Privacy Policy – Tree Surgeons Charlton
This Privacy Policy explains how Tree Surgeons Charlton collects, uses, stores, shares, and protects personal data when providing tree surgery and related services. It applies to all Tree Surgeons Charlton customers in the area, including anyone who requests a quotation, makes an enquiry, books a service, or otherwise interacts with our business. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018.
1. Who We Are
Tree Surgeons Charlton provides arboricultural services such as tree removal, pruning, crown reduction, stump grinding, hedge maintenance, and related property care. In the course of delivering these services, we may process personal data about customers, property owners, tenants, contractors, and other relevant individuals. This policy sets out the principles that guide our handling of that information.
2. Data We Collect
We only collect personal data that is necessary for the purposes described in this policy. The categories of data we may collect include:
- Identity details such as name and title.
- Contact details such as email address, telephone number, and postal address.
- Property details relevant to the work requested, including site location, access notes, photographs, and information about trees or hedges requiring attention.
- Service records such as quotations, work orders, invoices, attendance logs, and correspondence.
- Payment information needed to process transactions, although we do not store more payment data than is necessary.
- Technical information such as limited website or email interaction data if you contact us digitally.
- Health and safety information where necessary, for example access issues, hazard warnings, or site-specific risk details.
We do not intentionally collect special category data unless it is required for a specific lawful purpose, such as health and safety or legal compliance. If such data is provided incidentally, we will handle it with extra care and only where permitted by law.
3. How We Use Personal Data
We use personal data only for legitimate business and legal purposes related to our tree surgery services. These purposes may include:
- Responding to enquiries and preparing quotations.
- Assessing site conditions and planning work safely and efficiently.
- Delivering requested services and managing appointments.
- Issuing invoices, processing payments, and maintaining financial records.
- Communicating about job progress, changes, or follow-up requirements.
- Meeting legal, regulatory, insurance, and tax obligations.
- Handling complaints, disputes, and warranty or service queries.
- Maintaining business records and improving service quality.
We will not use personal data for purposes that are incompatible with the reasons it was collected, unless we have a lawful basis to do so and, where required, your consent.
4. Lawful Basis for Processing
Under data protection law, we must identify a lawful basis before processing personal data. Tree Surgeons Charlton relies on the following lawful bases:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes providing quotations, arranging services, completing tree work, and managing billing.
Legal Obligation
We process data when required to comply with legal duties, such as tax law, accounting requirements, health and safety obligations, and record-keeping responsibilities.
Legitimate Interests
We may process personal data where it is necessary for our legitimate interests and those interests are not overridden by your rights and freedoms. Examples include managing our business operations, keeping accurate records, preventing fraud, responding to enquiries, and maintaining secure and efficient services.
Consent
In limited circumstances, we may rely on consent, particularly for optional communications or any processing that requires it by law. Where consent is used, you may withdraw it at any time without affecting the lawfulness of prior processing.
5. Data Sharing and Processors
We may share personal data with trusted third parties who act as processors or independent controllers, but only where necessary and appropriate. Any sharing is limited to what is required for the relevant purpose and is carried out with suitable safeguards.
Examples of processors or service providers may include:
- Accounting and bookkeeping providers that help manage invoices, payments, and tax records.
- IT and cloud service providers that support secure storage, email, and business administration.
- Administrative support providers who assist with scheduling, records, or customer communications.
- Insurance providers where disclosure is necessary for claims, risk management, or compliance.
- Professional advisers such as lawyers, auditors, or consultants when required.
We require processors to handle personal data securely, use it only for authorised purposes, and comply with data protection obligations. We do not sell personal data. We may also disclose information if required by law, regulation, court order, or a lawful request from a public authority.
6. Data Retention
We keep personal data only for as long as it is needed for the purpose for which it was collected, or as required by law. Retention periods depend on the type of information and our legal obligations. In general:
- Quotation and enquiry records are kept for a reasonable period to manage follow-up and business administration.
- Customer service and job records are kept for the duration of the service relationship and an appropriate period afterward.
- Financial and tax records are retained for the periods required by law.
- Health and safety records are kept as long as necessary to demonstrate compliance and manage risk.
When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify an individual.
7. Data Security
We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, encryption where appropriate, staff confidentiality obligations, and regular review of our processes.
While we work hard to safeguard information, no system is completely secure. If a data breach occurs that affects your personal data, we will assess the risk and take the steps required by law, which may include notifying you and the relevant supervisory authority.
8. Your Rights
As a data subject, you have important rights under data protection law. Subject to certain conditions and exemptions, you may have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate or incomplete information.
- Erase your personal data in specific circumstances.
- Restrict how we use your data in certain situations.
- Object to processing based on legitimate interests or direct marketing.
- Data portability for information you provided to us, where applicable.
- Withdraw consent at any time where processing is based on consent.
You also have the right to raise concerns with the UK Information Commissioner’s Office if you believe your rights have been infringed. We would, however, appreciate the opportunity to address any concerns first so we can resolve them promptly and fairly.
9. Third-Party Links and External Services
If you interact with external services or platforms connected to our business operations, those providers may collect and use data according to their own privacy notices. We are not responsible for the privacy practices of third parties, and we encourage you to review their policies before providing personal information.
10. Children’s Data
Our services are directed to adults and property-related customers. We do not knowingly collect personal data from children except where it is incidentally provided in the course of service delivery and only where lawful and necessary. If we become aware that we have collected data from a child unlawfully, we will take appropriate steps to delete it.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal duties, or data handling practices. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers in the area to review this policy periodically so they remain informed about how their data is handled.
12. Summary of Key Points
- Tree Surgeons Charlton collects only the information needed to provide tree surgery services safely and effectively.
- We process data under lawful bases including contract, legal obligation, legitimate interests, and consent where appropriate.
- Data may be shared with trusted processors such as accountants, IT providers, and advisers under strict safeguards.
- Personal data is retained only as long as necessary and then securely deleted or anonymised.
- You have rights over your personal data, including access, correction, deletion, objection, and withdrawal of consent.
By using our services or submitting personal data to us, you acknowledge that you have read and understood this policy. We will always aim to handle your information with care, transparency, and respect for your privacy.