Privacy Policy - Tree Surgeons Wimbledon
This Privacy Policy explains how Tree Surgeons Wimbledon collects, uses, stores, shares, and protects personal data. It applies to all Tree Surgeons Wimbledon customers in the area, including anyone who enquires about, receives, or uses our tree surgery, tree maintenance, arboricultural, or related services. We are committed to handling personal information in a lawful, fair, and transparent way in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who this policy applies to
This policy applies to current and prospective customers, property owners, tenants, site managers, contractors, suppliers, and any individual whose personal data we receive in connection with our services. It also applies where we process data on behalf of a business customer or landowner in the Wimbledon area. By using our services or communicating with us, you acknowledge that your personal data may be processed as described in this policy.
2. Information we collect
We only collect personal data that is necessary for legitimate business and service purposes. Depending on your interaction with us, we may collect the following categories of information:
- Identity details: name, title, and, where relevant, job role or relationship to a property.
- Contact details: address, email address, telephone number, and correspondence preferences.
- Property and service information: site address, access details, property notes, photographs, tree condition reports, and job specifications.
- Billing and payment information: invoice details, payment records, and transaction references.
- Communication records: enquiries, messages, quotation requests, complaints, and service updates.
- Technical data: limited information collected when you interact with digital systems, such as IP address or device-related details, where applicable.
- Health and safety information: access restrictions, hazard notes, or other information needed to carry out works safely.
We do not intentionally collect special category data unless it is necessary and lawful to do so, for example where safety requirements or legal obligations make limited processing necessary. If such information is provided, it is handled with additional care and only for the relevant purpose.
3. How we use your personal data
We use personal data to operate our services effectively, communicate with customers, and meet legal and contractual duties. Typical uses include:
- responding to enquiries and providing quotations;
- arranging site visits and carrying out assessments;
- delivering tree surgery and related services;
- managing bookings, invoices, and payments;
- recording work completed and maintaining service history;
- managing customer support, complaints, and follow-up communications;
- meeting health and safety obligations;
- keeping business records for accounting, tax, and legal purposes;
- preventing fraud, misuse, or unauthorised access;
- improving our services and internal operations.
We will only use your data where we have a valid reason to do so and where that use is compatible with the original purpose for which the data was collected. We do not sell personal data.
4. Lawful basis for processing
We process personal data under one or more lawful bases set out in the UK GDPR. These include:
Contract
We process data where it is necessary to provide a quotation, enter into an agreement, carry out services, or manage payments and customer service related to that contract.
Legal obligation
We may process information to comply with legal duties, including tax obligations, accounting rules, insurance requirements, and health and safety regulations.
Legitimate interests
We may process data where it is reasonably necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include service administration, record-keeping, fraud prevention, and improving operations.
Consent
In limited cases, we may rely on your consent, for example where it is required for a specific communication or optional service. Where consent is used, you may withdraw it at any time.
Vital interests
In rare circumstances, we may process information to protect someone’s life or physical safety, such as during an emergency on-site.
5. Sharing your information with processors
We may share personal data with trusted third parties who act as processors on our behalf. These processors only handle data under our instructions and are required to protect it appropriately. Examples may include:
- IT and cloud service providers that host or support business systems;
- accountants and bookkeeping providers;
- payment service providers;
- customer communication and administration tools;
- professional advisers, such as legal or insurance advisers;
- subcontractors or specialist arboricultural partners, where necessary to complete work.
We may also disclose information to public authorities, regulators, law enforcement, or insurers where required by law or where it is necessary to defend legal claims or protect rights, property, or safety. We only transfer the minimum amount of data needed for the relevant purpose.
6. International transfers
Where any processor stores or accesses data outside the UK, we take steps to ensure that appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms approved under data protection law.
7. Data retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, tax, and insurance requirements. Retention periods may vary depending on the type of record and the reason for processing. In general:
- Enquiry and quotation records: kept for a limited period to manage follow-up and business administration.
- Customer service and contract records: kept for the duration of the relationship and for a reasonable period afterwards.
- Invoices and financial records: retained for the period required by law.
- Health and safety records: retained for as long as necessary to evidence compliance and manage risk.
- Complaint or dispute records: retained until the matter is resolved and for any additional period needed to defend claims.
When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.
8. Data security
We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff awareness, and data minimisation. While no system can be guaranteed completely secure, we work to maintain a level of protection appropriate to the nature of the information we process.
9. Your rights
Under data protection law, you have a number of rights in relation to your personal data. These include:
- Right of access: to request a copy of the personal data we hold about you.
- Right to rectification: to ask us to correct inaccurate or incomplete data.
- Right to erasure: to request deletion of your data in certain circumstances.
- Right to restriction: to ask us to limit how we use your data in certain situations.
- Right to object: to object to processing based on legitimate interests or direct marketing.
- Right to data portability: to receive certain data in a structured, commonly used format, where applicable.
- Right to withdraw consent: where processing is based on consent.
Please note that these rights are not absolute and may be subject to legal exceptions or limitations. If you make a request, we may need to verify your identity before responding.
10. Cookies and similar technologies
If we operate websites or digital tools that use cookies or similar technologies, these may collect limited technical information to support functionality, performance, and security. Where consent is required, we will ask for it before using non-essential cookies. Any such processing will be handled in accordance with applicable privacy rules.
11. Children’s data
Our services are directed at adults and business or property contacts. We do not knowingly collect personal data from children except where it is incidental to property access, safety, or legal requirements. If we become aware that we have collected data from a child without a lawful basis, we will take steps to delete it.
12. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in law, operations, or data handling practices. Any updates will take effect when published or otherwise communicated. We encourage you to review this policy periodically so that you remain informed about how your information is handled.
13. Complaints and further information
If you have concerns about how your personal data is handled, you have the right to raise a complaint with the relevant data protection supervisory authority. You may also ask us to explain how we process your data, and we will respond in accordance with our legal obligations.
Tree Surgeons Wimbledon is committed to respecting your privacy and handling personal information responsibly. We aim to ensure that all data is collected only when needed, used fairly, kept securely, and retained for no longer than necessary. This policy is intended to give customers in Wimbledon and the surrounding area clear information about how their data is managed and the rights they can exercise.