Privacy Policy - Landscaping Ickenham
This Privacy Policy explains how Landscaping Ickenham collects, uses, stores, shares, and protects personal data in connection with the services we provide. It applies to all Landscaping Ickenham customers in the area, including prospective customers, current customers, former customers, and people who enquire about our services. We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
This policy should be read together with any service agreement, quotation, or related notice we provide. By using our services, communicating with us, or providing personal data to us, you acknowledge that your information may be processed as described below.
1. Data We Collect
We only collect personal data that is necessary for delivering landscaping services, managing customer relationships, meeting legal obligations, and improving our operations. The type of information we may collect includes:
- Identity information such as your name and title.
- Contact information such as your address, email address, and telephone number.
- Property and service details such as garden dimensions, site access notes, service preferences, and project specifications.
- Financial information such as billing details and payment records.
- Communication records such as emails, messages, call notes, complaints, and feedback.
- Technical information if you interact with our digital systems, such as IP address, device details, or usage data.
- Photographs and visual records of gardens, sites, or completed work where needed for quotations, project documentation, or quality control.
We do not intentionally collect special category data unless it is strictly necessary and permitted by law. If such information is ever required, we will apply additional safeguards and only process it where a valid legal basis exists.
2. How We Use Personal Data
We use personal data for the following purposes:
- To provide quotations, plan work, and deliver landscaping services.
- To communicate with customers about appointments, schedules, and service updates.
- To issue invoices, process payments, and manage accounts.
- To respond to enquiries, complaints, and requests.
- To maintain records of work completed, including service history and site notes.
- To comply with legal, tax, accounting, and regulatory obligations.
- To protect our business, staff, and customers from fraud, misuse, or security incidents.
- To improve our services, customer experience, and operational efficiency.
We process personal data only for specified, explicit, and legitimate purposes. We will not use your data in a way that is incompatible with those purposes without informing you and, where required, obtaining a new lawful basis.
3. Lawful Basis for Processing
Under data protection law, we must have a lawful basis to process your personal data. Depending on the circumstances, we rely on the following bases:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes preparing quotations, carrying out landscaping work, managing bookings, and issuing invoices.
Legal Obligation
We process certain information where we must comply with legal obligations, such as accounting rules, tax recordkeeping, fraud prevention, and other statutory requirements.
Legitimate Interests
We may process personal data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights and freedoms. This may include maintaining service records, improving our services, handling enquiries, and protecting our business from misuse. When relying on this basis, we assess the impact on your privacy and take steps to minimise any unnecessary processing.
Consent
In limited cases, we may rely on your consent, for example where it is required for certain communications or optional uses of data. Where we rely on consent, you have the right to withdraw it at any time. Withdrawal of consent does not affect processing that took place before it was withdrawn.
4. Sharing Personal Data and Processors
We may share personal data with trusted third parties when necessary to run our business and deliver services. These parties act as processors or, in some cases, independent controllers. We require appropriate contractual safeguards and only share the minimum information necessary.
Examples of processors and service providers may include:
- Accounting and bookkeeping providers who help manage invoices, payments, and financial records.
- IT and cloud storage providers who support secure data storage, communication, and system maintenance.
- Customer management or scheduling tools used to organise appointments and project information.
- Payment processors who handle card or electronic transactions.
- Professional advisers such as lawyers, insurers, or auditors where necessary for compliance or risk management.
We may also disclose personal data if required by law, court order, or a lawful request from a public authority. If we are involved in a business transfer, reorganisation, or similar transaction, personal data may be shared as part of that process, subject to appropriate protections.
We do not sell personal data.
5. Retention of Personal Data
We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, insurance, and reporting obligations. Retention periods vary depending on the type of data and the reason for processing.
- Customer and service records are usually kept for the duration of the relationship and for a reasonable period afterwards.
- Financial and tax records are retained for the period required by law.
- Communication records may be retained while needed to resolve queries, maintain service history, or defend legal claims.
- Photographs and project documentation are kept only as long as necessary for business, quality, or evidential purposes.
When data is no longer required, we will securely delete, anonymise, or archive it in accordance with our retention practices.
6. Data Security
We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction. These measures may include access controls, secure storage, staff training, and limiting data access to those who need it for their role. While no system can be guaranteed completely secure, we work to reduce risks and respond promptly to any suspected incident.
7. Your Rights
Under data protection law, you have several rights in relation to your personal data. These rights may be subject to conditions and exemptions, but we will always consider your request carefully.
- Right of access - you can request confirmation of whether we process your personal data and obtain a copy of it.
- Right to rectification - you can ask us to correct inaccurate or incomplete data.
- Right to erasure - in certain cases, you can request deletion of your personal data.
- Right to restriction - you can ask us to limit how we use your data in certain situations.
- Right to data portability - where applicable, you can request a copy of data you provided to us in a structured format.
- Right to object - you can object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent - where processing is based on consent, you can withdraw it at any time.
You also have the right to lodge a complaint with the Information Commissioner's Office if you believe your data rights have not been respected. We encourage you to raise any concerns with us first so we can try to resolve them promptly.
8. International Transfers
Where personal data is transferred outside the United Kingdom, we will ensure appropriate safeguards are in place to protect it in line with applicable law. This may include the use of approved contractual measures or transfers to jurisdictions recognised as providing adequate protection.
9. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children except where it is provided by an adult customer in connection with a service request. If we become aware that we have collected data from a child without appropriate authority, we will take steps to delete it or obtain lawful permission where required.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, our services, or our data handling practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers in the area to review this policy periodically to stay informed about how personal data is protected.
Last reviewed: Privacy Policy - Landscaping Ickenham