020 3744 3778Gardeners Hoxton Privacy Policy
This Privacy Policy explains how Gardeners Hoxton collects, uses, stores, and protects personal data relating to our customers and prospective customers within our service area. It also explains your rights under the UK General Data Protection Regulation and the Data Protection Act, and how you can exercise those rights.
This Privacy Policy applies to all Gardeners Hoxton customers and individuals who contact us, request a quote, book our gardening services, or otherwise interact with us in our service area, whether in person, by phone, or online.
Who We Are And Role As Data Controller
Gardeners Hoxton is a gardening and grounds maintenance service provider operating in the Hoxton area and surrounding locations. For the purposes of applicable data protection laws, Gardeners Hoxton is the data controller of the personal data described in this Privacy Policy. As data controller, we determine the purposes and means of processing your personal data and are responsible for ensuring that such processing is carried out in a lawful, fair, and transparent manner.
Personal Data We Collect
We only collect personal data that is relevant and necessary to deliver our services, manage our relationship with you, and comply with our legal obligations. The categories of personal data we may collect include:
Identification and contact details such as your name, postal address, service address, billing address, and any contact details you provide, such as email address or other contact channels you use to reach us.
Service and contract information such as details about the gardening or maintenance services you request, visit history, notes about your preferences, property access instructions that you choose to share, booking dates and times, and records of quotations and invoices.
Payment and transaction data such as records of payments made, amounts, dates, and methods of payment. We do not store full payment card details when payments are processed using external payment providers. Those providers act as separate controllers or processors in relation to card data.
Communication data such as records of enquiries, complaints, feedback, and other correspondence between you and Gardeners Hoxton, including information you provide when communicating with us by phone or in writing.
Technical and usage data, when relevant, such as basic information generated when you visit our online pages or profiles, including access times and general device or browser information. We do not seek to identify individuals from this data unless it is necessary for security or legal reasons.
How We Collect Your Personal Data
We collect personal data directly from you when you request a quote, book a visit, ask us to provide services, make a payment, contact us with an enquiry, leave feedback, or otherwise communicate with us in the course of our business relationship.
We may also receive personal data indirectly from third parties acting on your behalf, for example a landlord, property manager, or family member who books services for you and provides your contact details and service address. In such cases we expect that they have your permission to share this information.
In some cases, we may collect publicly available information, for example to confirm address details or to update business records where appropriate and lawful.
Lawful Bases For Processing Your Data
We process your personal data only where we have a lawful basis under data protection law. Depending on the circumstances, we rely on one or more of the following lawful bases:
Contractual necessity. We process your personal data to enter into a contract with you and to perform our agreement, including providing gardening services, arranging visits, sending quotes, issuing invoices, and managing ongoing maintenance schedules.
Legitimate interests. We process certain personal data where it is necessary for our legitimate business interests, provided that these interests are not overridden by your rights and freedoms. This may include planning our work, improving our services, keeping appropriate business records, managing our relationship with you, and protecting our business from fraud or misuse.
Legal obligations. We process personal data where necessary to comply with our legal and regulatory obligations, such as tax, accounting, and record keeping requirements, and cooperating with law enforcement or regulators when required.
Consent. In limited situations, we may rely on your consent, for example where you specifically ask us to contact you with certain types of updates or where consent is required for particular forms of communication. Where we rely on consent, you have the right to withdraw it at any time.
How We Use Your Personal Data
We use the personal data we collect for the following purposes:
To provide and manage gardening services, including assessing your requirements, preparing and delivering quotes, scheduling and carrying out visits, and communicating about work progress and completion.
To manage payments, billing, and accounts, including issuing invoices, receipts, and handling queries about charges.
To respond to your enquiries, complaints, and feedback, and to provide customer support.
To plan and improve our services, such as understanding which services are most frequently requested in the area and how we can better meet customer needs.
To maintain safety and security of our staff, customers, and property, for example by keeping records of service addresses and any access arrangements you provide.
To fulfil our legal and regulatory obligations, including record keeping, taxation, and responding to lawful requests from public authorities.
Data Sharing And Use Of Processors
We do not sell your personal data. We may share your personal data with trusted third parties where necessary for the purposes described in this Privacy Policy, including:
Service providers acting as data processors who provide services such as scheduling tools, payment processing, accounting, data storage, or communication platforms. These processors are only permitted to process your personal data on our instructions and are required to keep your data secure and confidential.
Professional advisers such as accountants or legal advisers, where necessary to support our business operations or to protect our legal interests.
Public authorities, regulators, or law enforcement where we are legally required or permitted to do so, for example to comply with tax laws or respond to lawful requests.
In each case, we only share the minimum amount of personal data necessary and we take steps to ensure that any third parties keep your information secure and use it only for the purposes for which it was shared.
Data Retention
We keep your personal data only for as long as it is needed for the purposes for which it was collected, including to meet any legal, accounting, or reporting requirements. When deciding how long to retain personal data, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process it, and whether we can achieve those purposes by other means.
Customer and service records, including quotes, invoices, and job details, are typically retained for a number of years to meet tax and financial record keeping obligations and to manage any potential claims. Communication records may be kept for a similar period where relevant to our services or legal obligations.
When personal data is no longer required, we will delete it securely or, where appropriate, anonymise it so that it can no longer be associated with an identifiable individual.
Your Data Protection Rights
Under data protection law, you have a number of rights in relation to your personal data, subject to certain conditions and exemptions. These include:
Right of access. You have the right to request confirmation of whether we hold personal data about you and to obtain a copy of that data, together with information about how we use it.
Right to rectification. You have the right to request that inaccurate or incomplete personal data about you is corrected or updated.
Right to erasure. In certain circumstances, you may have the right to request that we delete your personal data, for example where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent and there is no other legal basis for processing.
Right to restriction. You may have the right to request that we restrict the processing of your personal data in certain situations, such as where you contest its accuracy or object to our use of it.
Right to object. You may have the right to object to our processing of your personal data where we rely on legitimate interests as our lawful basis. We will then stop processing unless we can demonstrate compelling legitimate grounds which override your interests, rights, and freedoms, or where processing is required for legal claims.
Right to data portability. In some cases, you may have the right to receive the personal data you have provided to us in a structured, commonly used, and machine readable format and to request that we transfer it to another controller, where technically feasible.
Where we rely on your consent, you also have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before you withdraw it.
International Transfers
Where we use processors or service providers located outside the United Kingdom or the European Economic Area, or where personal data is otherwise transferred internationally, we take appropriate steps to ensure your personal data is afforded an equivalent level of protection. This may include relying on adequacy regulations, entering into contracts incorporating standard data protection clauses approved by relevant authorities, or using other safeguards required by law.
Security Of Your Personal Data
We take the security of your personal data seriously and use appropriate technical and organisational measures to protect it against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. Measures may include restricted access to records, secure storage systems, and staff awareness of data protection requirements. While we strive to protect your personal data, no system can be completely secure, and you should take care when sharing information with us and when requesting that we communicate with you using particular channels.
Changes To This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or the services we offer. Any changes will take effect when the updated Privacy Policy is made available. We encourage you to review this Privacy Policy periodically so that you remain informed about how we handle your personal data.
