Privacy Policy - Landscaping Bromley
This Privacy Policy explains how Landscaping Bromley collects, uses, stores, shares, and protects personal data when providing services to customers in the Bromley area. It applies to all Landscaping Bromley customers in the area, including prospective customers, active customers, and individuals who enquire about our services. We are committed to processing personal information fairly, lawfully, and transparently in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Introduction
We respect your privacy and take data protection seriously. This policy sets out what personal data we collect, why we collect it, the lawful basis we rely on, how long we keep it, who may process it on our behalf, and the rights you have in relation to your data. By using our services or providing us with your information, you acknowledge that your data will be handled in line with this policy.
2. Personal Data We Collect
We may collect and process different types of personal data depending on how you interact with us. The information we collect is limited to what is necessary for the purpose of providing landscaping services and managing our business responsibly.
Information you provide directly
- Identity details such as your name.
- Contact details such as your address, telephone number, and email address.
- Service information including details of the landscaping work requested, site access notes, preferences, and instructions.
- Billing and payment information where necessary for invoicing and payment processing.
- Communication records including messages, complaints, feedback, and appointment notes.
Information collected automatically or indirectly
- Technical information such as IP address, browser type, and device information if you interact with us electronically.
- Usage data relating to how you engage with our communications or services.
- Property and project records such as before-and-after photographs, measurement notes, and site condition records, where relevant to the service provided.
We do not seek to collect special category data unless it is strictly necessary and you have provided it knowingly, or unless another lawful condition applies. If such information is received accidentally, it will be treated with additional care and only used where appropriate.
3. How We Use Personal Data
We use personal data only for legitimate business and service purposes. These may include:
- responding to enquiries and preparing quotations;
- providing landscaping, maintenance, design, and related services;
- arranging visits, schedules, and access to properties;
- issuing invoices, processing payments, and maintaining accounts;
- managing customer records and service history;
- resolving complaints, disputes, or service issues;
- meeting legal, tax, insurance, and regulatory obligations;
- protecting our business, staff, and customers from fraud, misuse, or security risks;
- improving our services, administration, and customer experience.
4. Lawful Basis for Processing
We process personal data only where we have a valid lawful basis under UK GDPR. Depending on the situation, we may rely on one or more of the following:
Contract
We process your personal data where it is necessary to enter into or perform a contract with you. This includes preparing quotes, carrying out work, managing appointments, invoicing, and fulfilling service obligations.
Legal obligation
We may process and retain information where required to comply with legal obligations, including accounting, tax, health and safety, and record-keeping requirements.
Legitimate interests
We may process data for our legitimate business interests, provided your interests and fundamental rights do not override those interests. This may include business administration, service improvement, fraud prevention, internal record-keeping, and protecting our rights and property. Where we rely on legitimate interests, we consider whether the processing is necessary and proportionate.
Consent
In limited circumstances, we may rely on your consent, for example where we need to use information for a specific purpose not covered by another lawful basis. If consent is used, you can withdraw it at any time, without affecting the lawfulness of processing before withdrawal.
5. Sharing Your Data and Processors
We do not sell personal data. We may share personal information with trusted third parties only when necessary for service delivery, business operations, or compliance with the law. Any third party that processes personal data on our behalf acts as a processor and is required to handle data securely and only in accordance with our instructions.
Examples of processors and recipients may include:
- Accounting and bookkeeping providers who assist with invoices, payments, and financial records.
- IT and cloud service providers who store or support business records and communications.
- Scheduling or administrative support providers who help manage appointments and service records.
- Payment service providers involved in processing card or transfer payments.
- Professional advisers such as accountants, insurers, or legal advisers where necessary.
- Public authorities where disclosure is required by law or to protect rights, safety, or security.
We take reasonable steps to ensure that any processor we use has appropriate technical and organisational measures in place to protect personal data. Where data is transferred outside the UK, we will ensure that appropriate safeguards are in place in line with data protection law.
6. Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, insurance, or reporting requirements. Retention periods may vary depending on the nature of the information and the reason it is held.
General retention approach
- Enquiry records are kept for a reasonable period to manage follow-up and customer service.
- Contract and service records are retained for the duration of the relationship and for a subsequent period to manage queries, warranty issues, or disputes.
- Financial and tax records are retained for the period required by law and accounting standards.
- Technical or security logs are kept only as long as needed for operational and security purposes.
When personal data is no longer required, we will delete it securely or anonymise it so it can no longer identify you.
7. Data Security
We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, or damage. These measures may include access controls, secure storage, limited permissions, and regular review of data handling practices. While no system can be guaranteed completely secure, we take reasonable and proportionate steps to safeguard the information entrusted to us.
8. Your Rights
Under data protection law, you have a number of rights in relation to your personal data. These rights may apply in different circumstances and may be subject to legal exemptions.
Your rights may include:
- Right of access – to request a copy of the personal data we hold about you.
- Right to rectification – to ask us to correct inaccurate or incomplete data.
- Right to erasure – to request deletion of your data in certain situations.
- Right to restriction – to ask us to limit how we use your data in certain cases.
- Right to data portability – to request transfer of data you provided, where applicable.
- Right to object – to object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent – where processing is based on consent.
You also have the right to raise concerns with the UK Information Commissioner’s Office if you believe your data has not been handled properly. We encourage you to contact us first so we can address any concerns directly and promptly.
9. Marketing and Communications
We may send service-related communications where necessary for booking, invoicing, updates, or administrative purposes. We do not send unnecessary marketing without a lawful basis. Where marketing is sent, you may opt out at any time. We will respect your preferences and update our records accordingly.
10. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children unless it is provided by a parent, guardian, or authorised adult for a legitimate service-related reason. If we become aware that we have collected data from a child inappropriately, we will take steps to delete it where required.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, service arrangements, or data handling practices. Any updates will take effect from the date they are published or communicated. We recommend reviewing this policy periodically to stay informed about how your personal data is handled.
12. Summary of Our Commitment
Landscaping Bromley is committed to treating your personal data with care, confidentiality, and respect. We only collect what we need, use it for clear and lawful purposes, keep it for no longer than necessary, and require our processors to protect it properly. If you are a customer in the Bromley area, this policy applies to you and governs how we manage your information throughout our relationship.