests. Examples include maintaining service records, responding to enquiries, preventing fraud, and improving operational efficiency.
Consent
In limited cases, we may rely on your consent, for example if we request permission to use certain optional data or images for marketing or non-essential purposes. Where consent is used, you can withdraw it at any time.
Vital interests and public task
These bases are unlikely to apply in most cases, but may be relevant in exceptional circumstances where processing is required to protect someone’s safety or where the law requires it.
5. Sharing Your Information
We may share personal data with trusted third parties only when necessary and appropriate. These may include:
- Processors who provide IT, communications, scheduling, accounting, or data storage services
- Professional advisers such as accountants, insurers, or legal advisers
- Subcontractors or specialist contractors assisting with service delivery
- Authorities, regulators, or law enforcement where required by law
We do not sell your personal data. Any third party that processes personal data on our behalf must do so under a written agreement and only according to our instructions. They are required to keep your data secure and confidential.
6. Processors We Use
A processor is an organisation that handles personal data on our behalf. We may use processors for:
- IT hosting and cloud storage
- Email and communication services
- Booking and scheduling systems
- Accounting and invoicing tools
- Document management and backup systems
We ensure that processors provide sufficient guarantees regarding security, confidentiality, and GDPR compliance. Where personal data is transferred outside the UK, we will take appropriate safeguards to protect it.
7. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, tax, and record-keeping requirements. Retention periods depend on the type of data and the reason for processing.
Typical retention periods
- Customer and service records: kept for the duration of the relationship and for a reasonable period afterwards
- Invoices and accounting records: kept in line with statutory and tax requirements
- Complaints and correspondence: retained as long as needed to resolve the issue and maintain records
- Safety and legal records: retained where required by law or for risk management
When data is no longer needed, we will securely delete, anonymise, or archive it in accordance with our retention practices.
8. Data Security
We use appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, or disclosure. These measures may include access controls, secure storage, confidentiality obligations, and regular review of data handling practices. No system is completely secure, but we work hard to reduce risks and protect the information entrusted to us.
9. Your Rights
Under data protection law, you have rights regarding your personal data. These rights may apply subject to legal limits and exemptions.
- Right of access: You can request a copy of the personal data we hold about you.
- Right to rectification: You can ask us to correct inaccurate or incomplete data.
- Right to erasure: You can request deletion of your data in certain circumstances.
- Right to restrict processing: You can ask us to limit how we use your data in some cases.
- Right to object: You can object to processing based on legitimate interests or direct marketing.
- Right to data portability: You may request your data in a structured, commonly used format where applicable.
- Right to withdraw consent: If we rely on consent, you can withdraw it at any time.
If you wish to exercise any of these rights, your request will be reviewed in accordance with applicable data protection rules. We may need to verify your identity before responding.
10. Cookies and Similar Technologies
If we use cookies or similar technologies for basic functionality, security, or performance purposes, these will only be used in line with applicable law. Where required, we will provide appropriate notice and obtain consent for non-essential cookies. You may adjust your browser settings to manage cookies, although doing so may affect some functionality.
11. Children’s Data
Our services are intended for adults and property-related enquiries. We do not knowingly collect personal data from children without appropriate lawful basis and consent where required. If we become aware that we have collected such information unintentionally, we will take steps to remove it where appropriate.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. Any updated version will apply from the date it is published or otherwise communicated. We encourage you to review it periodically so you remain informed about how your data is handled.
13. Summary of Our Commitment
Tree Surgeons Nottinghill will process personal data lawfully, fairly, and transparently. We only collect what we need, keep it securely, share it responsibly, and retain it only for as long as required. We respect your rights and will respond appropriately to requests concerning your personal information. Your privacy matters to us, and we are committed to handling your data with care and accountability.