020 3744 3778Gardeners Burroughs Privacy Policy
This Privacy Policy explains how Gardeners Burroughs collects, uses, stores and shares personal data relating to customers in our service area, and describes your rights under the UK General Data Protection Regulation and the EU General Data Protection Regulation where applicable. This Privacy Policy applies to all Gardeners Burroughs customers in our operating area, including prospective, current and former customers.
Who we are and scope of this policy
Gardeners Burroughs is a gardening and grounds maintenance service provider. In providing our services, we act as a data controller, which means we decide how and why your personal data is processed. This policy covers all personal data we handle about individuals who are private customers, business contacts, representatives of organisations, or users of our services within our service area.
Types of personal data we collect
We collect and process different categories of personal data depending on how you interact with us. This may include:
Identification and contact details, such as your name, postal address, billing address, and any other contact details you choose to provide.
Service-related information, such as details of your garden or outdoor space, access instructions, property type, preferred days and times for visits, and records of the services requested or provided.
Communication records, such as notes of conversations, messages or correspondence you send to us, and our responses to you.
Billing and payment information, such as invoices, payment history and basic transaction details. We do not store full payment card details where card payments are handled by third-party payment processors.
Usage and enquiry data, such as information you provide when requesting a quote, booking a service, or giving feedback or complaints about our services.
In some cases we may collect photographs of your garden or outdoor space, for example for quoting, planning or recording the progress of work, but only where this is necessary for providing the service you request.
How we collect your personal data
We may collect personal data directly from you when you contact us to request a quote, make a booking, arrange a visit, ask a question, or provide feedback. We may also collect information during site visits and when providing services at your property.
We may receive personal data about you indirectly where you are introduced to us by a third party, where someone books services on your behalf, or where your details are provided as an authorised contact for a property. Where appropriate, we will inform you of the source of your data when we first contact you.
Lawful basis for processing your data
We only use your personal data where we have a lawful basis under data protection laws. Depending on the circumstances, we may rely on the following lawful bases:
Contract. We process your personal data when it is necessary to enter into or perform a contract with you, for example to provide gardening services, to arrange visits, to issue invoices, or to respond to your pre-contract enquiries.
Legal obligation. We may process certain information when we are required to do so by law, such as maintaining financial and tax records.
Legitimate interests. We may process personal data where it is necessary for our legitimate business interests and where your interests and fundamental rights do not override those interests. This may include managing our customer relationships, improving our services, handling queries and complaints, and maintaining accurate records.
Consent. In limited situations, we may rely on your consent, for example where we wish to use photographs of your garden for marketing purposes. Where we rely on consent, you have the right to withdraw your consent at any time.
How we use your personal data
We use the personal data we collect to provide and manage our services, including:
Providing quotations, planning work and delivering gardening and maintenance services at your property.
Arranging appointments, access and ongoing maintenance schedules.
Managing our relationship with you, including responding to enquiries, feedback and complaints.
Issuing invoices, processing payments and maintaining accounts and financial records.
Keeping internal records, analysing service use and improving our services and customer experience.
Complying with legal and regulatory obligations and cooperating with competent authorities where required by law.
Data sharing and processors
We do not sell your personal data. We may share your personal data with selected third parties only where necessary and in accordance with data protection laws. These third parties may include:
Service providers who act as data processors and provide services such as payment processing, accounting, information technology support, customer management systems or document storage. These processors only process your data on our instructions and are subject to contractual obligations to protect your data.
Professional advisers such as accountants or legal advisers, where necessary in the course of professional services to us and where they are subject to confidentiality obligations.
Public authorities, regulators or law enforcement agencies, where we are legally required or permitted to do so.
Where any of our processors are located outside the United Kingdom or the European Economic Area, we will ensure that appropriate safeguards are in place to protect your personal data, in line with data protection laws.
Data retention
We keep your personal data only for as long as necessary for the purposes for which it was collected, and to meet legal, accounting or reporting requirements.
In general, we retain customer records, including contact details and service history, for as long as you remain an active customer and for a period afterwards where necessary to answer queries, manage any disputes or provide evidence of services provided.
Financial records, including invoice and payment information, are typically retained for a minimum period required by applicable tax and accounting laws.
Where we hold photographs or other service-related images, we will retain them only for as long as they are needed for operational purposes, or for any additional period to which you have expressly consented. When personal data is no longer needed, we will securely delete or anonymise it.
How we protect your personal data
We take appropriate technical and organisational measures to help protect personal data against unauthorised or unlawful processing, accidental loss, destruction or damage. These measures may include restricted access to personal data, secure storage and appropriate training for staff and contractors handling personal data. While we take reasonable steps to protect your information, no system can be guaranteed to be fully secure.
Your data protection rights
Under data protection laws, you have a number of rights in relation to your personal data, subject to certain conditions and exemptions. These rights include:
Right of access. You have the right to request confirmation of whether we process your personal data and to obtain a copy of that data, together with certain information about how we use it.
Right to rectification. You have the right to ask us to correct or complete personal data that you believe is inaccurate or incomplete.
Right to erasure. In certain circumstances, you have the right to request that we delete your personal data, for example where it is no longer necessary for the purposes for which it was collected and we have no other lawful basis for keeping it.
Right to restriction of processing. You may request that we restrict the processing of your personal data in certain situations, for example while we check the accuracy of data or consider an objection you have raised.
Right to object. You have the right to object to our processing of your personal data where we rely on legitimate interests as the lawful basis, including profiling based on those interests, and we will stop processing unless we have compelling legitimate grounds to continue.
Right to data portability. In certain circumstances, you may request that we provide the personal data you have given us in a structured, commonly used and machine-readable format, and that we transmit it to another controller where this is technically feasible.
Right to withdraw consent. Where we rely on your consent for specific processing, you may withdraw that consent at any time. This will not affect the lawfulness of processing before consent was withdrawn.
You also have the right to lodge a complaint with a data protection authority if you are concerned about how we handle your personal data.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services or legal obligations. When we make changes, we will revise the date of the update and take appropriate steps to inform you of any significant changes, where required. We encourage you to review this policy periodically to stay informed about how we protect your personal data.
