Privacy Policy - Tree Surgeons Spitalfields

This Privacy Policy explains how Tree Surgeons Spitalfields collects, uses, stores, shares, and protects personal data in connection with our tree surgery, arboricultural, and related services. It applies to all Tree Surgeons Spitalfields customers in the area, including individuals, landlords, business clients, property managers, and other people who use or enquire about our services. We are committed to handling personal data lawfully, fairly, and transparently in accordance with the UK GDPR and the Data Protection Act 2018.

By engaging our services, making an enquiry, or otherwise interacting with us, you acknowledge that we may process your personal data as described in this policy. We aim to collect only the information necessary to deliver services safely, efficiently, and responsibly.

1. Personal Data We Collect

We may collect and process different categories of personal data depending on how you interact with us. The types of data we collect may include:

  • Identity details such as your name, title, and company name if applicable.
  • Contact details such as address, telephone number, and email address.
  • Property and service details such as site location, access information, photographs, tree locations, service instructions, and relevant job notes.
  • Payment and billing information such as payment status, invoice details, and transaction records.
  • Communication records including emails, phone notes, quotations, complaints, and service updates.
  • Technical information when you interact with digital systems, including IP address, browser type, and device information where relevant.
  • Health and safety information where necessary for risk assessment, site access, or emergency planning.

We generally do not seek to collect special category data unless it is necessary and lawful to do so. If such information is provided to us, for example to support access arrangements or safety considerations, we will handle it with appropriate care and legal safeguards.

2. How We Use Personal Data

We use personal data for specific and legitimate purposes connected to our services. These purposes include:

  • Providing quotations, scheduling visits, and delivering tree surgery services.
  • Assessing site conditions, job requirements, and health and safety risks.
  • Managing customer relationships and responding to enquiries.
  • Preparing invoices, processing payments, and maintaining financial records.
  • Keeping records of services carried out, including before-and-after images where relevant.
  • Meeting legal, regulatory, insurance, and tax obligations.
  • Handling complaints, disputes, and service follow-up.
  • Improving our operations, service quality, and customer experience.

We will not use your personal data in ways that are incompatible with the original purpose for which it was collected unless we have a lawful basis to do so.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each use of personal data. Depending on the context, we may rely on one or more of the following bases:

Contract

We process personal data when it is necessary to perform a contract with you or to take steps before entering into a contract. This includes preparing quotations, arranging work, and carrying out services you have requested.

Legal Obligation

We may process information where necessary to comply with legal duties, such as tax, accounting, insurance, workplace safety, and record-keeping requirements.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights and freedoms. Examples include managing our business, communicating about services, preventing fraud, and maintaining service records.

Consent

In limited situations, we may rely on your consent, for example where it is appropriate to use certain optional communication methods or additional data that are not necessary for our contract or legal obligations. Where consent is used, you can withdraw it at any time.

4. Data Sharing and Processors

We may share personal data with trusted third parties who help us operate our business. These organisations act as processors or independent controllers depending on the service they provide. We only share the minimum data necessary for the task in question and ensure appropriate safeguards are in place.

Examples of processors and service providers may include:

  • IT and cloud service providers that store or support business records.
  • Accounting and bookkeeping providers that assist with invoices and financial administration.
  • Payment service providers that process transactions securely.
  • Communication and email providers that help us exchange messages.
  • Work scheduling or customer management tools used to organise jobs and maintain records.
  • Professional advisers such as insurers, legal advisers, or auditors where necessary.

We may also disclose personal data where required by law, for example to regulatory bodies, law enforcement agencies, courts, or other public authorities. In any case where data is transferred to a third party, we expect them to process it securely and in line with data protection requirements.

5. Retention of Personal Data

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, tax, and insurance needs. Retention periods depend on the type of data and the purpose of processing.

Typical retention considerations include:

  • Customer and service records are retained for as long as needed to manage the relationship and provide evidence of work completed.
  • Financial and transaction records are retained for the period required by tax and accounting law.
  • Health and safety records are retained where needed to demonstrate compliance and manage risk.
  • Communication records may be kept to resolve disputes, confirm instructions, or support future service requests.

When personal data is no longer required, we will securely delete, anonymise, or archive it in line with our retention practices and legal obligations.

6. Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, limited staff access, and review of third-party service arrangements. While no system can be guaranteed to be completely secure, we work to reduce risks and to respond appropriately if a security incident occurs.

7. Your Rights

Under data protection law, you have a number of rights regarding your personal data. Subject to certain conditions and exemptions, these rights may include:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete information.
  • Right to erasure – to request deletion of your data where there is no lawful reason for us to keep it.
  • Right to restriction – to ask us to limit how we use your data in certain circumstances.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to data portability – to request transfer of certain information to you or another provider in a structured format.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

You also have the right to complain to the relevant data protection authority if you believe your rights have been infringed. We encourage you to raise any concerns with us first so we can try to address them promptly and fairly.

8. Children’s Data

Our services are directed to adults and organisations rather than children. We do not knowingly collect personal data from children unless it is necessary in exceptional circumstances and lawful to do so, such as where it appears in site access instructions or property-related communications. If we become aware that we have collected data inappropriately, we will take steps to delete it where required.

9. International Transfers

Where any of our processors or service providers store or process data outside the United Kingdom, we will take steps to ensure that appropriate safeguards are in place. These may include adequacy regulations, contractual protections, or other recognised transfer mechanisms designed to protect personal data to a standard consistent with UK requirements.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our operations, or the services we provide. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how we protect personal data.

11. Summary of Key Principles

In summary, Tree Surgeons Spitalfields processes personal data fairly, securely, and only for legitimate purposes. We collect information needed to provide safe and effective services, rely on appropriate lawful bases, retain records only as long as necessary, use trusted processors under suitable safeguards, and respect your rights under data protection law.

This Privacy Policy applies to all Tree Surgeons Spitalfields customers in area. We are committed to maintaining trust, protecting privacy, and handling personal information responsibly in every stage of our service delivery.

Last updated: This policy should be reviewed and updated as needed to remain compliant with applicable data protection laws and business practices.

Tree Surgeons Spitalfields

GDPR-compliant privacy policy for Tree Surgeons Spitalfields covering data collection, lawful basis, retention, processors, user rights, and local customer applicability.

Call Now!
Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.