Privacy Policy - Tree Surgeons Elephantandcastle

This Privacy Policy explains how Tree Surgeons Elephantandcastle collects, uses, stores, shares, and protects personal data when providing tree surgery, arboricultural, and related outdoor services. It applies to all Tree Surgeons Elephantandcastle customers in area, including individuals, landlords, tenants, property managers, businesses, and public or private organisations that request our services.

We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws. We only collect and use personal data where we have a valid reason to do so, and we aim to be transparent about how and why information is processed.

1. Information We Collect

We may collect personal data directly from you, from your authorised representatives, or from third parties where lawful and appropriate. The categories of information we may collect include:

  • Identity details: name, title, and business or property ownership details.
  • Contact details: postal address, email address, and telephone number.
  • Service information: details of the work requested, site access notes, property details, and service preferences.
  • Billing and payment information: invoice details, payment records, and transaction status.
  • Communications: records of enquiries, messages, complaints, feedback, and any consent or preference choices.
  • Technical and usage data: basic information collected through website interactions, device identifiers, and cookies where applicable.
  • Site records: photographs, inspection notes, and arboricultural assessments relevant to the services provided.

We do not knowingly collect more personal data than is necessary for the purpose concerned. In some cases, we may also process special category data only where required by law or where it is incidentally included in records relevant to a service request, for example where health and safety matters must be documented. Such data is handled with additional care and only where a lawful basis exists.

2. How We Use Personal Data

Tree Surgeons Elephantandcastle uses personal data for the following purposes:

  • to respond to enquiries and provide quotations;
  • to arrange site visits, carry out tree surgery, and manage works safely;
  • to administer contracts, invoices, and payments;
  • to maintain records of services delivered;
  • to meet legal, regulatory, insurance, and health and safety obligations;
  • to manage complaints, disputes, and customer support requests;
  • to improve our services, scheduling, and operational efficiency;
  • to protect our legitimate business interests, property, staff, and customers;
  • to send service-related communications and administrative updates.

Where we use photographs or site notes, this is typically for quotation, record-keeping, quality control, or evidence of completed works. We will not use your personal data for unrelated purposes unless we are permitted or required to do so by law.

3. Lawful Basis for Processing

We only process personal data where the law allows us to do so. Depending on the context, our lawful bases may include:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, such as providing quotations, carrying out agreed tree surgery, issuing invoices, and managing customer accounts.

Legal Obligation

We may process personal data to comply with legal duties, including tax, accounting, employment, safety, and record-keeping requirements.

Legitimate Interests

We may rely on legitimate interests where processing is necessary for the efficient operation of our business and where our interests are not overridden by your rights and freedoms. This may include managing enquiries, improving services, preventing fraud, and defending legal claims.

Consent

In limited cases, we may rely on your consent, for example for certain types of optional communications or non-essential cookies. Where consent is used, you may withdraw it at any time.

Vital Interests

In rare situations, we may process personal data where necessary to protect someone’s life or safety, such as during an emergency on site.

4. Sharing Your Data and Processors

We may share personal data with carefully selected third parties that help us deliver our services. These organisations act as data processors or independent controllers depending on the service they provide. Processors may include:

  • IT and hosting providers: to store data securely, manage systems, and support communications.
  • Accounting and bookkeeping providers: to process invoices, payments, and financial records.
  • Payment service providers: to handle card or bank transactions.
  • Insurance providers and professional advisers: where required for claims, risk management, or legal advice.
  • Waste disposal or subcontracted service providers: where needed to complete agreed works safely and lawfully.
  • Regulatory bodies, public authorities, or law enforcement: where we are required to do so by law.

We require processors to protect personal data and to use it only for the purposes instructed by us. We do not sell personal data. If data is transferred outside the UK, we will ensure appropriate safeguards are in place in accordance with data protection law.

5. Data Retention

We keep personal data only for as long as necessary to fulfil the purpose for which it was collected, including for legal, accounting, insurance, and reporting requirements. Retention periods depend on the type of information and the reason for processing.

  • Quotation and enquiry records may be retained for a reasonable period to allow follow-up or evidence of communications.
  • Customer and contract records are typically retained for the duration of the relationship and for a further period where needed for legal or tax purposes.
  • Invoices, payment records, and accounting data are retained in line with statutory obligations.
  • Health and safety records, site assessments, and incident logs may be retained longer where required by law or insurance.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

6. Data Security

We take appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and regular review of our data handling practices. While no system can be guaranteed completely secure, we work to maintain a level of protection appropriate to the nature of the data and the risks involved.

7. Your Rights

Under data protection law, you may have the following rights regarding your personal data:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete information.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restrict processing: to ask us to limit how your data is used in certain situations.
  • Right to data portability: to receive certain data in a structured, commonly used format.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

Please note that these rights are not absolute and may be subject to legal or contractual limits. If you exercise a right, we may need to retain certain information where required by law or to defend our legitimate interests.

8. Cookies and Website Data

If we use a website or online enquiry tools, we may collect limited technical data through cookies or similar technologies. These may help with functionality, security, analytics, and preference management. Where required, we will obtain consent for non-essential cookies and allow you to manage your preferences.

9. Children’s Data

Our services are directed to adults and organisations rather than children. We do not intentionally collect personal data from children. If we become aware that such data has been collected without proper authorisation, we will take appropriate steps to delete it or handle it lawfully.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or service changes. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how personal data is handled.

11. Our Commitment to Fair Processing

Tree Surgeons Elephantandcastle is committed to processing personal data fairly, lawfully, and transparently. We only use information where it is necessary, relevant, and proportionate to the service provided. We also aim to keep records accurate, limit access to those who need it, and respect your privacy at every stage of our work.

By engaging Tree Surgeons Elephantandcastle, you acknowledge that personal data may be processed as described in this Privacy Policy for the purpose of delivering services, managing our business, and meeting our legal obligations.

Tree Surgeons Elephantandcastle

GDPR-compliant Privacy Policy for Tree Surgeons Elephantandcastle covering data collection, lawful basis, retention, processors, and user rights for all area customers.

Call Now!
Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.