Privacy Policy - Landscaping Erith
This Privacy Policy explains how Landscaping Erith collects, uses, stores, shares, and protects personal data relating to customers and prospective customers in the Erith area. It applies to all Landscaping Erith customers in the area, including individuals who request quotations, book services, make enquiries, or otherwise interact with our business. We are committed to handling personal data fairly, transparently, and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
For the purposes of data protection law, Landscaping Erith acts as the data controller for the personal data described in this policy. This means we determine why and how personal data is processed. We only process data where we have a lawful basis to do so and only for legitimate business purposes connected with delivering our landscaping services, managing our operations, and maintaining accurate business records.
2. Personal Data We Collect
We may collect personal data directly from you, from your use of our services, or from third parties where appropriate. The types of data we may collect include:
- Identity details such as your name and title
- Contact details such as address, email address, and telephone number
- Service information including property details, project preferences, and instructions
- Communication records such as messages, enquiry forms, notes from phone calls, and correspondence
- Billing and payment information where required for invoicing and record-keeping
- Technical data such as basic website usage information if you interact with digital systems we use
- Photographs and site images relevant to quotations, project planning, or evidence of completed work
We do not intentionally collect special category data unless it is strictly necessary and permitted by law. Special category data includes information such as health details, racial or ethnic origin, religious beliefs, or similar sensitive information. If such information is ever shared with us inadvertently, it will be handled with extra care and only where there is a lawful reason to do so.
3. How We Use Personal Data
We use personal data for the following purposes:
- To respond to enquiries and provide quotations
- To plan, deliver, and manage landscaping services
- To keep records of work completed and customer preferences
- To issue invoices, manage payments, and maintain accounting records
- To communicate about appointments, service updates, and project changes
- To improve our services, customer experience, and internal processes
- To meet legal, regulatory, tax, and insurance obligations
- To prevent fraud, misuse, or security incidents
We only use data for the purposes for which it was collected, unless we reasonably believe another compatible purpose is appropriate and lawful. We do not sell personal data.
4. Lawful Basis for Processing
Under UK GDPR, we must have a valid lawful basis before processing personal data. Landscaping Erith relies on the following lawful bases:
Contract
We process personal data when it is necessary to enter into or perform a contract with you. This includes providing quotations you request, arranging landscaping services, carrying out work, and managing billing or service-related communication.
Legitimate Interests
We may process personal data where it is necessary for our legitimate interests and where those interests are not overridden by your rights and freedoms. Examples include responding to customer enquiries, maintaining service quality, keeping business records, preventing fraud, and improving operations.
Legal Obligation
We process personal data when required to comply with legal obligations, such as accounting, tax, health and safety, and insurance requirements.
Consent
In limited situations, we may rely on your consent, for example for certain optional communications or where consent is otherwise appropriate. Where consent is used, you may withdraw it at any time.
5. Sharing Personal Data and Processors
We may share personal data with trusted third parties who act as processors on our behalf, or with other organisations where required by law. Processors only handle data under our instructions and must protect it appropriately. Categories of processors may include:
- IT and cloud service providers that host systems, emails, or data storage
- Accounting and bookkeeping providers that support invoicing and financial records
- Payment processing services used to handle transactions securely
- Scheduling and communication tools used to organise appointments and customer records
- Professional advisers such as insurers, legal advisers, or auditors where necessary
We may also disclose personal data if required by law, court order, or a regulatory authority. If we engage any processor, we take steps to ensure appropriate contractual safeguards are in place and that personal data is handled securely and lawfully.
6. Data Retention
We keep personal data only for as long as it is necessary for the purposes for which it was collected, and to satisfy legal, accounting, or reporting obligations. Retention periods may vary depending on the nature of the data and the reason for holding it.
In general:
- Enquiry and quotation records are retained for a reasonable period to manage follow-up and service history
- Customer and project records are kept for the duration of the working relationship and for a further period where needed for business or legal reasons
- Financial and tax-related records are retained in line with legal requirements
- Communication records may be kept where they are relevant to service delivery, dispute resolution, or compliance
When personal data is no longer needed, we will securely delete, anonymise, or archive it in accordance with our retention practices.
7. Data Security
We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure. These measures may include restricted access, secure storage, password protection, and staff awareness procedures. While no system can be guaranteed completely secure, we take data protection seriously and work to reduce risk wherever possible.
8. Your Rights
Under data protection law, you have several rights in relation to your personal data. Subject to legal conditions, these rights include:
- Right of access – you can request a copy of the personal data we hold about you
- Right to rectification – you can ask us to correct inaccurate or incomplete data
- Right to erasure – you can ask us to delete your data in certain circumstances
- Right to restriction – you can ask us to limit how we use your data in certain situations
- Right to object – you can object to processing based on legitimate interests or direct marketing
- Right to data portability – you can ask for data you provided to us in a structured, commonly used format where applicable
- Right to withdraw consent – where we rely on consent, you may withdraw it at any time
If you wish to exercise your rights, we may need to verify your identity before responding. We will respond within the time limits required by law and may refuse requests only where permitted by law.
9. International Transfers
If any personal data is transferred outside the UK, we will ensure that suitable safeguards are in place so that your information remains protected to an equivalent standard. This may include approved contractual protections or use of service providers that comply with UK data transfer requirements.
10. Children’s Data
Our services are generally intended for adults. We do not knowingly collect personal data from children unless it is necessary in connection with a service request and lawfully provided by a parent, guardian, or authorised representative. Where children’s data is processed, we take extra care to ensure it is handled appropriately and securely.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process personal data. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their data is used.
12. Summary of Your Privacy
Landscaping Erith only processes the personal data needed to deliver services, manage business operations, and meet legal requirements. We rely on lawful bases such as contract, legitimate interests, legal obligation, and consent where appropriate. We keep data only as long as necessary, use trusted processors under contract, and respect your rights under UK GDPR. This policy applies to all Landscaping Erith customers in the area and is designed to support transparent, fair, and secure handling of personal information.
By using our services or contacting us, you acknowledge that you have read and understood this Privacy Policy.