Privacy Policy - Tree Surgeons Fitzrovia
This Privacy Policy explains how Tree Surgeons Fitzrovia collects, uses, stores, and protects personal data in relation to its services. It applies to all Tree Surgeons Fitzrovia customers in the area, including individuals, property owners, landlords, tenants, and business clients who request tree surgery, tree maintenance, arboricultural inspections, stump removal, or related services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018.
1. Who We Are
Tree Surgeons Fitzrovia is the data controller for the personal data described in this policy. This means we determine the purposes and means of processing personal data relating to our services. We take our responsibilities seriously and apply appropriate technical and organisational measures to protect the information entrusted to us.
2. Personal Data We Collect
We collect only the data necessary to provide and manage our services effectively. The categories of information we may collect include:
- Identity data such as your name, title, and, where relevant, company or organisation name.
- Contact data such as email address, telephone number, billing address, and service address.
- Property and service information including access details, photographs of trees or sites, work requirements, and notes relating to inspections or quotes.
- Payment and transaction data such as invoices, payment status, and records needed for financial administration.
- Communication data including correspondence with us by phone, email, or written communication.
- Technical data where you interact with digital systems, such as limited device or usage information used for security and service improvement.
- Safety and compliance data such as risk assessments, site access concerns, or documentation required for lawful work practices.
We do not intentionally collect sensitive personal data unless it is necessary and relevant to a specific service, legal obligation, or safety requirement. If such information is provided, we will process it only where permitted by law and with appropriate safeguards.
3. How We Use Personal Data
We use personal data for clear and specific purposes related to our services. These include:
- Providing quotations and responding to enquiries.
- Planning, scheduling, and carrying out tree surgery and related work.
- Managing customer accounts, service records, and invoices.
- Meeting legal, regulatory, insurance, and safety obligations.
- Communicating about appointments, service changes, and updates.
- Maintaining accurate business records.
- Handling complaints, disputes, or claims.
- Improving service quality and operational efficiency.
We will only use personal data in ways that are compatible with the purposes for which it was collected, unless we reasonably determine that another lawful basis applies and that the new use is permitted by law.
4. Lawful Basis for Processing
Under the UK GDPR, we rely on one or more of the following lawful bases when processing personal data:
Contract
We process personal data where it is necessary to enter into or perform a contract with you, such as providing quotes, arranging work, delivering services, and issuing invoices.
Legal obligation
We may process data where required to comply with applicable laws, including tax, accounting, health and safety, environmental, and record-keeping obligations.
Legitimate interests
We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This may include managing our business, preventing fraud, protecting property, maintaining security, and improving services.
Consent
In limited circumstances, we may rely on your consent, for example for specific optional communications or the use of certain non-essential information. Where consent is used, you may withdraw it at any time.
Vital interests
In rare situations involving urgent safety concerns, we may process data to protect someone’s life or physical safety.
5. Data Sharing and Processors
We may share personal data with trusted third parties where necessary to deliver our services, operate our business, or comply with legal requirements. These third parties act either as independent controllers or as processors acting on our instructions.
Processors are organisations that handle personal data on our behalf. We ensure that processors provide sufficient guarantees regarding security, confidentiality, and GDPR compliance. Examples of processors may include:
- IT and cloud service providers used for secure storage, communication, and administration.
- Accounting and bookkeeping providers who assist with financial records and invoicing.
- Payment processing services used to handle transactions securely.
- Scheduling, customer management, or document management tools used for operational purposes.
We may also disclose information to:
- Professional advisers such as accountants, insurers, or legal advisers.
- Public authorities, regulators, or law enforcement where required by law.
- Subcontractors or specialist service providers involved in completing a project.
Where we share data with third parties, we do so only when necessary and with appropriate safeguards in place.
6. International Transfers
If any personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful mechanisms designed to protect your information to an equivalent standard.
7. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods depend on the type of data and the purpose of processing.
As a general principle:
- Customer enquiry records may be kept for a limited period if no service is booked.
- Service and contract records may be retained for the duration of the working relationship and for a reasonable period afterwards.
- Financial and tax records are retained for the period required by law.
- Health and safety, insurance, or dispute-related records may be retained for longer where needed to defend legal claims or comply with obligations.
When personal data is no longer required, it is securely deleted, anonymised, or archived in accordance with our retention procedures.
8. Your Rights
Under data protection law, you have rights in relation to your personal data. These rights may apply subject to conditions and legal exceptions. They include:
- Right of access – you may request a copy of the personal data we hold about you.
- Right to rectification – you may ask us to correct inaccurate or incomplete data.
- Right to erasure – you may request deletion of your data where it is no longer needed or where another legal basis applies.
- Right to restriction – you may ask us to limit how we use your data in certain circumstances.
- Right to object – you may object to processing based on legitimate interests or direct marketing.
- Right to data portability – you may request that certain data be provided in a structured, commonly used format.
- Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.
If you wish to exercise any of these rights, we will respond in line with applicable legal requirements and within the required timescales. We may need to verify your identity before acting on a request.
9. Security of Your Data
We use appropriate measures to protect personal data from unauthorised access, accidental loss, disclosure, alteration, or destruction. These measures may include access controls, secure storage, staff confidentiality obligations, and regular review of our procedures. While no method of transmission or storage is completely secure, we work to maintain a level of protection appropriate to the risk.
10. Data Accuracy and Your Responsibilities
We aim to keep personal data accurate and up to date. You can help us by informing us when your details change. Accurate information is especially important for scheduling, invoicing, and site access arrangements.
11. Marketing
We do not use personal data for unnecessary marketing. If we ever send promotional communications where permitted by law, you will have the ability to object or unsubscribe. We will respect your preferences and handle them in accordance with applicable rules.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in legal requirements, business practices, or operational needs. Any changes will take effect when published in the revised version. We encourage customers to review this policy periodically so they remain informed about how their data is handled.
13. Applicability to Tree Surgeons Fitzrovia Customers in the Area
This Privacy Policy applies to all Tree Surgeons Fitzrovia customers in the area, regardless of whether services are requested for residential, commercial, or communal properties. By engaging our services, using our communications channels, or providing information to arrange work, you acknowledge that your personal data may be processed as described in this policy.
Tree Surgeons Fitzrovia values privacy, accountability, and transparency. We are committed to using personal data responsibly, respecting your rights, and ensuring that our processing is limited to what is necessary for legitimate and lawful business purposes. Your trust matters, and we take care to protect it.