Privacy Policy - Tree Surgeons Shortlands
This Privacy Policy explains how Tree Surgeons Shortlands collects, uses, stores, shares, and protects personal data when providing tree surgery and related services. It applies to all Tree Surgeons Shortlands customers in the area, including residential, commercial, and property management clients who request quotes, book services, or otherwise interact with us.
We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is intended to help you understand what information we collect, why we collect it, and what rights you have.
1. Information We Collect
We collect only the personal data that is necessary for the delivery of our services and the management of our business. The types of information we may collect include:
- Identity details such as your name and, where relevant, the name of your organisation or property management company.
- Contact details including address, email address, and telephone number.
- Service information such as property access instructions, tree location details, job requirements, and service preferences.
- Billing and payment information where required for invoicing, payment processing, and accounting.
- Communications including emails, phone notes, messages, and any other correspondence relating to quotations, bookings, complaints, or aftercare.
- Technical data when you visit our digital services, which may include IP address, browser type, device information, and basic usage data.
- Legal and safety records such as risk assessments, site notes, work permits, and incident reports where necessary.
We do not intentionally collect special category data unless it is required for a specific lawful purpose, such as health and safety considerations or to support a legal claim. If such data is needed, we will process it with appropriate safeguards.
2. How We Use Personal Data
We use personal data for the following purposes:
- To provide tree surgery, maintenance, and related services.
- To prepare quotations, confirm bookings, and manage service delivery.
- To communicate with customers about appointments, site visits, and job updates.
- To issue invoices, receive payments, and maintain accounting records.
- To comply with health and safety obligations.
- To manage complaints, feedback, and service disputes.
- To maintain business records and demonstrate compliance with legal and contractual obligations.
- To improve our services and customer experience.
We only use personal data for the purposes for which it was collected, unless we reasonably determine that we need to use it for a compatible reason or as otherwise permitted by law.
3. Lawful Basis for Processing
Under data protection law, we must have a lawful basis for processing your personal data. Depending on the circumstances, Tree Surgeons Shortlands may rely on one or more of the following legal bases:
Contract
We process your data where it is necessary to enter into or perform a contract with you. This includes providing quotations, arranging services, completing work, and managing billing.
Legal Obligation
We process certain data where necessary to comply with legal obligations, such as tax record keeping, accounting requirements, health and safety duties, and responding to lawful requests from authorities.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided these interests are not overridden by your rights and freedoms. This may include maintaining business records, improving operations, preventing fraud, and handling customer communications.
Consent
In limited situations, we may rely on your consent, for example where it is the most appropriate basis for certain optional communications or non-essential processing. Where we rely on consent, you may withdraw it at any time.
4. Data Sharing and Processors
We may share personal data with trusted third parties who help us run our business. These parties act as processors or independent controllers depending on the nature of the service. We only share the minimum information required for the relevant purpose.
Examples of processors and recipients may include:
- IT and cloud service providers that store or support our records and communications.
- Accounting and bookkeeping providers who assist with invoicing, tax, and financial administration.
- Payment service providers that handle card or bank-related transactions.
- Administrative support providers who assist with scheduling or record management.
- Professional advisers such as lawyers, insurers, or auditors where necessary.
- Regulators, law enforcement, and public authorities where disclosure is required by law.
We require processors to handle your data securely, use it only for specified purposes, and comply with data protection law. Where personal data is transferred outside the UK, we will ensure appropriate safeguards are in place.
5. Data Retention
We keep personal data only for as long as necessary for the purpose for which it was collected, including to satisfy legal, accounting, insurance, or reporting requirements. Retention periods vary depending on the type of data and the reason we hold it.
- Customer and service records are retained for as long as needed to manage the relationship and resolve any follow-up issues.
- Financial and tax records are kept for the period required by law and accounting standards.
- Safety and incident records may be retained longer where needed for legal defence, insurance, or compliance purposes.
- Marketing-related data, if any, is kept until you withdraw consent or object where applicable.
When personal data is no longer required, it is securely deleted, anonymised, or otherwise disposed of in a safe and lawful manner. We review retention regularly to avoid keeping data for longer than necessary.
6. Data Security
We take reasonable technical and organisational measures to protect personal data against unauthorised access, loss, alteration, misuse, or disclosure. These measures may include access controls, secure storage, staff awareness, and limited sharing of data on a need-to-know basis.
Although we work to protect your information, no system can be guaranteed completely secure. If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will take appropriate action in line with legal requirements.
7. Your Rights
You have several rights under data protection law in relation to the personal data we hold about you. These include:
- Right of access - you may request a copy of your personal data.
- Right to rectification - you may ask us to correct inaccurate or incomplete data.
- Right to erasure - in certain situations, you may ask us to delete your data.
- Right to restriction - you may ask us to limit how we use your data.
- Right to object - you may object to processing based on legitimate interests or direct marketing.
- Right to data portability - where applicable, you may request data in a structured, commonly used format.
- Right to withdraw consent - where processing is based on consent, you may withdraw it at any time.
You also have the right to raise concerns with the UK Information Commissioner’s Office if you believe your data has been handled unlawfully. We encourage you to contact us first so that we can try to resolve any concerns promptly and fairly.
8. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children except where it is incidental to service delivery, such as property ownership or access arrangements provided by an adult customer. If we become aware that we have collected data inappropriately, we will take steps to delete it where required.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect legal, operational, or service changes. Any updated version will apply from the date it is published. We encourage customers to review this policy periodically so they remain informed about how their personal data is used.
10. Summary of Key Points
In short, Tree Surgeons Shortlands collects only the data needed to provide services, manage customer relationships, meet legal duties, and run the business safely and effectively. We use a clear lawful basis for each processing activity, keep data only for as long as necessary, and work with trusted processors under suitable safeguards. You retain important rights over your personal data, and we aim to handle every request with transparency and respect.
This Privacy Policy applies to all Tree Surgeons Shortlands customers in the area.