Gardeners Leytonstone Privacy Policy

This Privacy Policy explains how Gardeners Leytonstone collects, uses, stores and protects personal data relating to customers and prospective customers in the local area. It also explains your rights under the UK General Data Protection Regulation and related data protection laws. By using our gardening and related services, you acknowledge that you have read and understood this Privacy Policy.

Scope of this Privacy Policy

This Privacy Policy applies to all Gardeners Leytonstone customers and prospective customers located in our service area who contact us, request a quote, make a booking, enter into a contract for services, or otherwise interact with us in connection with our gardening and related services.

Data Controller

For the purposes of applicable data protection laws, Gardeners Leytonstone is the data controller in respect of the personal data described in this Privacy Policy. This means we determine the purposes and means of processing your personal data.

Personal Data We Collect

We may collect and process the following categories of personal data when you interact with us or use our services:

Identification and contact details: name, address, billing address, service address, and other basic contact details you provide so that we can communicate with you and deliver our services.

Communication data: information contained in emails or other messages you send to us, notes of conversations, enquiries, complaints and feedback.

Service and contract data: details of the gardening or related services you request or receive, information about your property necessary for providing services, records of appointments, work carried out, quotations, invoices and payment records.

Billing and payment data: limited payment-related information such as payment method, transaction dates and amounts. We do not store full card details if card payments are processed by a third-party payment processor.

Technical and usage data: basic technical information that may be collected when you visit our website or interact with our digital channels, such as IP address, device information, and general browsing behaviour, where this is necessary for the secure and effective operation of our services.

How We Collect Your Data

We collect personal data directly from you when you contact us by telephone, in writing or online, request a quote, make a booking, enter into a contract with us, or provide feedback.

We may also receive personal data from third parties where this is necessary to provide our services, such as referrals from existing customers or business partners, or data from payment processors confirming that a payment has been made.

Lawful Basis for Processing

We process your personal data only where we have a lawful basis under data protection law. Depending on the context, we may rely on one or more of the following:

Contract: processing is necessary to enter into a contract with you or to perform a contract for gardening services or related services, including taking steps at your request before entering into a contract.

Legal obligation: processing is necessary for us to comply with legal obligations, including tax, accounting and reporting requirements, and obligations relating to health and safety.

Legitimate interests: processing is necessary for our legitimate business interests or those of a third party, provided your interests and fundamental rights do not override those interests. This includes managing and developing our business, maintaining records, responding to enquiries, and improving our services.

Consent: in limited circumstances we may rely on your consent, for example where we send certain types of marketing communications and consent is required. You may withdraw your consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

How We Use Your Personal Data

We use your personal data for the following purposes:

To provide and manage our services: including handling enquiries, providing quotations, scheduling and performing gardening work, and managing customer relationships.

To communicate with you: including confirming appointments, updating you on work progress, responding to your questions, and addressing complaints and feedback.

To manage our business operations: including record keeping, billing, payment processing, accounting, auditing, and managing risk and quality.

To comply with legal and regulatory obligations: including tax, financial reporting, and responding to requests from competent authorities where we are required to do so.

To improve our services: including reviewing customer feedback and usage patterns to maintain and improve the quality, safety and efficiency of our services.

To send marketing communications: where permitted by law and, where required, with your consent, we may contact you about services we believe may be of interest to you. You can opt out of marketing communications at any time.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, and to meet legal, accounting or reporting requirements.

In general, we keep customer records for the duration of our relationship with you and for a reasonable period afterwards, typically up to six years, to comply with legal obligations, resolve disputes and enforce our agreements. In some cases we may need to retain data for longer where required by law or where necessary in relation to legal claims.

When personal data is no longer required for the purposes for which it was collected, we will securely delete or anonymise it.

Data Processors and Third Parties

We may share your personal data with trusted third-party service providers that act as data processors on our behalf. These may include:

IT and hosting providers that support our systems and data storage.

Payment processors that handle payments and transactions.

Professional advisers such as accountants or legal advisers where necessary.

These processors are only permitted to process your personal data in accordance with our instructions and are required to implement appropriate technical and organisational measures to protect your data.

We may also disclose personal data to other third parties where required by law, to protect our rights or the rights of others, or in connection with a business reorganisation, provided any such disclosure is carried out in accordance with data protection law.

International Transfers

Where any of our service providers or their facilities are located outside the United Kingdom, we will ensure that appropriate safeguards are in place so that your personal data remains adequately protected in accordance with applicable data protection laws. This may include the use of standard contractual clauses or reliance on other lawful transfer mechanisms.

Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction or damage. These measures include restricting access to personal data to those who need it for legitimate business purposes and ensuring that our staff and contractors understand the importance of maintaining the confidentiality and security of your information.

Your Data Protection Rights

You have a number of rights with respect to your personal data, subject to certain conditions and exceptions in data protection law:

Right of access: you can request confirmation of whether we process your personal data and obtain a copy of that data.

Right to rectification: you can ask us to correct or complete any inaccurate or incomplete personal data we hold about you.

Right to erasure: you can ask us to delete your personal data in certain circumstances, for example where it is no longer necessary for the purposes for which it was collected or you have withdrawn consent.

Right to restriction: you can request that we restrict the processing of your personal data in certain circumstances, such as while we verify its accuracy or assess an objection.

Right to object: you can object to our processing of your personal data where we rely on legitimate interests, including for direct marketing purposes. We will stop processing unless we have compelling legitimate grounds that override your interests, rights and freedoms, or where processing is required for legal claims.

Right to data portability: where processing is based on consent or contract and carried out by automated means, you may request to receive your personal data in a structured, commonly used and machine-readable format and to have it transmitted to another controller where technically feasible.

Right to withdraw consent: where we rely on your consent to process personal data, you can withdraw that consent at any time. This will not affect processing that has already taken place.

Exercising Your Rights and Complaints

If you wish to exercise any of your rights or have questions about how we handle your personal data, you can contact us using the contact channels you normally use for communicating with Gardeners Leytonstone. We will respond to your request in accordance with applicable data protection laws.

You also have the right to lodge a complaint with the relevant data protection supervisory authority if you are concerned about the way we handle your personal data. We would, however, appreciate the opportunity to address your concerns directly in the first instance.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or other factors. Any updates will be made available to customers in our service area, and the updated policy will apply from the date it is made available. We encourage you to review this Privacy Policy periodically to stay informed about how we process your personal data.