Privacy Policy - Tree Surgeons Soho
Tree Surgeons Soho is committed to protecting the privacy and personal data of everyone who uses our services. This Privacy Policy explains how we collect, use, store, share, and protect personal information in accordance with the UK GDPR and the Data Protection Act 2018. It applies to all Tree Surgeons Soho customers in the area, including residential, commercial, and property management clients who engage us for tree surgery, arboricultural, maintenance, inspection, or related services.
1. Who We Are
For the purposes of data protection law, Tree Surgeons Soho acts as the data controller when we determine the purposes and means of processing your personal data. This means we are responsible for ensuring that your information is handled lawfully, fairly, and transparently. We only collect and use personal data where we have a valid reason to do so and where it is necessary to provide our services, comply with legal obligations, or support legitimate business interests.
2. Information We Collect
We may collect and process a range of personal data depending on your interaction with us. This may include:
- Identity details such as your name or the name of your business or organisation.
- Contact details such as address, email address, and telephone number.
- Property details relating to the site where work is carried out, including access requirements and service preferences.
- Service and enquiry information such as quotes requested, jobs booked, notes about tree conditions, and work instructions.
- Billing and payment information where required for invoicing, account management, and record keeping.
- Communication records including correspondence by phone, email, message, or written forms.
- Technical information if you interact with our digital systems, such as basic device or usage data where applicable.
We do not intentionally collect more data than is necessary for the services we provide. If we need to process any special category data, we will only do so where there is a lawful basis and appropriate safeguards in place.
3. How We Use Personal Data
We use personal data for the following purposes:
- To respond to enquiries and provide quotations.
- To arrange site visits, schedule services, and carry out tree surgery work.
- To manage customer relationships and deliver aftercare or follow-up services.
- To issue invoices, process payments, and maintain financial records.
- To keep internal business records and service histories.
- To meet legal, safety, and regulatory requirements.
- To resolve disputes, handle complaints, or manage insurance-related matters.
- To protect our business, staff, customers, and property.
We will only use your personal data in ways that are compatible with the reasons for which it was collected, unless we reasonably believe we need to use it for another compatible purpose or where the law permits or requires us to do so.
4. Lawful Basis for Processing
Under data protection law, we must have a lawful basis for every activity involving personal data. Tree Surgeons Soho relies on the following lawful bases:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes preparing quotes, confirming bookings, completing tree surgery services, and managing invoices and payments.
Legal Obligation
We may process data where we are required to do so by law. This can include tax records, accounting requirements, health and safety obligations, and compliance with environmental or employment-related regulations.
Legitimate Interests
We may rely on legitimate interests where processing is necessary for our business operations and does not override your rights and freedoms. Examples include keeping service records, improving our operations, managing enquiries, preventing fraud, and maintaining secure and efficient business administration.
Consent
In some situations, we may ask for your consent before processing certain information. Where consent is used as the lawful basis, you have the right to withdraw it at any time. Withdrawal of consent will not affect processing carried out before it was withdrawn.
5. Data Sharing and Processors
We may share personal data with trusted third parties where necessary for the operation of our business or the delivery of our services. These third parties act as processors or independent controllers depending on the circumstances. We only share the minimum amount of information required and only where appropriate safeguards are in place.
Examples of processors and service providers may include:
- Accounting and bookkeeping providers for invoicing and financial administration.
- IT and cloud service providers that help us store and manage business data securely.
- Communication service providers that support email, messaging, or scheduling tools.
- Payment processing services used to handle transactions safely.
- Insurance providers, legal advisers, or professional consultants where required to manage claims, disputes, or compliance matters.
We require our processors to handle personal data securely, act only on our instructions where applicable, and implement appropriate technical and organisational measures to protect the data they process on our behalf.
In rare cases, we may disclose information to public authorities, regulators, courts, or law enforcement where required by law or where necessary to protect legal rights, safety, or property.
6. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, accounting, tax, and operational requirements. Retention periods may vary depending on the type of data and the nature of our relationship with you.
As a general approach:
- Customer and service records are retained for a period appropriate to the business relationship and any follow-up obligations.
- Financial and transaction records are retained for the period required by law.
- Correspondence and enquiry records are kept for as long as needed to manage the enquiry and any related issues.
- Where data is no longer required, it is securely deleted, anonymised, or otherwise disposed of in a safe manner.
We regularly review the information we hold to ensure it is not kept longer than necessary. In some cases, we may retain data for a longer period if it is needed to establish, exercise, or defend legal claims.
7. Data Security
We take appropriate technical and organisational measures to protect personal data from unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access restrictions, secure storage, staff awareness practices, and the use of trusted systems designed to protect information. While no system can be guaranteed completely secure, we make reasonable efforts to safeguard the data entrusted to us.
8. International Transfers
If any of our processors or service providers store or access data outside the UK, we will ensure that suitable safeguards are in place in accordance with applicable data protection law. These safeguards may include adequacy regulations, standard contractual clauses, or other approved transfer mechanisms.
9. Your Rights
As a data subject, you have a number of rights regarding your personal data. These rights may be subject to conditions and exceptions under the law, but we will always consider your request carefully and respond in line with applicable requirements.
- Right of access – you can request confirmation of whether we process your data and receive a copy of that data.
- Right to rectification – you can ask us to correct inaccurate or incomplete information.
- Right to erasure – you can request deletion of your data in certain circumstances.
- Right to restriction – you can ask us to limit how we use your data in specific situations.
- Right to data portability – you can request certain data in a structured, commonly used, machine-readable format where applicable.
- Right to object – you can object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent – where we rely on consent, you may withdraw it at any time.
If you believe your rights have been breached, you may also have the right to lodge a complaint with the relevant data protection authority.
10. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children unless it is incidentally provided by an adult customer in connection with a service request. Where such information is encountered, we handle it with care and only as necessary for service delivery and safety.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. Any updates will take effect when the revised version is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how their information is used.
12. Summary of Our Commitment
Tree Surgeons Soho respects the confidentiality and security of personal information. We collect only the data we need, use it for clear and lawful purposes, retain it only for as long as necessary, and share it only with trusted processors or where required by law. We recognise and support your rights under data protection law and aim to ensure that all Tree Surgeons Soho customers in area can trust us to handle their personal data responsibly and transparently.
Privacy Policy - Tree Surgeons Soho is designed to provide clear, fair, and GDPR-compliant information about how we manage personal data in the course of delivering our services.