Privacy policy.

Effective date: 18.08.2025

1. Who we are

I am Lumberjack Ltd provides tree surgery, hedge trimming and related arborist services across the UK.

Data controller:
I am Lumberjack
Andrew House, Granville Road, Sidcup, DA14 4BN
Phone: 0203 539 6157 / 07957 685655
Email: jack@iamlumberjack.com

If you have any questions about this Policy or how we handle your personal data, contact us using the details above.

2. What this policy covers

This Privacy Policy explains how we collect, use, store and protect your personal information when you visit our website (https://www.iamlumberjack.com/) or engage our services.

3. Personal data we collect

We may collect and process the following information:

Identity and contact data:
Name, email address, phone number, postal address.

Service-related data:
Information you provide when requesting a quote (such as access details, photos, property information).

Technical and usage data:
IP address, browser details, device information, time zone, pages visited, interaction behaviour on our website. Collected through cookies and similar technologies.

Marketing and communication data:
Your preferences for receiving marketing or review invitations.

We do not intentionally collect special category data. If such information is submitted to us, it will be securely deleted.

4. How we collect your data

We collect your data through:

Direct interactions:
Forms on our website, phone calls, emails, messages, and when you book or complete a job with us.

Automated technologies:
Cookies, Google Analytics, and similar tools that track website behaviour and performance.

Third-party sources:
Review platforms (e.g., reviews you leave), social media platforms, directories such as Checkatrade.

5. Why we use your data (lawful basis)

We process your data under the following lawful bases:

Contract:
To provide quotes, arrange work, issue invoices, and deliver our services.

Legitimate interests:
To follow up on enquiries, send review invitations, improve our website, understand service performance, or ensure site safety.

Consent:
For optional marketing communications or non-essential cookies where consent is required.

Legal obligation:
For tax, invoice, accounting, and insurance purposes.

6. Third-party services and platforms we use

We work with trusted platforms to run our business. They may act as processors or independent controllers of personal data.

Reviews.io

Used to send review invitations and publish verified customer reviews.
Reviews.io may receive your name and email for the sole purpose of inviting you to leave a review.

Checkatrade

If you contact us or review us through Checkatrade, your data is governed by their own policies.
We may receive enquiry information you submit on their platform.

Google Services

This includes:

  • Google Analytics

  • Google Ads (if running campaigns)

  • Google Tag Manager

  • Google Business Profile

Google collects pseudonymous analytics data, including IP address, device identifiers and browsing behaviour.
We use this to understand website performance, customer demand, and service interest.

Other service providers

We may share data with:

  • Website hosting providers

  • Email communication providers

  • IT and secure storage providers

These parties only process data under our instruction.

7. International data transfers

Some providers (including Google and Reviews.io) may store or process data outside the UK.
Where this occurs, we rely on lawful safeguards such as Standard Contractual Clauses approved for international data transfers.

8. Cookies

We use essential and non-essential cookies.
Non-essential cookies (analytics, advertising) require consent under UK law.
You can manage your cookie settings at any time using your browser or our cookie preferences tool.

A separate Cookie Policy can be provided on request.

9. How long we keep your data

We retain personal data only for as long as necessary for the purposes described above. Typical retention periods include:

  • Quote enquiries: 12–24 months

  • Customer job records: 6–7 years (legal and tax requirements)

  • Emails and communications: up to 3 years

  • Review invitation data: 30–90 days depending on provider

  • Website analytics data: 14–26 months depending on Google settings

After these periods, data is securely deleted or anonymised.

10. How we protect your data

We take appropriate measures to keep your data secure, including:

  • Encrypted storage where available

  • Access controls and limited staff access

  • Secure cloud hosting

  • Regular deletion of unnecessary information

  • Password protection and secure devices

11. Your privacy rights

Under UK GDPR, you have the right to:

  • Request access to your personal data

  • Request correction of inaccurate data

  • Request deletion in certain circumstances

  • Object to processing based on legitimate interests

  • Restrict processing in certain situations

  • Request data portability

  • Withdraw consent at any time (for consent-based processing)

To exercise any of these rights, contact us using the details in Section 1.
We may ask for proof of identity before processing your request.

You also have the right to complain to the Information Commissioner’s Office (ICO) if you believe your data is being handled unlawfully.

12. Children’s privacy

Our services are aimed at adults. We do not knowingly collect data from children under 18.

13. Changes to this Policy

We may update this Privacy Policy from time to time. The most recent version will always be available on our website with an updated effective date.