Privacy Policy - Tree Surgeons Penge

This Privacy Policy explains how Tree Surgeons Penge collects, uses, stores, shares, and protects personal data. It applies to all Tree Surgeons Penge customers in the area, including prospective clients, existing customers, suppliers, and website visitors who interact with us for our arboricultural services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By engaging our services, requesting a quotation, or communicating with us, you acknowledge that your personal data may be processed as described in this policy. We encourage you to read this policy carefully so you understand how your information is used and what rights you have.

1. Data We Collect

We collect only the data necessary to provide our services and manage our business responsibly. The types of personal data we may collect include:

  • Identity data: your name, title, and, where relevant, business name.
  • Contact data: your address, email address, telephone number, and any other contact details you provide.
  • Service data: details of the work requested, site information, property access notes, photographs, survey findings, quotations, invoices, and job records.
  • Communication data: messages, emails, call notes, complaint records, and correspondence relating to enquiries or service delivery.
  • Payment data: payment status, transaction references, and billing records. We do not intentionally store full card details unless required through a secure payment provider.
  • Technical data: basic usage data if you interact with our digital systems, such as IP address, browser type, and device information, where relevant to security or functionality.
  • Safety and site data: risk assessments, access information, and health and safety records required to deliver tree surgery services safely.

We do not seek to collect special category data unless it is necessary and you have provided it, for example where it is relevant to access needs, safety considerations, or a legal obligation. Where such data is processed, we do so with appropriate safeguards and only where a lawful condition applies.

2. How We Use Personal Data

We use personal data for the following purposes:

  • to respond to enquiries and provide quotations;
  • to assess jobs, carry out surveys, and plan tree surgery work;
  • to schedule services, manage bookings, and complete work safely;
  • to communicate about appointments, access arrangements, and job updates;
  • to issue invoices, process payments, and manage accounts;
  • to maintain records of completed work, warranties, and service history;
  • to manage complaints, disputes, insurance matters, and legal claims;
  • to comply with health and safety duties, tax rules, and other legal obligations;
  • to improve our service quality, administration, and customer experience;
  • to protect our business, staff, customers, and property from fraud or misuse.

We will only use your personal data for the purpose for which it was collected, unless we reasonably consider that we need to use it for a compatible purpose or another purpose that is permitted by law.

3. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for every processing activity. The lawful bases we rely on are:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes preparing quotations, arranging work, delivering tree surgery services, and handling related billing and administration.

Legal Obligation

We may process personal data where required to comply with legal obligations, such as record keeping, tax and accounting duties, health and safety requirements, and responding to lawful requests from authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include managing customer records, improving services, preventing fraud, ensuring site safety, and protecting our business interests. We always consider whether the impact on your privacy is proportionate.

Consent

In limited circumstances, we may rely on your consent, for example where you have asked us to use certain information for a specific purpose beyond the scope of our contractual relationship. Where consent is used, you may withdraw it at any time.

Vital Interests

In exceptional cases, we may process information where it is necessary to protect someone’s vital interests, such as in an emergency relating to health or safety.

4. Sharing and Processors

We may share personal data with trusted third parties who act as processors or independent controllers, but only when necessary and appropriate. These may include:

  • accountants and payroll providers;
  • payment service providers;
  • IT support, cloud storage, and software providers;
  • surveying, waste removal, or subcontracted service providers where relevant to a job;
  • insurers, legal advisers, and claims handlers;
  • regulators, local authorities, law enforcement, or courts where required by law.

When a third party processes data on our behalf, we require them to protect it appropriately and to use it only in accordance with our instructions and applicable law. We do not sell personal data.

Where data is transferred outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations or approved contractual protections, so that your personal data remains protected.

5. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods depend on the nature of the data and the reason for processing.

  • Customer and contract records: typically retained for up to 6 years after the end of the business relationship, to manage claims, warranties, and accounting obligations.
  • Invoices and financial records: retained in line with tax and accounting rules, usually for at least 6 years.
  • Quotations and enquiries not resulting in work: retained for a reasonable period to manage follow-up and administration, then securely deleted.
  • Health and safety records: retained for as long as necessary under applicable safety and insurance requirements.
  • Complaint and dispute records: retained until the matter is resolved and for an appropriate period afterwards.

When data is no longer needed, we will securely delete, anonymise, or archive it in accordance with our retention practices.

6. Your Rights

Under data protection law, you have rights in relation to your personal data. Subject to legal limits and exemptions, these rights include:

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete information.
  • Right to erasure: you may ask us to delete your data in certain circumstances.
  • Right to restriction: you may ask us to limit how we use your data in certain situations.
  • Right to data portability: you may request that certain information be provided to you or another organisation in a structured format, where applicable.
  • Right to object: you may object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent, you can withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed. We would, however, appreciate the chance to address your concerns first so we can resolve matters promptly and fairly.

7. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures include access controls, secure storage practices, staff awareness, and careful handling of records. While no system can be guaranteed completely secure, we take data security seriously and regularly review our safeguards.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any updated version will apply from the date it is published or communicated. We recommend reviewing this policy periodically to stay informed about how we protect your information.

9. Summary of Key Points

Tree Surgeons Penge collects only the data needed to provide tree surgery services, manage customer relationships, meet legal obligations, and protect our business. We process personal data on lawful bases including contract, legal obligation, legitimate interests, consent, and, in rare cases, vital interests. We retain records only as long as necessary, share data only with trusted processors or where required by law, and respect your rights under UK GDPR.

By using our services, all Tree Surgeons Penge customers in the area are covered by this Privacy Policy. We are committed to keeping your information secure, using it responsibly, and ensuring that our data handling remains fair, transparent, and lawful.

Tree Surgeons Penge

GDPR-compliant Privacy Policy for Tree Surgeons Penge covering data collection, lawful basis, retention, processors, and user rights.

Call Now!
Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.