Privacy Policy - Tree Surgeons Heston

This Privacy Policy explains how Tree Surgeons Heston collects, uses, stores, shares, and protects personal data. It applies to all Tree Surgeons Heston customers in the area, including individuals who enquire about our services, request quotations, book tree surgery work, or otherwise interact with us in connection with our services.

We are committed to handling personal information lawfully, fairly, and transparently in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We respect your privacy and aim to keep any personal data we hold accurate, secure, and only as long as necessary.

1. Information We Collect

We may collect and process the following categories of personal data depending on how you interact with us:

  • Identity details: name, title, and any other information needed to identify you.
  • Contact details: address, email address, telephone number, and preferred method of communication.
  • Service-related information: details of the work requested, property information, access requirements, site notes, and records of instructions.
  • Transaction information: billing details, payment status, invoice records, and service history.
  • Communication records: emails, messages, call notes, complaints, feedback, and correspondence.
  • Technical and usage data: if you interact with our digital systems, we may collect limited technical data such as device information or log data where necessary for security and functionality.
  • Legal and compliance information: records required for tax, accounting, insurance, or regulatory purposes.

We generally collect personal data directly from you, for example when you make an enquiry, request a quote, or use our services. In some cases, information may be provided by third parties acting on your behalf, such as a landlord, property manager, insurer, or another person arranging work at your property.

2. How We Use Your Data

We use personal data only for legitimate and clearly defined purposes, including:

  • responding to enquiries and providing quotations;
  • arranging visits, carrying out tree surgery services, and managing bookings;
  • communicating with you about the services requested;
  • issuing invoices, processing payments, and maintaining financial records;
  • handling complaints, queries, or requests for further information;
  • meeting legal, tax, insurance, and regulatory obligations;
  • improving our services, internal administration, and record keeping;
  • protecting against fraud, misuse, or security incidents.

We only process personal data to the extent necessary to deliver our services and comply with applicable legal requirements. We do not use your personal data for purposes that are incompatible with the original reason it was collected.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each activity involving personal data. The main lawful bases we rely on are set out below:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes providing quotations, confirming bookings, completing work, and managing payment and service records.

Legal Obligation

Some information must be retained and processed to comply with legal obligations, such as accounting rules, tax requirements, health and safety duties, and record-keeping responsibilities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate business interests, provided that these interests do not override your rights and freedoms. Examples include managing customer relationships, improving services, maintaining security, and keeping accurate internal records.

Consent

In limited situations, we may rely on your consent. Where consent is used, you may withdraw it at any time, and we will stop the relevant processing unless another lawful basis applies.

4. Sharing Your Personal Data

We may share personal data with trusted third parties where necessary for the operation of our business and the delivery of our services. These third parties act as processors or independent controllers, depending on the nature of the arrangement.

Examples of processors or service providers may include:

  • IT and hosting providers;
  • administrative and record-management services;
  • payment processing or accounting services;
  • communication and scheduling tools;
  • professional advisers such as accountants, insurers, or legal advisers;
  • subcontractors involved in delivering specific services where required.

Where processors handle personal data on our behalf, they are required to act only under our instructions and to protect data appropriately. We do not sell personal data. We may also disclose personal information where required by law, court order, or to protect our rights, property, staff, customers, or the public.

We ensure that any third party handling your data does so in a manner consistent with data protection law and appropriate security standards.

5. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, and reporting requirements. Retention periods vary depending on the type of information and the reason it is held.

In general:

  • customer and service records are retained for the duration of the working relationship and for a reasonable period afterwards;
  • financial and tax-related records are retained for the period required by law;
  • correspondence and complaint records may be retained for a period needed to resolve disputes and maintain service history;
  • technical logs and security-related data are retained only as long as needed for operational and protection purposes.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you. Retention is reviewed regularly to ensure data is not kept longer than necessary.

6. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and regular review of internal processes.

Although no system can be guaranteed completely secure, we take reasonable steps to reduce risks and safeguard the information we hold.

7. Your Rights

As a data subject under UK GDPR, you have several rights in relation to your personal data. These may include:

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete information.
  • Right to erasure: in certain circumstances, you may request deletion of your personal data.
  • Right to restrict processing: you may ask us to limit how we use your data in certain situations.
  • Right to object: you may object to processing based on legitimate interests or direct marketing, where applicable.
  • Right to data portability: in some cases, you may request transfer of your data to you or another provider.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

These rights are not absolute and may be subject to legal or contractual limitations. We will respond to requests in accordance with applicable data protection law. If you wish to exercise any of your rights, we will take reasonable steps to verify your identity before responding.

8. International Transfers

Where personal data is transferred outside the United Kingdom, we will ensure appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or equivalent legal protections. Any such transfer will only take place where it is lawful and necessary for the service being provided.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data handling practices. Any revised version will apply from the date it is published. We encourage you to review this policy periodically to stay informed about how we protect your information.

10. Summary of Our Commitments

Tree Surgeons Heston is committed to processing personal data responsibly, securely, and in line with UK GDPR principles. We collect only what we need, use it for clear and lawful purposes, keep it only for as long as necessary, and respect your rights as an individual.

This policy applies to all Tree Surgeons Heston customers in area and is intended to provide a clear explanation of how personal data is handled throughout the course of our services.

Tree Surgeons Heston

GDPR-compliant Privacy Policy for Tree Surgeons Heston covering data collection, lawful basis, retention, processors, user rights, and area-wide customer applicability.

Call Now!
Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.