Privacy Policy - Tree Surgeons Cranford
This Privacy Policy explains how Tree Surgeons Cranford collects, uses, stores, shares, and protects personal data in connection with our arboricultural and tree care services. It applies to all Tree Surgeons Cranford customers in the area, including people who request quotes, make enquiries, receive services, or otherwise interact with us. We are committed to handling personal information in a lawful, fair, and transparent way in accordance with the UK GDPR and the Data Protection Act 2018.
1. Who We Are
Tree Surgeons Cranford provides professional tree surgery and related outdoor services. In the course of delivering our services, we may process personal data relating to customers, property owners, tenants, business contacts, and other individuals connected with a job or enquiry. We act as a data controller for the personal data we determine the purposes and means of processing.
2. Personal Data We Collect
We only collect data that is necessary for our business operations, service delivery, and legal obligations. Depending on your interaction with us, we may collect the following categories of information:
- Identity details such as your name and title.
- Contact details including address, email address, and telephone number.
- Property and site details such as access information, photographs, tree location, and service requirements.
- Payment and billing information where required for invoicing and accounting.
- Communication records including emails, message content, and notes from calls or visits.
- Service history such as quotes, job records, work completed, and customer preferences.
- Technical data if you contact us online, such as IP address or browser information collected through standard website tools, where applicable.
We do not intentionally collect special category data unless it is necessary and lawful to do so. If such information is provided to us accidentally, we will handle it carefully and only where a valid legal basis applies.
3. How We Use Personal Data
We use personal data for the following purposes:
- To respond to enquiries and provide quotations.
- To assess work requirements and plan tree surgery services.
- To carry out and manage bookings, site visits, and completed works.
- To invoice customers, process payments, and maintain financial records.
- To communicate about service updates, access requirements, or scheduling changes.
- To maintain records of work completed and customer instructions.
- To meet legal, safety, insurance, and tax obligations.
- To resolve complaints, disputes, or claims.
- To improve our services and customer experience.
We will only use your personal data where permitted by law and where it is relevant to the service we provide. We do not sell personal data.
4. Lawful Basis for Processing
Under data protection law, we must have a lawful basis to process personal data. Tree Surgeons Cranford relies on one or more of the following bases:
Contract
We process your data where it is necessary to enter into or perform a contract with you. This includes providing quotes, booking services, carrying out tree work, issuing invoices, and managing customer accounts.
Legal Obligation
We may process personal data when required to comply with legal duties, such as tax, accounting, insurance, health and safety, and record-keeping obligations.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided your rights and interests do not override those interests. Examples include handling enquiries, managing customer relationships, maintaining service records, preventing fraud, and improving our operations.
Consent
In limited cases, we may rely on your consent, for example where it is needed for certain marketing communications or optional uses of data. You can withdraw consent at any time, and this will not affect the lawfulness of processing carried out before withdrawal.
5. Sharing Personal Data and Processors
We may share personal data with trusted third parties when necessary for the purposes described in this policy. These third parties may act as processors or independent controllers depending on the service provided.
Examples of processors we may use include:
- IT and cloud storage providers who securely host files, emails, or records.
- Accounting and bookkeeping providers who assist with invoicing and tax compliance.
- Payment service providers used to process transactions.
- Scheduling, CRM, or administration software providers used to manage jobs and customer records.
- Professional advisers such as insurers, legal advisers, or auditors.
We only engage processors that provide sufficient guarantees regarding security, confidentiality, and compliance with data protection law. Where a processor acts on our behalf, they are permitted to process personal data only under our instructions and for agreed purposes.
We may also disclose personal data where required by law, regulation, court order, or to protect our rights, property, staff, customers, or the public.
6. International Transfers
If any processor stores or accesses personal data outside the UK, we will ensure that appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms approved under UK data protection law.
7. Retention of Personal Data
We keep personal data only for as long as necessary for the purpose for which it was collected, and in line with legal and operational requirements. Retention periods may vary depending on the type of data and the nature of the relationship.
- Enquiry data may be kept for a reasonable period if no service is booked, so we can follow up or manage future requests.
- Customer and job records are generally retained for the duration of the customer relationship and for a period afterwards to handle disputes, warranty issues, or repeat work.
- Financial and tax records are retained for the period required by law.
- Safety and insurance records may be retained longer where needed to evidence compliance or defend claims.
When personal data is no longer required, we will securely delete, anonymise, or archive it in accordance with our retention practices.
8. Data Security
We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, disclosure, alteration, or destruction. These measures may include secure storage, access controls, staff confidentiality obligations, and careful management of digital and paper records. No system is completely secure, but we work to reduce risks and maintain reasonable safeguards.
9. Your Rights
Under data protection law, you have rights in relation to your personal data. Depending on the circumstances, these may include:
- Right of access – to request a copy of the personal data we hold about you.
- Right to rectification – to ask us to correct inaccurate or incomplete information.
- Right to erasure – to request deletion of your data in certain cases.
- Right to restriction – to ask us to limit processing in certain situations.
- Right to object – to object to processing based on legitimate interests or direct marketing.
- Right to data portability – to receive certain data in a portable format where applicable.
- Right to withdraw consent – where processing is based on consent.
You also have the right to lodge a complaint with the Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage you to raise concerns with us first so that we can try to resolve them promptly.
10. Marketing
If we send marketing communications, we will do so only where we are permitted to under applicable law. You can opt out of marketing at any time. We will respect your choice and stop sending marketing messages where required.
11. Children’s Data
Our services are intended for adults and businesses. We do not knowingly collect personal data from children unless it is necessary in connection with a lawful service request or where a parent or guardian has provided information appropriately. If we become aware that we have collected data from a child without proper authority, we will take steps to remove it where appropriate.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we handle personal data. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their data is used.
13. Summary of Our Commitment
Tree Surgeons Cranford is committed to processing personal data responsibly, securely, and transparently. We collect only the information needed to provide tree surgery services, meet our legal obligations, and manage our business effectively. We use lawful bases such as contract, legal obligation, legitimate interests, and consent where appropriate. We retain data only for as long as necessary, use reliable processors under proper safeguards, and respect your rights under data protection law.
This policy applies to all Tree Surgeons Cranford customers in the area.