Privacy Policy - Landscaping Gipsyhill

This Privacy Policy explains how Landscaping Gipsyhill collects, uses, stores, shares, and protects personal data relating to our customers, prospective customers, suppliers, and website or service users in the area we serve. This policy applies to all Landscaping Gipsyhill customers in the area, including anyone who requests a quote, books a service, communicates with us, or otherwise interacts with our business.

We are committed to handling personal information in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws. We aim to process personal data fairly, lawfully, transparently, and securely, while respecting your privacy rights.

1. Personal Data We Collect

We may collect and process different types of personal data depending on how you interact with us. This may include:

  • Identity information: name, title, and any relevant business name.
  • Contact information: address, email address, phone number, and preferred contact method.
  • Service information: details about the landscaping services requested, property access requirements, service preferences, and any notes you provide.
  • Payment and billing information: invoice details, payment status, and transaction records, where applicable.
  • Communication records: messages, emails, call notes, complaint details, and customer feedback.
  • Technical information: limited device, browser, and usage information if you use any online enquiry systems or digital forms.
  • Site and project information: photographs, measurements, and work-related observations necessary to plan or complete landscaping services.

We generally collect personal data directly from you. We may also receive information from third parties where necessary, such as property owners, tenants, managing agents, contractors, or payment providers, when this is relevant to the services being arranged.

2. How We Use Personal Data

We use personal data only where permitted by law and only for legitimate business purposes related to our services. Common uses include:

  • providing quotes, consultations, and landscaping services;
  • managing bookings, scheduling, and project delivery;
  • communicating with you about your enquiry or service;
  • issuing invoices, processing payments, and maintaining financial records;
  • handling customer service requests, complaints, and warranty or follow-up matters;
  • maintaining internal records, administration, and business operations;
  • meeting legal, tax, accounting, and regulatory obligations;
  • protecting our business, staff, customers, and property;
  • improving the quality, safety, and efficiency of our services.

We do not sell personal data. We also do not use personal data for unrelated purposes without informing you and ensuring a lawful basis applies.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process personal data. Depending on the circumstances, Landscaping Gipsyhill may rely on one or more of the following bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. For example, this includes preparing quotations, arranging services, delivering landscaping work, and managing invoices.

Legal Obligation

We may process personal data where required to comply with legal duties, such as tax, accounting, health and safety, insurance, or record-keeping obligations.

Legitimate Interests

We may process personal data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights and freedoms. This may include managing customer relationships, maintaining service records, preventing fraud, or improving our operations. Where we rely on legitimate interests, we consider the impact on your privacy and take steps to protect your data.

Consent

In limited cases, we may rely on your consent, for example where you have expressly agreed to receive certain optional communications. Where consent is used, you may withdraw it at any time.

4. Sharing Personal Data and Processors

We may share personal data with trusted third parties where necessary for business operations, legal compliance, or service delivery. These third parties may act as data processors or, in some cases, independent controllers.

Examples of processors and service providers may include:

  • IT and cloud storage providers that host or back up business records;
  • accounting and bookkeeping providers that support invoicing, tax, and financial administration;
  • payment service providers that process card or electronic payments;
  • customer communication tools used to manage emails, messages, and administrative workflows;
  • professional advisers such as accountants, insurers, or legal advisers when needed;
  • subcontractors or suppliers involved in delivering landscaping services.

We require processors to act only on our instructions, to use personal data only for the agreed purpose, and to implement appropriate security measures. Where data is shared with independent controllers, such as public authorities or insurers, those parties are responsible for their own privacy practices.

5. Data Retention

We keep personal data only for as long as necessary to fulfil the purpose for which it was collected, including to meet legal, accounting, or contractual requirements. Retention periods may vary depending on the type of information and our lawful basis for processing.

  • Customer and service records are typically retained for the duration of the business relationship and for a reasonable period afterwards to handle queries or disputes.
  • Financial and tax records are retained for the period required by law.
  • Communication records are kept for as long as needed to manage ongoing service matters, complaints, or contractual issues.
  • Consent-based data is kept until consent is withdrawn or the data is no longer needed.

When data is no longer required, it is securely deleted, anonymised, or destroyed in accordance with our retention practices.

6. Data Security

We take reasonable and appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, password protection, and staff awareness of confidentiality obligations.

While we work to protect personal information, no system can be guaranteed to be completely secure. If a personal data breach occurs that is likely to result in risk to your rights and freedoms, we will act in line with our legal obligations, which may include notifying the relevant supervisory authority and affected individuals where required.

7. International Transfers

If any processor or service provider stores or accesses data outside the UK, we will take steps to ensure that appropriate safeguards are in place to protect your personal data. These safeguards may include approved contractual terms or other lawful transfer mechanisms recognised under data protection law.

8. Your Rights

You have rights over your personal data, subject to certain legal limits and exemptions. These rights include:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to ask us to limit how we use your data in certain cases.
  • Right to object: to object to processing based on legitimate interests or direct marketing, where applicable.
  • Right to data portability: to receive certain information in a structured, commonly used format where processing is based on consent or contract and carried out by automated means.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

These rights are not absolute. In some cases, we may need to continue processing or retaining data where we have a legal obligation or another lawful ground to do so.

9. Children’s Data

Our services are intended for adults acting on their own behalf or on behalf of a property owner, landlord, tenant, or business. We do not knowingly collect personal data from children unless it is necessary and appropriate in a specific service context and where lawful.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. Any updated version will apply from the date it is published or otherwise made available. We encourage you to review this policy periodically to stay informed about how we protect your personal data.

11. Summary of Key Principles

In summary, Landscaping Gipsyhill only collects personal data that is needed to provide and manage our services, comply with legal obligations, and operate our business responsibly. We process data on lawful grounds such as contract, legal obligation, legitimate interests, and consent where applicable. We limit retention to what is necessary, use trusted processors under appropriate safeguards, and respect your privacy rights under data protection law.

By using our services, requesting a quotation, or otherwise engaging with Landscaping Gipsyhill in the area we serve, you acknowledge that this Privacy Policy applies to you.

Landscaping Gipsyhill

GDPR-compliant Privacy Policy for Landscaping Gipsyhill covering data collection, lawful basis, retention, processors, rights, and scope for all local customers.

Get a quote
man-img
grass-img

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.