Gardeners Barnes Privacy Policy
This Privacy Policy explains how Gardeners Barnes collects, uses, stores and protects personal data about its customers and prospective customers in our local service area. It also explains your rights under the United Kingdom General Data Protection Regulation and related data protection laws. This Privacy Policy applies to all Gardeners Barnes customers and potential customers in the area to whom we offer or provide gardening or related services.
Who we are and scope of this policy
Gardeners Barnes is a gardening services business providing services such as garden maintenance, planting, lawn care and related work to residential and commercial customers within our service area. For the purposes of data protection law, Gardeners Barnes is the controller of the personal data described in this Privacy Policy. This means we decide how and why your personal data is processed.
This Privacy Policy covers personal data we collect in the course of operating our business, including when you contact us, request a quote, enter into a contract with us, or otherwise interact with us as a customer or potential customer.
Personal data we collect
We may collect and process the following categories of personal data:
Identification and contact details such as your name, postal address, service address, and any other contact details you choose to provide to us when you make an enquiry or become a customer.
Service and contract information such as details of the gardening services you request, site notes and measurements, details of any special instructions, your booking history, and records of our correspondence with you relating to the services.
Payment and billing information such as invoices issued to you, payment method used, dates and amounts of payments, and billing address. We do not store full payment card details, but may receive limited transaction details from payment processors.
Communications data such as information you provide when you contact us by any means, including enquiries, complaints, feedback or testimonials, and any related notes made by us.
Technical and usage information such as basic information generated when you visit our online pages or digital content, including IP address and general device information, where this is relevant for security, analytics or service improvement.
How we collect your personal data
We collect personal data directly from you when you contact us to request information or a quote, when you agree to our services, or when you communicate with us during or after the provision of services. We may also receive personal data from third parties, for example where someone refers you to us or acts as a representative on your behalf, or from payment service providers that confirm whether a payment has been completed.
Purposes and lawful bases for processing
We process your personal data only where there is a lawful basis under data protection law. The main purposes and lawful bases are as follows:
To respond to enquiries and provide quotes. We use your contact and service information to respond to your enquiries and to prepare and provide quotes. The lawful basis is our legitimate interests in operating and developing our business and providing information requested by potential customers, or taking steps at your request before entering into a contract.
To perform our contracts with you. When you decide to use our services, we process your personal data to schedule and deliver the services, manage your account, issue invoices and collect payments. The lawful basis is performance of a contract with you and taking steps at your request to enter into that contract.
To manage our business and maintain records. We keep appropriate business and financial records, handle customer service, manage our workforce and suppliers, and maintain accurate information about our operations. The lawful basis is our legitimate interests in running an efficient and well managed business and, where relevant, legal obligations relating to accounting and tax.
To communicate with you about services. We may contact you to update you about existing bookings, service changes, or important information about your garden or our services. The lawful basis is performance of a contract and our legitimate interests in maintaining good customer relationships.
To send marketing communications. We may occasionally send marketing messages about our services that may be of interest to you. Where required by law, we will only do this with your consent. In some cases we may rely on our legitimate interests in promoting and developing our business, but you can opt out of marketing at any time.
To comply with legal and regulatory obligations. We may process personal data where needed to comply with laws, respond to lawful requests from authorities, or establish, exercise or defend legal claims. The lawful basis is compliance with legal obligations and our legitimate interests in protecting our rights.
Data retention and storage
We retain personal data only for as long as necessary for the purposes for which it was collected and to meet legal, accounting or reporting requirements. The specific retention period may vary depending on the nature of the information and our legal obligations.
In general, customer records relating to services provided and payments made are kept for a period consistent with applicable limitation and tax rules, after which they are securely deleted or anonymised. Enquiry records may be kept for a shorter period where they do not lead to a contract. We review our retention practices regularly to ensure data is not kept longer than necessary.
Data processors and third party recipients
We may share personal data with carefully selected third parties that provide services to us and act as our processors. These include companies that provide cloud based or digital tools for scheduling, invoicing, accounting, secure data storage, payment processing and communications. These processors are only permitted to use your personal data in accordance with our instructions and for the purposes we specify, and they are required to implement appropriate technical and organisational measures to protect your data.
We may also share personal data with other third parties where necessary, such as professional advisers including accountants, legal advisers and insurers, and with public authorities where required by law or in connection with legal proceedings or regulatory enquiries.
We do not sell your personal data to third parties.
International transfers
Some of our service providers may store or access personal data from locations outside the United Kingdom. Where this occurs, we take steps to ensure that appropriate safeguards are in place, such as reliance on adequacy regulations or the use of standard contractual clauses or equivalent safeguards recognised under data protection law, so that your personal data remains protected.
Your data protection rights
You have a number of rights in relation to the personal data that we hold about you, subject to certain conditions and exemptions under data protection law.
Right of access. You have the right to request confirmation that we process your personal data and to request a copy of the personal data we hold about you, together with certain information about how it is used.
Right to rectification. You have the right to request that inaccurate or incomplete personal data is corrected or completed without undue delay.
Right to erasure. In certain circumstances, you may have the right to request that we delete your personal data. This is not an absolute right and may not apply where we have a legal obligation or compelling legitimate interest to continue processing the data.
Right to restriction of processing. You may have the right to request that the processing of your personal data is restricted in certain situations, for example while we verify the accuracy of the data or assess an objection.
Right to object. You have the right to object at any time to processing of your personal data that is based on our legitimate interests, including profiling on that basis. We will then no longer process your personal data for that purpose unless we can demonstrate compelling legitimate grounds which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims. You also have an unconditional right to object to direct marketing.
Right to data portability. Where our processing is based on your consent or on a contract and is carried out by automated means, you may have the right to receive the personal data you provided to us in a structured, commonly used and machine-readable format, and to request that it is transmitted to another controller where technically feasible.
Right to withdraw consent. Where we rely on your consent for processing, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before it is withdrawn.
Security of your personal data
We take appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing, accidental loss, destruction or damage. These measures include controlling access to records, using reputable service providers, and maintaining appropriate business and IT security practices. While we take reasonable care to protect your personal data, no system can be guaranteed to be fully secure.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, how we process personal data, or changes in the law. Any updated version will apply from the date it is published and will indicate the date of the latest revision. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.
