Privacy Policy - Tree Surgeons Barnet
This Privacy Policy explains how Tree Surgeons Barnet collects, uses, stores, shares, and protects personal data when providing tree surgery and related services. It applies to all Tree Surgeons Barnet customers in the area, including individuals, landlords, tenants, commercial clients, and other service users who request information, obtain a quotation, or receive work from us.
We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018. We only collect data that is necessary for legitimate business purposes and take appropriate steps to keep it secure.
1. Data We Collect
We may collect and process the following types of personal data:
- Identity information such as your name and, where relevant, business or property ownership details.
- Contact information such as address details, email address, telephone number, and any preferred contact method.
- Service information relating to the tree work, maintenance, inspections, quotations, scheduling, and site access arrangements you request.
- Payment and billing information where payment is made for services, including transaction records and invoicing data.
- Property and site information needed to assess the work, including access notes, photographs, tree location details, and service history.
- Communication records such as emails, messages, call notes, complaint details, and customer feedback.
- Technical information collected when you interact with our digital systems, which may include device information, browser type, and basic usage data.
We do not intentionally collect special category data unless it is strictly necessary and you have provided it voluntarily, or we are required to do so for a lawful reason. If such information is provided, it will be handled with additional care and only used for the purpose for which it was shared.
2. How We Use Your Data
We use personal data for the following purposes:
- To respond to enquiries and provide quotations.
- To assess work requirements and deliver tree surgery services safely and effectively.
- To manage bookings, site visits, and service delivery.
- To issue invoices, process payments, and maintain financial records.
- To communicate with you about appointments, project updates, or necessary changes.
- To handle complaints, disputes, or insurance-related matters.
- To meet legal, regulatory, tax, and health and safety obligations.
- To maintain business records, improve our services, and support quality control.
We only use personal data in ways that are compatible with the purpose for which it was collected, unless we have a lawful basis to use it for another legitimate reason.
3. Lawful Basis for Processing
Under the UK GDPR, we rely on one or more of the following lawful bases when processing your personal data:
Contract
We process data when it is necessary to enter into or perform a contract with you, such as preparing a quotation, scheduling work, completing tree services, or issuing invoices.
Legal Obligation
We may process and retain certain information to comply with legal and regulatory requirements, including accounting, tax, insurance, and health and safety obligations.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided your interests and rights do not override those interests. This may include record keeping, managing customer relationships, preventing fraud, improving service quality, and protecting our business operations.
Consent
Where required, we will ask for your consent before processing your data. For example, if we need to use information for a purpose not covered by another lawful basis, we will make that clear and you may withdraw consent at any time.
4. Data Sharing and Processors
We may share personal data with trusted third parties who act as data processors or independent controllers, only where necessary to carry out our services or meet legal obligations. Such parties are required to protect your data and only process it in accordance with our instructions or their own lawful responsibilities.
Examples of processors and recipients may include:
- IT and hosting providers that support secure storage, communication systems, or business administration tools.
- Accounting and bookkeeping providers that assist with invoices, tax reporting, and financial administration.
- Payment service providers that process card or electronic payments.
- Professional advisers such as insurers, legal advisers, or auditors where necessary.
- Subcontractors or specialist service partners involved in delivering parts of the work, where appropriate for the project.
- Public authorities, regulators, or law enforcement where disclosure is required by law.
We do not sell your personal data. Any transfer of data outside the UK will only occur where appropriate safeguards are in place to protect your information.
5. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, and reporting requirements. Retention periods may vary depending on the nature of the data and the service provided.
In general:
- Customer records and service history are retained for a reasonable period to support ongoing service, warranty issues, or dispute resolution.
- Financial and tax records are retained for the period required by law.
- Communication records may be kept for a limited time to manage customer service and operational needs.
- Data no longer required is securely deleted, anonymised, or archived where appropriate.
Where retention periods differ due to legal obligations or legitimate business needs, we will only keep the data for the minimum necessary time.
6. Security of Your Data
We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration, or disclosure. These measures may include access restrictions, secure storage practices, staff awareness, and careful management of third-party access.
While we take data protection seriously, no system is completely risk-free. If a personal data breach occurs and it is legally required, we will notify the relevant authority and affected individuals.
7. Your Rights Under GDPR
You have a number of rights in relation to your personal data. Subject to legal exceptions, these include the right to:
- Access the personal data we hold about you.
- Rectification of inaccurate or incomplete information.
- Erasure of your data in certain circumstances.
- Restriction of processing in certain situations.
- Object to processing based on legitimate interests or direct marketing.
- Data portability where processing is based on consent or contract and carried out by automated means.
- Withdraw consent where processing relies on consent.
You also have the right to be informed about how your data is used and to raise concerns if you believe your data is being handled incorrectly.
8. Exercising Your Rights
If you wish to exercise any of your rights, we will review your request and respond within the timeframes required by data protection law. We may need to verify your identity before fulfilling a request to protect your information and prevent misuse.
If a request is complex or multiple requests are made, we may require additional time where permitted by law. There is usually no fee, unless a request is manifestly unfounded or excessive.
9. Complaints
If you have concerns about how your personal data is handled, you can raise the issue directly so that we can review it. We aim to address concerns promptly and fairly. You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect legal, operational, or service-related changes. Any revised version will apply from the date it is published. We encourage customers to review the policy periodically so they remain informed about how their data is used.
Tree Surgeons Barnet is committed to respecting your privacy and processing your personal data responsibly, transparently, and securely. By using our services, you acknowledge that your information may be handled in line with this Privacy Policy and the applicable data protection laws.