Gardeners Beddington Privacy Policy

This Privacy Policy explains how Gardeners Beddington collects, uses, stores and protects personal data of customers and prospective customers in our service area. It also explains the legal bases we rely on and the rights you have under the UK General Data Protection Regulation and related data protection laws.

This Privacy Policy applies to all Gardeners Beddington customers and individuals who contact us, request a quotation, use our gardening and related services, or otherwise interact with us in the Beddington area and surrounding locations that we serve.

Data Controller

Gardeners Beddington is the data controller for the personal data described in this Privacy Policy. As data controller, we decide how and why your personal data is processed and we are responsible for ensuring that such processing complies with applicable data protection laws.

Personal Data We Collect

We may collect and process the following categories of personal data about you:

Identification and contact details, such as your name, postal address, service address, and any other contact details you choose to provide when you contact us or request our services.

Service and contract details, such as information about your garden or outdoor space, property access notes, service preferences, service history, quotations, invoices, and records of work carried out.

Communication records, such as notes of enquiries, messages you send us, and our responses to you, including any feedback or complaints you provide.

Payment and billing information that is necessary to issue invoices, record payments received, and manage our accounts and tax obligations. Where payments are processed via third party payment providers, we generally receive only limited information such as confirmation of payment and reference details.

Technical and usage information related to our website or online contact forms, which may include your IP address, device information, and basic usage data that helps us maintain and improve our online services. We do not seek to identify individuals through this data unless it is necessary for security, fraud prevention, or to meet legal obligations.

How We Collect Your Data

We collect personal data directly from you when you contact us by any means, request a quotation, book a service, enter into a contract with us, or interact with us in the course of receiving our services.

We may also collect personal data indirectly from third parties where this is necessary to provide our services. This may include information from property agents, landlords, or other intermediaries that engage us on your behalf, or from publicly available sources that confirm address or property details.

Purposes and Lawful Basis for Processing

We process your personal data only where we have a lawful basis under data protection law. The main purposes and lawful bases are:

To provide quotations, perform our gardening and related services, and manage our relationship with you. This processing is based on performance of a contract or steps taken at your request before entering into a contract.

To communicate with you about appointments, access requirements, rescheduling, and other practical matters related to the services. This is necessary for performance of a contract and also in our legitimate interests to manage our business efficiently.

To issue invoices, record payments, and maintain financial records. This processing is necessary for performance of a contract and to comply with our legal obligations, including tax and accounting requirements.

To respond to enquiries, handle complaints, and manage any disputes. This is based on our legitimate interests in ensuring customer satisfaction, improving our services, and protecting our legal rights.

To send non-essential service updates or information about related services that may be of interest to you, where you have given your consent or where we rely on our legitimate interests in promoting and developing our business, in accordance with applicable marketing laws. You can opt out of such communications at any time.

To ensure security, prevent fraud, and comply with legal or regulatory obligations or lawful requests from authorities. This processing is based on our legitimate interests in protecting our business and on compliance with legal obligations.

Data Retention

We keep personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy or to meet legal, accounting, or reporting requirements.

Customer and contract data, such as service records, quotations, and related correspondence, is generally retained for up to seven years after the end of our relationship with you. This period reflects applicable limitation periods for legal claims and our legal and tax obligations.

Financial records, including invoices and payment records, are retained for the period required under tax and accounting laws, which is typically up to seven years from the date of the relevant record.

Enquiry data for individuals who do not become customers may be kept for a shorter period, usually up to two years, to allow us to respond to follow up queries and manage potential future bookings, unless you request earlier deletion.

Technical and usage data may be retained for a shorter period that is necessary for security, troubleshooting, and improving our website and services, usually not exceeding two years unless an issue requires longer retention.

When data is no longer required, we will securely delete or anonymise it so that it can no longer identify you.

Data Processors and Sharing of Personal Data

We may share your personal data with carefully selected third parties who act as data processors on our behalf. These processors only process personal data in accordance with our instructions and for the purposes specified in this Privacy Policy.

Types of processors and third parties we may use include:

IT and hosting providers that supply and maintain our digital systems, including any systems used for storing contact and service records.

Payment service providers and banks that process payments and help us manage financial transactions.

Professional advisers, such as accountants or legal advisers, where necessary to obtain professional services and comply with legal or regulatory obligations.

Subcontractors or partner service providers who assist us in delivering gardening or related services, where they need access to limited personal data such as your address and service requirements.

We may also share personal data with public authorities, regulators, or law enforcement agencies where we are legally required to do so or where this is necessary to protect our rights or the rights of others.

We do not sell your personal data. Where we engage processors, we require them to implement appropriate technical and organisational measures to protect your data and to comply with applicable data protection laws.

International Transfers

Our primary processing activities take place within the United Kingdom and the European Economic Area. If we ever need to transfer personal data to a country outside the UK or EEA that does not provide an equivalent level of data protection, we will ensure that appropriate safeguards are in place, such as standard contractual clauses approved by relevant authorities, or other lawful transfer mechanisms, and that your rights continue to be protected.

Your Data Protection Rights

Under data protection law, you have certain rights in relation to your personal data, subject to applicable conditions and exemptions. These include:

The right of access, meaning you can request confirmation of whether we process your personal data and obtain a copy of that data, along with certain supplementary information.

The right to rectification, allowing you to request correction of inaccurate personal data and completion of incomplete data.

The right to erasure, in certain circumstances, allowing you to request that we delete your personal data where there is no longer a lawful reason for us to keep it.

The right to restrict processing, which allows you to request that we limit the way we use your data in certain situations, for example while we consider a challenge you have made to the accuracy of the data.

The right to data portability, which in certain cases allows you to receive personal data you have provided to us in a structured, commonly used, and machine readable format and to request that we transfer it to another controller where technically feasible.

The right to object, which allows you to object to processing based on our legitimate interests and to object at any time to the use of your data for direct marketing.

Where we rely on consent as the lawful basis for processing, you have the right to withdraw that consent at any time. Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal.

Exercising Your Rights and Complaints

If you wish to exercise any of your data protection rights, or if you have questions about how we handle your personal data, you can contact us using our usual contact channels set out on our website or other communications.

We will respond to your request as required by law, usually within one month. We may need to verify your identity before responding to ensure we protect your data from unauthorised access.

You also have the right to lodge a complaint with the UK Information Commissioner s Office or any other relevant supervisory authority if you believe your data protection rights have been infringed. We would however encourage you to contact us first so we can try to resolve any concerns directly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we provide. The updated version will be made available through our usual communication channels. We encourage you to review this Privacy Policy periodically to stay informed about how we handle your personal data.