Privacy Policy - Landscaping Carshalton
This Privacy Policy explains how Landscaping Carshalton collects, uses, stores, shares, and protects personal data relating to our customers, prospective customers, suppliers, and website users within the Carshalton area. It applies to all Landscaping Carshalton customers in area and is designed to meet the requirements of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
We are committed to handling personal information lawfully, fairly, and transparently. This policy sets out what data we collect, the reasons we collect it, the lawful bases we rely on, how long we keep it, the third parties that may process it on our behalf, and the rights available to individuals under data protection law.
1. Data We Collect
We only collect personal data that is relevant and necessary for providing landscaping services, managing customer relationships, and fulfilling legal obligations. Depending on your interaction with us, we may collect the following categories of information:
- Identity information: name, title, and any other information needed to identify you.
- Contact information: postal address, email address, and telephone number.
- Service information: details about your garden, outdoor space, project requirements, preferred materials, design preferences, and notes about site access or service instructions.
- Transaction information: records of quotes, invoices, payments, and services purchased.
- Communication records: correspondence by phone, email, forms, or messages, including any complaints or service feedback.
- Technical data: if you visit any digital platform used by Landscaping Carshalton, we may collect device information, browser type, and basic usage data.
- Special category data: we do not normally seek to collect sensitive personal data. If such information is shared with us unintentionally, we will handle it with additional care and only where a valid legal condition applies.
We do not intentionally collect more data than is necessary for the provision and management of our services. Where possible, we limit data collection to what is adequate, relevant, and proportionate.
2. How We Use Personal Data
We use personal data to operate our business effectively and to provide landscaping services to customers in Carshalton and the surrounding area. Our processing activities may include:
- responding to enquiries and preparing quotations;
- arranging site visits, consultations, and scheduled work;
- delivering landscaping services and managing ongoing projects;
- issuing invoices, processing payments, and maintaining accounting records;
- communicating about service updates, changes, or issues;
- handling complaints, warranty issues, and customer support;
- meeting tax, legal, and regulatory requirements;
- improving our services, record-keeping, and operational planning;
- protecting our business, staff, and customers from fraud or misuse.
We will only use your personal information in ways that are compatible with the original purpose for which it was collected, unless we have a lawful basis to do otherwise.
3. Lawful Basis for Processing
Under UK GDPR, we must have a valid lawful basis before processing personal data. Landscaping Carshalton relies on the following lawful bases:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes preparing quotes, arranging services, carrying out landscaping work, and handling payments.
Legal Obligation
We may process certain data to comply with legal and regulatory obligations, such as tax record-keeping, accounting requirements, and obligations relating to dispute resolution or consumer protection.
Legitimate Interests
We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include managing customer relationships, improving our services, maintaining internal records, preventing fraud, and protecting the security of our operations.
Consent
In some cases, we may rely on your consent, particularly for optional communications or certain forms of electronic marketing where required. Where consent is used, it will be freely given, specific, informed, and unambiguous. You may withdraw consent at any time.
4. Sharing and Processors
We may share personal data with trusted third-party service providers who act as processors on our behalf. These processors only handle data according to our instructions and for the purposes set out in this policy. They are required to keep data secure and to comply with data protection law.
Examples of processors may include:
- Payment service providers for processing card or electronic payments;
- Accounting and bookkeeping providers for financial administration and record-keeping;
- IT and cloud storage providers for secure hosting, data storage, and backup services;
- Communication service providers for email, telephone, or messaging functions;
- Scheduling or administration tools used to organise appointments and customer records;
- Professional advisers such as accountants, insurers, or legal advisers where necessary.
We may also disclose personal data where required by law, court order, or request from a lawful authority. Where possible, we will ensure any sharing is limited to the minimum necessary information.
5. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting obligations. Retention periods depend on the type of information and the purpose for which it is held.
- Customer and project records are generally retained for the duration of the service relationship and for a reasonable period afterwards.
- Financial records, including invoices and payment information, are retained in line with statutory accounting and tax requirements.
- Correspondence and complaint records may be kept for as long as needed to resolve disputes and maintain evidence of communications.
- Marketing preferences are retained until you withdraw consent or object, where applicable.
When personal data is no longer required, we will take appropriate steps to delete, anonymise, or securely archive it. We do not keep data indefinitely unless there is a valid legal reason to do so.
6. Security of Personal Data
We use reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or alteration. These measures may include access controls, secure storage, staff confidentiality obligations, and routine review of data handling practices.
While no system can be guaranteed to be completely secure, we take data protection seriously and work to reduce risk wherever personal information is stored or processed.
7. Your Rights
Under data protection law, individuals have a number of rights in relation to their personal data. These rights may apply in full or in part depending on the circumstances and legal basis for processing.
- Right of access: you may request confirmation of whether we process your data and obtain a copy of it.
- Right to rectification: you may ask us to correct inaccurate or incomplete data.
- Right to erasure: in some cases, you may request deletion of your data.
- Right to restriction: you may ask us to limit how we use your data in certain situations.
- Right to object: you may object to processing based on legitimate interests or direct marketing.
- Right to data portability: where applicable, you may request a copy of data you provided to us in a structured format.
- Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.
If you wish to exercise any of these rights, we will assess your request in line with applicable law. We may need to verify your identity before responding. In some cases, legal exemptions may limit the extent of the rights available.
8. International Transfers
Where personal data is transferred outside the UK, we will ensure appropriate safeguards are in place to protect it. This may include the use of approved contractual clauses or transfers to countries recognised as providing adequate protection.
9. Children’s Data
Our landscaping services are intended for adults and property holders. We do not knowingly collect personal data from children except where it is incidental to a legitimate service arrangement and only to the extent necessary.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. Any revised version will apply from the date it is published or otherwise communicated.
By continuing to use Landscaping Carshalton services, you acknowledge that your personal data will be processed in accordance with the version of the policy that is current at the relevant time.
11. Summary of Our Commitment
Landscaping Carshalton is committed to respecting privacy and protecting personal information. We collect only the data we need, use it for clear and lawful purposes, retain it only as long as necessary, and share it only with trusted processors or where required by law. We also recognise and support your rights under UK GDPR and will respond to requests in a fair and timely manner.
This policy applies to all Landscaping Carshalton customers in area.