Gardeners Kings Cross Privacy Policy

This Privacy Policy explains how Gardeners Kings Cross collects, uses, stores and protects personal data relating to customers and prospective customers in the Kings Cross area. It is intended to comply with the UK General Data Protection Regulation and related data protection laws. By engaging our gardening and related services, you acknowledge that you have read and understood this Privacy Policy.

Scope of this Privacy Policy

This Privacy Policy applies to all Gardeners Kings Cross customers and prospective customers within our service area in and around Kings Cross. It covers personal data collected through our website, in person, by post, and via any other communication channels we use to provide our services and manage customer relationships.

Personal Data We Collect

We collect and process different categories of personal data necessary to provide our services, manage our business, and meet our legal obligations. The types of data we may collect include:

Identification and contact details, such as full name, postal address, service address, and contact preferences. Service and contract information, such as details of the gardening services requested, service frequency, property type, garden size, visit dates and times, project notes and any photographs taken of your garden for quotation, planning, or service record purposes. Billing and payment data necessary to process payments for services, including invoice details and payment history. We do not store full card details where payment is processed through secure third-party payment providers. Communication records, including enquiries, complaints, feedback, quotations and any correspondence relating to services provided. Technical and usage information relating to visits to our website, which may include IP address, device information, basic analytics and cookie data where applicable.

We only collect data that is relevant and necessary for the purposes described in this Privacy Policy.

How We Collect Your Data

We may collect personal data in the following ways:

Directly from you when you contact us to request a quotation, make a booking, or communicate with us about our services. This can be via our website, by post, or in person. Through the provision of services at your property, for example when our gardeners attend your premises and record service details and notes. Automatically through our website when you visit or interact with it, including limited technical data and cookie-related data where used. From third parties where lawful and relevant, for example if a managing agent, landlord or property manager provides your details to arrange gardening services at your property.

Lawful Basis for Processing

We process personal data only where there is a lawful basis under the UK GDPR. Depending on the context, the applicable lawful bases may include:

Performance of a contract: We process your personal data to provide gardening services, issue quotations, manage appointments, take payments, and carry out associated administration. Compliance with legal obligations: We may process and retain certain data to meet tax, accounting, insurance, and other regulatory requirements. Legitimate interests: We may process personal data for our legitimate business interests, such as managing our relationship with you, improving our services, handling enquiries, protecting our business from fraud and misuse, and keeping basic records of past work. Where we rely on legitimate interests, we balance our interests against your rights and expectations. Consent: In certain situations, we may ask for your clear consent to process your data for specific purposes, such as sending direct marketing communications by electronic means where required by law. Where processing is based on consent, you can withdraw your consent at any time.

How We Use Your Personal Data

We use personal data for the following purposes:

To provide, manage and deliver gardening and related services at your property. To create and manage quotations, bookings, schedules and ongoing maintenance plans. To communicate with you regarding enquiries, appointments, service updates, changes or issues. To issue invoices, process payments, and manage accounts and billing queries. To maintain service records, including photos and notes that help ensure consistent quality and continuity of service. To respond to complaints, handle disputes and manage customer satisfaction. To comply with legal and regulatory obligations, including record-keeping and responding to lawful requests from authorities. To protect the security of our staff, customers and business, including the prevention and detection of fraud or misuse. To conduct basic analysis to improve our services and understand demand within the Kings Cross area.

Data Retention

We keep personal data only for as long as it is reasonably necessary for the purposes for which it was collected, including to meet legal, accounting, or reporting requirements.

In general, we apply the following retention practices:

Customer and service records, including contact details, service history and related correspondence, are typically retained for up to six years after the end of the customer relationship, to reflect legal limitation periods and business record requirements. Financial and invoicing information is retained in accordance with applicable tax and accounting rules, usually for at least six years. Website and analytics data are retained for shorter periods where possible, and generally in aggregated or anonymised form where detailed personal data is no longer required.

Once data is no longer required, it will be securely deleted or anonymised so that you can no longer be identified.

Data Sharing and Processors

We do not sell your personal data. We may share personal data with trusted third parties where necessary to provide our services or run our business, always under appropriate contractual safeguards.

Categories of potential recipients include:

Service providers and data processors who support our operations, such as IT, web hosting, secure payment processing, accounting and scheduling tools. These providers are only permitted to process your data on our instructions and must protect it in accordance with data protection laws. Professional advisers, such as accountants, insurers or legal advisers, where necessary for business management, insurance coverage, audits, or legal claims. Authorities, regulators or law enforcement agencies, where we are required to disclose personal data under applicable law or in connection with legal proceedings.

Where data is processed on our behalf by external providers, we take reasonable steps to ensure they offer appropriate privacy and security protections.

International Data Transfers

Where personal data is transferred outside the United Kingdom by our service providers, we require that appropriate safeguards are in place. These may include the use of standard contractual clauses or other mechanisms recognised under data protection law to ensure your information remains adequately protected.

Data Security

We take reasonable technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. Measures may include access controls, secure storage, regular backups and limiting data access to staff and contractors who need it to perform their duties.

While we work to protect your personal data, no system can be completely secure. You should take care when transmitting information to us and keep any reference numbers, account details or passwords secure.

Your Data Protection Rights

Under the UK GDPR, individuals have a number of rights in relation to their personal data, subject to certain conditions and exceptions. These rights may include:

The right of access: You can request a copy of the personal data we hold about you, along with information about how we use it. The right to rectification: You can ask us to correct inaccurate or incomplete personal data. The right to erasure: In some circumstances, you can request that we delete your personal data, for example where it is no longer needed for the purpose it was collected or where you withdraw consent and there is no other legal basis for processing. The right to restrict processing: You may ask us to restrict the use of your data in certain situations, such as while we verify its accuracy or consider an objection. The right to object: You can object to our processing of your personal data where we rely on legitimate interests, including any direct marketing activities. The right to data portability: In certain circumstances, you can request that we provide your personal data in a structured, commonly used and machine-readable format, or that we transmit it to another controller where technically feasible. The right to withdraw consent: Where processing is based on your consent, you can withdraw that consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

If you wish to exercise any of these rights, you can contact us using the contact method you usually use for service enquiries. We may need to verify your identity before responding to your request.

Complaints and Supervisory Authority

If you have concerns about how we handle your personal data, you are encouraged to contact us first so we can try to resolve the issue. You also have the right to lodge a complaint with the relevant data protection supervisory authority in the United Kingdom.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements or data protection practices. Any revised version will apply to all ongoing and new interactions with Gardeners Kings Cross from the date it is published. We encourage you to review this Policy periodically to stay informed about how we protect your information.