Gardeners Morden Park Privacy Policy

This Privacy Policy explains how Gardeners Morden Park collects, uses, discloses, and protects personal data belonging to its customers and prospective customers in the Morden Park area. It also explains your rights under applicable data protection laws, including the UK General Data Protection Regulation UK GDPR and the Data Protection Act 2018.

This Privacy Policy applies to all Gardeners Morden Park customers and service users in the Morden Park area, including individuals who make enquiries, request quotes, book services, or otherwise interact with us in connection with our gardening and related services.

Data Controller

Gardeners Morden Park is the organisation responsible for determining how and why your personal data is processed. For the purposes of the UK GDPR, Gardeners Morden Park is the data controller for the personal data described in this Privacy Policy.

Personal Data We Collect

We may collect and process the following categories of personal data about you, depending on how you interact with us and which services you use:

Identification and contact details such as your name, postal address, property address where services are provided, and any other contact information you choose to provide.

Service and contract details such as information about the gardening or maintenance services you request, property access information relevant to service delivery, appointment dates and times, quotes, invoices, and records of the services provided.

Communication records such as information you provide when you contact us to request a quote, make a booking, ask a question, provide feedback, or raise a concern. This may include notes of telephone calls and copies of written correspondence.

Payment and transaction information such as records of payments made to us and associated transaction details. We do not store full payment card details if you use a card to pay.

Technical and usage information where you use a website or online form associated with Gardeners Morden Park, such as basic log information and device data. This is limited to what is necessary for security, performance monitoring, and the provision of online features.

Any other information you choose to provide to us where it is relevant to the delivery of our services, for example specific gardening preferences or access instructions for your property.

Lawful Bases for Processing Your Personal Data

We process your personal data only where we have a lawful basis to do so under the UK GDPR. Depending on the circumstances, we may rely on the following lawful bases:

Contract: We process your personal data where it is necessary to enter into a contract with you or to perform a contract that we have with you. This includes processing for the purpose of providing quotes, scheduling and delivering gardening services, and managing your account or bookings.

Legal obligation: We may process your personal data where we are required to do so in order to comply with legal or regulatory obligations, such as tax and accounting requirements.

Legitimate interests: We may process your personal data where it is necessary for our legitimate business interests, provided that your rights and freedoms do not override those interests. This can include maintaining business records, improving our services, handling customer queries, and protecting our business against fraud or misuse of our services.

Consent: In limited situations, we may rely on your consent, for example where we wish to send you certain types of marketing communications that are not based on our legitimate interests. Where we rely on consent, you can withdraw it at any time.

How We Use Your Personal Data

We use the personal data we collect for the following purposes:

To provide and manage gardening and related services, including processing enquiries, preparing quotes, scheduling visits, and delivering services at your property.

To communicate with you about your bookings, changes to appointments, service updates, and other information necessary to manage our relationship with you.

To manage payments, invoicing, and accounting, including processing payments and maintaining accurate financial records.

To respond to your questions, feedback, and complaints, and to provide customer support.

To maintain and improve our services, including monitoring service quality, training staff, and analysing how our services are used so we can enhance customer experience.

To comply with legal obligations and to establish, exercise, or defend legal claims if necessary.

To send you information about services that may be of interest to you where we are permitted to do so by law and always respecting your communication preferences.

Data Retention

We keep your personal data only for as long as it is reasonably necessary to fulfil the purposes for which it was collected, and to meet any legal, regulatory, tax, accounting, or reporting obligations.

In general, customer records, including contact details, service history, and invoices, are kept for a period that allows us to manage our relationship with you and comply with applicable record-keeping laws. After the relevant retention period has expired, we will securely delete or anonymise your personal data so that you can no longer be identified from it.

If you request that we stop using your personal data for marketing purposes, we will keep a record of your contact details on a suppression list to ensure that we respect your request.

Data Processors and Third Parties

We may share your personal data with third parties who provide services to us and act as data processors on our behalf. These third parties may include:

IT and system support providers who help us operate and maintain our business systems.

Payment and accounting service providers who assist with processing payments and managing our accounts.

Professional advisers such as auditors or legal advisers where necessary to protect our business or comply with legal requirements.

These service providers are only permitted to process your personal data in accordance with our instructions and only for the purposes described in this Privacy Policy. We require all processors to implement appropriate technical and organisational measures to protect your data.

We may also share personal data where we are legally required to do so, for example with law enforcement agencies, regulators, or tax authorities, or where sharing is necessary to establish, exercise, or defend legal claims.

International Transfers

Where we use service providers located outside the United Kingdom, or where your personal data is otherwise transferred internationally, we will ensure that appropriate safeguards are in place to protect your personal data, in accordance with data protection laws. This may include using standard contractual clauses or ensuring that the recipient is located in a country that has been recognised as providing an adequate level of data protection.

How We Protect Your Personal Data

We take the security of your personal data very seriously. We implement technical and organisational measures designed to protect personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. These measures include restricting access to personal data to those who need it for their role, maintaining secure systems, and reviewing our security practices regularly.

Your Data Protection Rights

Under the UK GDPR, you have a number of rights in relation to your personal data. These rights may be subject to certain conditions and legal exemptions, but we will always respect your rights to the fullest extent required by law. Your rights include:

Right of access: You have the right to request confirmation of whether we process your personal data and to receive a copy of that data, along with information about how we use it.

Right to rectification: You have the right to request that inaccurate or incomplete personal data about you is corrected or updated.

Right to erasure: In certain circumstances, you may have the right to request that we delete your personal data. This right is not absolute and may be limited where we have lawful grounds to retain your data.

Right to restrict processing: You may have the right to request that we restrict the processing of your personal data in certain situations, for example while we are verifying the accuracy of the data or considering an objection you have raised.

Right to object: You have the right to object to our processing of your personal data where we rely on legitimate interests as our lawful basis. You also have an absolute right to object to the use of your personal data for direct marketing.

Right to data portability: In some circumstances, you may have the right to receive certain personal data in a structured, commonly used, and machine-readable format and to request that we transfer it to another controller.

Right to withdraw consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before you withdrew your consent.

You also have the right to lodge a complaint with the relevant data protection supervisory authority if you are concerned about how we handle your personal data. We would, however, appreciate the chance to address your concerns directly before you contact a supervisory authority.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal obligations. Any updated version will apply to all Gardeners Morden Park customers and service users in the Morden Park area from the date it is published. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.