Privacy Policy - Landscaping Wembley
This Privacy Policy explains how Landscaping Wembley collects, uses, stores, shares, and protects personal data. It applies to all Landscaping Wembley customers in the area, including individuals who request services, receive quotations, make enquiries, or otherwise interact with us. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Landscaping Wembley provides landscaping, garden care, outdoor improvement, and related property services. In the course of delivering these services, we may process personal data belonging to customers, prospective customers, suppliers, contractors, and other individuals connected with our work. This policy explains the principles that govern that processing.
2. Personal Data We Collect
We only collect data that is necessary for our operations and customer service. The categories of personal data we may collect include:
- Identity information: name, title, and, where relevant, business name.
- Contact information: address, email address, telephone number, and other communication details.
- Service information: property details, service preferences, appointment records, quotations, invoices, and work history.
- Payment and billing information: payment status, billing address, and transaction records. We do not store unnecessary payment details unless required for processing or record-keeping.
- Technical and usage information: basic information collected when you interact with our digital systems, such as device identifiers, browser type, or service-related logs where applicable.
- Communication records: correspondence with us by phone, email, text, or other channels, including complaints, queries, and feedback.
- Site and access information: if needed for service delivery, access instructions, gate codes, parking notes, or similar property-related information.
We do not intentionally collect special category data unless it is strictly necessary and we have a lawful basis to do so. If such data is ever provided to us inadvertently, we will treat it with appropriate care and confidentiality.
3. How We Use Personal Data
We use personal data for the following purposes:
- to respond to enquiries and provide quotations;
- to deliver landscaping and related services;
- to schedule visits, manage appointments, and coordinate work;
- to prepare invoices, process payments, and maintain financial records;
- to communicate about service updates, changes, or issues;
- to manage customer accounts and service history;
- to improve service quality, planning, and operational efficiency;
- to meet legal, regulatory, accounting, and insurance obligations;
- to handle disputes, claims, complaints, or requests;
- to maintain security and prevent misuse, fraud, or unauthorised access.
We will only use your personal data in ways that are compatible with the purpose for which it was collected, unless we have a lawful basis to use it differently.
4. Lawful Basis for Processing
Under the UK GDPR, we must have a lawful basis for each processing activity. Landscaping Wembley relies on one or more of the following lawful bases:
- Contract: we process personal data where it is necessary to enter into or perform a contract with you, such as providing a quotation, booking a service, or completing landscaping work.
- Legal obligation: we process data where required to comply with tax, accounting, record-keeping, consumer law, or other legal requirements.
- Legitimate interests: we may process data where it is reasonably necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include managing operations, improving services, recovering outstanding payments, and maintaining security.
- Consent: in limited situations, we may rely on your consent, for example where specific optional communications or uses are involved. You may withdraw consent at any time where processing is based on consent.
We do not use personal data for purposes that are incompatible with these bases without appropriate justification.
5. Retention of Personal Data
We keep personal data only for as long as necessary to fulfil the purposes described in this policy, including legal, accounting, or reporting obligations. Retention periods depend on the nature of the data and the reason it was collected.
As a general approach:
- customer enquiry records may be kept for a limited period after the last interaction;
- service records and invoices may be retained for the period required by tax and accounting laws;
- communications and complaint records may be kept for as long as needed to resolve matters and maintain business records;
- where data is no longer required, it will be securely deleted, anonymised, or destroyed.
We regularly review data retention needs to ensure information is not kept longer than necessary.
6. Sharing Personal Data and Processors
We may share personal data with trusted third parties where needed to operate our business and deliver services. These third parties may act as data processors or, in some cases, as independent controllers. Processors are only permitted to process personal data on our instructions and must take appropriate security measures.
Examples of processors and service providers may include:
- IT and cloud service providers that support data storage and communication;
- accounting or bookkeeping providers;
- payment processing providers;
- customer management and scheduling software providers;
- professional advisers such as lawyers, insurers, or auditors;
- subcontractors engaged to assist with service delivery where necessary;
- regulatory, law enforcement, or legal authorities where required by law.
We require processors to handle data securely, lawfully, and only for the purposes we specify. We do not sell your personal data.
7. Data Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and procedures for handling data breaches.
While no method of transmission or storage is completely risk-free, we work to ensure that personal data is protected in line with its sensitivity and our business size and activities.
8. International Transfers
If personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place in accordance with applicable data protection law. Such safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms.
9. Your Rights
Individuals whose personal data we process have rights under data protection law. These rights may include:
- Right of access: to request a copy of the personal data we hold about you;
- Right to rectification: to ask us to correct inaccurate or incomplete data;
- Right to erasure: to request deletion of your data in certain circumstances;
- Right to restriction: to ask us to limit how we use your data in certain situations;
- Right to data portability: to receive certain data in a structured, commonly used format where applicable;
- Right to object: to object to processing based on legitimate interests or direct marketing;
- Right to withdraw consent: where processing is based on consent, you may withdraw that consent at any time;
- Right to complain: to raise concerns with the UK data protection authority if you believe your rights have been infringed.
Some rights are subject to legal conditions and may not apply in every situation. We will assess each request carefully and respond in accordance with applicable law.
10. How We Respond to Rights Requests
If you exercise any of your rights, we may need to verify your identity before taking action. This helps protect your personal data from unauthorised access. We will respond within the time limits required by law and will explain if any exemption applies.
We aim to make rights requests straightforward, respectful, and timely.
11. Children’s Data
Our services are not directed at children, and we do not knowingly collect personal data from children unless it is necessary in connection with a customer’s property or service request and is provided appropriately by an adult. If we become aware that data has been collected improperly, we will take reasonable steps to delete it.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in law, services, or business practices. Any updates will take effect when published in the revised version. We encourage customers to review this policy periodically to stay informed about how we protect personal data.
13. Summary of Key Principles
In short, Landscaping Wembley processes personal data only when necessary, uses it for clear and lawful purposes, keeps it only as long as needed, and restricts access to trusted processors and authorised personnel. We also respect the rights of all customers in the area and are committed to protecting privacy with care, accountability, and transparency.
This Privacy Policy applies to all Landscaping Wembley customers in the area.