Gardeners Canary Wharf Privacy Policy
This Privacy Policy explains how Gardeners Canary Wharf collects, uses, stores and protects personal data relating to its customers and prospective customers in the Canary Wharf area. It is designed to comply with the UK General Data Protection Regulation and the Data Protection Act 2018, as well as the EU General Data Protection Regulation where applicable.
This Privacy Policy applies to all Gardeners Canary Wharf customers, and to anyone who contacts us to request information or services within the Canary Wharf area. By engaging with our services, you acknowledge that you have read and understood this Privacy Policy.
Data Controller
Gardeners Canary Wharf is the data controller in respect of the personal data it processes about its customers and prospective customers. As data controller, Gardeners Canary Wharf determines the purposes and means of processing personal data and is responsible for complying with applicable data protection laws.
Personal Data We Collect
We only collect personal data that is relevant and necessary for the provision of our gardening and related services in the Canary Wharf area. The types of personal data we may collect include:
Identification and contact details: name, address, property location, billing address, and other contact information such as communication preferences.
Service information: details of the services you request, property type and size, access instructions, records of site visits, quotes, invoices, and payment status.
Communication records: information you provide when you contact us by any means, including enquiries, feedback, complaints, or requests to exercise your data protection rights.
Technical and usage data: limited technical information related to how you interact with our online information or digital tools, such as dates and times of contact and basic device or browser details where technically necessary for security or service quality.
We do not intentionally collect special category data such as health information, racial or ethnic origin, or other sensitive data. If you choose to provide such information in the context of our services, we will treat it with a high degree of care and only use it when strictly necessary.
How We Collect Personal Data
We may collect personal data directly from you when you contact us, request a quote, make a booking, enter into a service agreement, or communicate with us about existing or prospective services. We may also collect information when we visit your property to assess or deliver services.
In some cases, we may obtain personal data from third parties, such as referral partners or platforms through which you have requested gardening services. In these cases, the third party is responsible for ensuring that they have a lawful basis to share your personal data with us.
Lawful Bases for Processing
We process personal data only when we have a lawful basis under the GDPR. Depending on the circumstances, this may include:
Contract: where processing is necessary for the performance of a contract with you, or to take steps at your request before entering into a contract. This covers activities such as providing quotes, delivering gardening services, and issuing invoices.
Legal obligation: where processing is necessary to comply with legal obligations, for example in relation to tax, accounting, or responding to lawful requests from public authorities.
Legitimate interests: where processing is necessary for our legitimate interests, provided these are not overridden by your interests or fundamental rights. This includes managing our relationship with customers, improving our services, protecting our business and property, and preventing or detecting fraud or misuse.
Consent: where you have given clear consent for us to process your personal data for a specific purpose, such as receiving marketing communications. When consent is the basis, you can withdraw it at any time, and we will cease processing for that purpose.
Purposes of Processing
We process your personal data for the following purposes:
To provide and manage gardening and related services, including scheduling visits, accessing your property, and tailoring services to your requirements.
To prepare and manage quotes, contracts, invoices, and payments.
To communicate with you about your enquiries, bookings, services, and any changes to our terms or this Privacy Policy.
To manage customer relationships, including handling feedback, complaints, and service quality issues.
To maintain business records, perform internal administration, and comply with legal and regulatory requirements.
To protect the security of our business, assets, and customers, including fraud prevention, misuse detection, and dispute resolution.
To send you information about services and offers that may be of interest to you, where we are permitted to do so by law or where you have given consent. You can opt out of marketing at any time.
Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. When deciding how long to retain data, we consider the type of data, potential risk of harm from unauthorised use or disclosure, the purposes of processing, and applicable legal obligations.
As a general guideline, records relating to the provision of services, including contact details, invoices, and basic correspondence, are typically retained for a period required by tax and accounting laws. After the relevant retention periods have expired, personal data will be securely deleted, anonymised, or otherwise rendered inaccessible.
Data Processors and Third Parties
We may share personal data with carefully selected third parties who act as data processors on our behalf. These service providers may assist us with activities such as payment processing, accounting, customer management, information technology support, data storage, or communication tools.
Where we use data processors, we ensure that there is a written data processing agreement in place requiring them to process your personal data only in accordance with our instructions, to maintain appropriate security measures, and to comply with applicable data protection laws.
We may also share personal data with other third parties where necessary to comply with legal obligations, respond to lawful requests from public authorities, or establish, exercise, or defend legal claims. We do not sell your personal data.
International Data Transfers
If we transfer personal data outside the United Kingdom or the European Economic Area, we will ensure that appropriate safeguards are in place to protect your data, such as adequacy regulations, standard contractual clauses, or other legally recognised measures. Details of any such transfers relevant to your data can be provided upon request.
Data Security
We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, or damage. These measures include limiting access to personal data to those who need it for their work, using secure storage systems, and applying procedures designed to maintain confidentiality, integrity, and availability of data.
While we strive to protect your personal data, no system can be guaranteed to be completely secure. We therefore encourage you to exercise care in sharing personal information and to notify us promptly if you believe your data may have been compromised.
Your Data Protection Rights
Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to certain conditions and exceptions. They include:
Right of access: you have the right to request confirmation as to whether we process your personal data and to receive a copy of that data, along with information about how we use it.
Right to rectification: you can ask us to correct or complete personal data that is inaccurate or incomplete.
Right to erasure: in some circumstances, you can request that we delete your personal data, for example where it is no longer needed for the purposes for which it was collected, or where you withdraw consent and no other lawful basis applies.
Right to restriction of processing: you may ask us to restrict the processing of your data in certain situations, such as where you contest its accuracy or object to the processing.
Right to object: you have the right to object to processing that is based on our legitimate interests, including profiling, and to object at any time to the processing of your personal data for direct marketing.
Right to data portability: where processing is based on consent or contract and carried out by automated means, you may have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.
Where we rely on your consent for processing, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
Exercising Your Rights and Complaints
If you wish to exercise any of your data protection rights or have questions about this Privacy Policy or our handling of personal data, you can contact us using the details provided in our customer communications or on our service documentation.
You also have the right to lodge a complaint with the relevant supervisory authority for data protection if you believe that your data protection rights have been infringed. We would, however, appreciate the chance to address your concerns first, and we encourage you to contact us in the first instance.
Updates to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other factors. Any updated version will apply to all Gardeners Canary Wharf customers in the Canary Wharf area from the date it is published or communicated. We encourage you to review this Privacy Policy periodically so that you remain informed about how we protect your personal data.
