Privacy Policy - Landscaping Spitalfields
This Privacy Policy explains how Landscaping Spitalfields collects, uses, stores, shares, and protects personal data when providing services to customers in the Spitalfields area. It applies to all Landscaping Spitalfields customers in the area, including residential and commercial clients, prospective customers, and anyone who interacts with us in connection with our landscaping services.
1. Scope of This Privacy Policy
We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy describes the main categories of information we process, the lawful bases we rely on, how long we keep data, the types of processors we may use, and the rights available to individuals whose data we process.
This policy applies to information collected through enquiries, quotations, service delivery, invoicing, communication, and any other interaction connected with Landscaping Spitalfields services.
2. Personal Data We Collect
We only collect data that is necessary for legitimate business and service purposes. The personal data we may collect includes:
- Identity details: name, title, and, where relevant, business name.
- Contact details: address, email address, telephone number, and service location.
- Service information: details of the landscaping work requested, site notes, preferences, and property access instructions.
- Financial information: billing details, payment status, and transaction records.
- Communication records: emails, messages, call notes, complaint details, and correspondence history.
- Technical information: limited website or device data if you visit a digital platform we use, such as IP address, browser type, or cookie data where applicable.
- Visual records: photographs or videos of the property or completed work where needed for quotations, project planning, quality assurance, or proof of completion.
We do not intentionally collect special category data unless it is strictly necessary and a valid legal condition applies. If such information is ever provided to us, we will process it with additional care and only when permitted by law.
3. How We Use Personal Data
We use personal data only for clear and lawful purposes, including:
- providing landscaping quotations and service estimates;
- arranging site visits, scheduling work, and managing project delivery;
- communicating with customers about appointments, updates, and service matters;
- issuing invoices, processing payments, and maintaining accounting records;
- responding to enquiries, feedback, and complaints;
- ensuring the safety, security, and quality of our services;
- meeting legal, tax, insurance, and regulatory obligations;
- preventing fraud, misuse, or unauthorised access;
- maintaining internal records and improving our service standards.
Landscaping Spitalfields will not use personal data for purposes that are incompatible with those described in this policy unless we have a lawful basis and, where required, further notice or consent.
4. Lawful Basis for Processing
We process personal data under one or more of the following lawful bases:
Contract
We process information where it is necessary to enter into or perform a contract with a customer. This includes preparing quotations, delivering landscaping services, handling payments, and managing customer requests.
Legal Obligation
We may process data where necessary to comply with legal requirements, such as tax, accounting, health and safety, record-keeping, or lawful requests from authorities.
Legitimate Interests
We may process data for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. These interests may include service improvement, business administration, record keeping, security, fraud prevention, and defending legal claims.
Consent
In limited situations, we may rely on your consent, for example for optional communications or non-essential cookies where relevant. When consent is used, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.
5. Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected, including any legal, accounting, or reporting obligations. Retention periods vary depending on the type of data and the purpose of processing.
- Customer and project records: retained for the duration of the working relationship and for a reasonable period afterwards.
- Financial and tax records: retained for the period required by applicable law.
- Communication records: retained for as long as needed to manage the customer relationship and resolve any issues.
- Photographs and site documentation: retained only as long as needed for project management, quality control, or evidence of completed work.
When personal data is no longer required, it will be securely deleted, anonymised, or archived in line with our retention practices. We do not keep data indefinitely.
6. Processors and Data Sharing
We may share personal data with trusted third-party service providers who act as data processors on our behalf. These processors are only allowed to use the data according to our instructions and must protect it appropriately.
Examples of processors may include:
- Accounting and bookkeeping providers for financial administration;
- Payment service providers for processing transactions;
- IT and cloud storage providers for secure data hosting and backup;
- Communication tools used to manage emails, bookings, or customer service;
- Professional advisers such as insurers, legal advisers, or auditors where necessary;
- Waste removal or subcontracted service providers where a project requires additional operational support.
We may also disclose data where required by law, to respond to lawful requests, to protect our legal rights, or to prevent harm, fraud, or security incidents. We do not sell personal data.
7. International Transfers
If any processor stores or processes data outside the United Kingdom, we will take appropriate safeguards to protect your information. These safeguards may include adequacy regulations, standard contractual clauses, or equivalent legal mechanisms where required.
8. Data Security
We use appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, password protection, staff confidentiality obligations, and limited access to sensitive records.
Although no system can be guaranteed as completely secure, we take data protection seriously and regularly review our procedures to reduce risks.
9. Your Rights
Under data protection law, you have a number of rights regarding your personal data. Subject to legal limits and exemptions, these may include:
- Right of access: to request a copy of the personal data we hold about you.
- Right to rectification: to request correction of inaccurate or incomplete data.
- Right to erasure: to ask us to delete personal data in certain circumstances.
- Right to restrict processing: to ask us to limit how we use your data in specific situations.
- Right to data portability: to receive certain data in a structured, commonly used format.
- Right to object: to object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent: where we rely on consent, you may withdraw it at any time.
You also have the right to raise a concern with the UK Information Commissioner’s Office if you believe your rights have been infringed. We encourage you to contact us first so we can address any issue promptly and fairly.
10. Children’s Data
Our services are directed to adults and business customers. We do not knowingly collect personal data from children except where it is incidentally included in property or household records and only where necessary for service delivery and legal compliance.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in law, business practices, or service arrangements. Any revised version will apply from the date it is issued. We encourage customers to review this policy periodically to stay informed about how we protect personal data.
12. Summary of Our Commitment
Landscaping Spitalfields is committed to handling personal data responsibly, securely, and in line with GDPR principles of lawfulness, fairness, transparency, data minimisation, accuracy, storage limitation, integrity, and confidentiality. We process only what is necessary to provide landscaping services, meet our legal duties, and maintain a professional relationship with our customers in the Spitalfields area.
By using our services, you acknowledge that this Privacy Policy applies to your personal data as a Landscaping Spitalfields customer in the area.