Privacy Policy for Customers
Tendercare Nurseries Ltd is a company registered in England and Wales (hereinafter referred to as "We", "Our" or "Us").
Overview
Maintaining the security of your data is of paramount importance to us and we are committed to respecting your privacy rights. This notice, which including without limitation applies when engaging with all departments of the company concerned with the activities of sales including but not limited to garden design & consultation, delivery of plants and materials, garden installations, garden maintenance and café or venue hire services.
For the purpose of the General Data Protection Regulation (EU Regulation 2016/679, when applicable, the “GDPR”), and the EU Data Protection Directive (Directive 95/46/EC), the data controller is, The Data Controller Officer, Tendercare Nurseries Ltd, Southlands Road, Denham, Middlesex, UB94HD.
How we collect or obtain personal information about you
Although the precise details of the personal information collected will vary according to the specific purpose for which we are collecting the information, we may collect and process the following data about you:
- Information that is requested by us and that you provide in person at our premises while engaging with members of staff, verbally or by completing a printed document (application forms)
- Information that is requested by us and that you provide via telephone while engaging with members of staff verbally.
- Information that is requested by us and that you provide electronically (online internet-based forms, enquiry forms on our website, via social media or via direct email communique).
- If you contact us by phone, email or otherwise and information is provided voluntarily without a request, we may keep a record of that correspondence.
- Where permitted or authorised by law, we may also receive information about you from third parties such as affiliates, business partners, credit and fraud checking agencies.
Personal information we collect or obtain about you
The type of information we collect about you may include information such as:
- your name;
- your email address;
- your address;
- your phone number;
Information we obtain from third parties will generally be your name and contact details but may include any additional information they provide to us, including (but not limited to) any of the types of information set out in the list above.
We may also obtain personal information about you from certain publicly accessible sources, including (but not limited to) the electoral register, online customer databases, business directories, media publications, social media, websites, and other publicly accessible sources.
How will we use the information about you?
We use information for the processing of sales transactions, managing ‘design and garden build contracts’ making sure we successfully meet obligations arising from any contracts entered into between you and us, including making deliveries and processing or requesting payments.
As part of the fulfilment of contracts we may engage in the use of subcontractors (for example, a courier company or specialist product installers). The information we share will be limited to the data required to complete a certain task (for example providing a courier company with your delivery address so that your products reach the correct destination)
Marketing - If you agree, we may email or contact you about other products and services we think may be of interest to you. If you have consented to receive marketing, you may opt out at a later date. You have a right at any time to stop us from contacting you for marketing purposes, by emailing us at sales@tendercare.co.uk for the attention of the Data Protection Officer.
How we protect your data
All information you provide to us is stored on our secure servers. We use reasonable, organisational, technical, and administrative measures to protect personal information under our control including the control of access to folders, password protected computers and laptops and password protected access to our IT network.
Any Internet based applications that we use to collect information will be secured using data encryption, Transport Layer Security (TLS) protocol and Secure Sockets Layer (SSL) protocol.
Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted via the internet.
Legal Basis for processing your personal data
The personal data that you provide to us in order to purchase goods and other personal data generated for transactional agreements is processed as it is necessary for the performance of a contract with you.
All other personal data is processed for our legitimate interests (as set out below) and to comply with our legal obligations.
In general, we only rely on consent:
- to send direct marketing communications to customers via email or text message
- to contact (and allow for selected third parties to contact) new customers by electronic means.
You have the right to withdraw your consent at any time.
Our legitimate interests
The normal legal basis for processing customer data, is that it is necessary for our legitimate interests including: -
- selling and supplying goods and services to our customers;
- protecting customers, employees and other individuals and maintaining their safety, health, and welfare;
- promoting, marketing, and advertising our products and services;
- sending promotional communications which are relevant and tailored to individual customers;
- complying with our legal and regulatory obligations;
- preventing, investigating, and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies;
- handling customer contacts, queries, complaints, or disputes;
- managing insurance claims
- protecting us and our employees and customers, by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to us;
- effectively handling any legal claims or regulatory enforcement actions taken against us; and
- fulfilling our duties to our customers, colleagues, shareholders, and other stakeholders.
Your Rights
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling.
- Right to judicial review: in the event that we refuse your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined below in the "Contact" section.
All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data.
You can also exercise the above rights at any time by contacting us (please refer to section titled ‘contact us’ further bellow
How long we keep in your data
- We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
- Our procedures to manage data retention is to retain customer data for up 2 years to support some of our plants and installation warranties.
- The email marketing unsubscribe function will remove your details from marketing lists and confirmation of your removal will be sent to your email address by our chosen email marketing provider
- Data back-ups can take up to 60 days to remove specific data from the system
- We will take reasonable steps under Article 17 of the GDPR to meet data subject requests.
Changes to our privacy notice
Any changes we may make to our privacy notice in the future will be posted on our website for public access and will be made available on our premises in hardcopy.
Contact Us
If you have any questions about how we use your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact us by any of the following means:
Email us on: sales@tendercare.co.uk, for the attention of ‘The Data Protection Officer’
Write to use at: Tendercare Nurseries Ltd, Southlands Road, Denham, Middlesex, UB94HD.
You have the right to make a complaint at any time to the local data protection supervisory authority which, for the UK, is the Information Commissioner's Office (ICO (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Privacy Policy for Customers
Tendercare Nurseries Ltd is a company registered in England and Wales (hereinafter referred to as "We", "Our" or "Us").
Overview
Maintaining the security of your data is of paramount importance to us and we are committed to respecting your privacy rights. This notice, which including without limitation applies when engaging with all departments of the company concerned with the activities of sales including but not limited to garden design & consultation, delivery of plants and materials, garden installations, garden maintenance and café or venue hire services.
For the purpose of the General Data Protection Regulation (EU Regulation 2016/679, when applicable, the “GDPR”), and the EU Data Protection Directive (Directive 95/46/EC), the data controller is, The Data Controller Officer, Tendercare Nurseries Ltd, Southlands Road, Denham, Middlesex, UB94HD.
How we collect or obtain personal information about you
Although the precise details of the personal information collected will vary according to the specific purpose for which we are collecting the information, we may collect and process the following data about you:
- Information that is requested by us and that you provide in person at our premises while engaging with members of staff, verbally or by completing a printed document (application forms)
- Information that is requested by us and that you provide via telephone while engaging with members of staff verbally.
- Information that is requested by us and that you provide electronically (online internet-based forms, enquiry forms on our website, via social media or via direct email communique).
- If you contact us by phone, email or otherwise and information is provided voluntarily without a request, we may keep a record of that correspondence.
- Where permitted or authorised by law, we may also receive information about you from third parties such as affiliates, business partners, credit and fraud checking agencies.
Personal information we collect or obtain about you
The type of information we collect about you may include information such as:
- your name;
- your email address;
- your address;
- your phone number;
Information we obtain from third parties will generally be your name and contact details but may include any additional information they provide to us, including (but not limited to) any of the types of information set out in the list above.
We may also obtain personal information about you from certain publicly accessible sources, including (but not limited to) the electoral register, online customer databases, business directories, media publications, social media, websites, and other publicly accessible sources.
How will we use the information about you?
We use information for the processing of sales transactions, managing ‘design and garden build contracts’ making sure we successfully meet obligations arising from any contracts entered into between you and us, including making deliveries and processing or requesting payments.
As part of the fulfilment of contracts we may engage in the use of subcontractors (for example, a courier company or specialist product installers). The information we share will be limited to the data required to complete a certain task (for example providing a courier company with your delivery address so that your products reach the correct destination)
Marketing - If you agree, we may email or contact you about other products and services we think may be of interest to you. If you have consented to receive marketing, you may opt out at a later date. You have a right at any time to stop us from contacting you for marketing purposes, by emailing us at sales@tendercare.co.uk for the attention of the Data Protection Officer.
How we protect your data
All information you provide to us is stored on our secure servers. We use reasonable, organisational, technical, and administrative measures to protect personal information under our control including the control of access to folders, password protected computers and laptops and password protected access to our IT network.
Any Internet based applications that we use to collect information will be secured using data encryption, Transport Layer Security (TLS) protocol and Secure Sockets Layer (SSL) protocol.
Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted via the internet.
Legal Basis for processing your personal data
The personal data that you provide to us in order to purchase goods and other personal data generated for transactional agreements is processed as it is necessary for the performance of a contract with you.
All other personal data is processed for our legitimate interests (as set out below) and to comply with our legal obligations.
In general, we only rely on consent:
- to send direct marketing communications to customers via email or text message
- to contact (and allow for selected third parties to contact) new customers by electronic means.
You have the right to withdraw your consent at any time.
Our legitimate interests
The normal legal basis for processing customer data, is that it is necessary for our legitimate interests including: -
- selling and supplying goods and services to our customers;
- protecting customers, employees and other individuals and maintaining their safety, health, and welfare;
- promoting, marketing, and advertising our products and services;
- sending promotional communications which are relevant and tailored to individual customers;
- complying with our legal and regulatory obligations;
- preventing, investigating, and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies;
- handling customer contacts, queries, complaints, or disputes;
- managing insurance claims
- protecting us and our employees and customers, by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to us;
- effectively handling any legal claims or regulatory enforcement actions taken against us; and
- fulfilling our duties to our customers, colleagues, shareholders, and other stakeholders.
Your Rights
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling.
- Right to judicial review: in the event that we refuse your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined below in the "Contact" section.
All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data.
You can also exercise the above rights at any time by contacting us (please refer to section titled ‘contact us’ further bellow
How long we keep in your data
- We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
- Our procedures to manage data retention is to retain customer data for up 2 years to support some of our plants and installation warranties.
- The email marketing unsubscribe function will remove your details from marketing lists and confirmation of your removal will be sent to your email address by our chosen email marketing provider
- Data back-ups can take up to 60 days to remove specific data from the system
- We will take reasonable steps under Article 17 of the GDPR to meet data subject requests.
Changes to our privacy notice
Any changes we may make to our privacy notice in the future will be posted on our website for public access and will be made available on our premises in hardcopy.
Contact Us
If you have any questions about how we use your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact us by any of the following means:
Email us on: sales@tendercare.co.uk, for the attention of ‘The Data Protection Officer’
Write to use at: Tendercare Nurseries Ltd, Southlands Road, Denham, Middlesex, UB94HD.
You have the right to make a complaint at any time to the local data protection supervisory authority which, for the UK, is the Information Commissioner's Office (ICO (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.