Eco-Guard Environmental

Privacy Policy

Detailed information on how we collect, process, secure, and retain your personal data.

Privacy Policy & Data Protection Statement

Effective Date: June 7, 2026

1. Introduction and Data Controller

Eco-Guard Environmental Services ("we", "us", "our", or "the Company") is committed to protecting the privacy, confidentiality, and security of the personal data we collect from clients, website visitors, and business associates. This Privacy Policy outlines our data processing practices in strict compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), and the Privacy and Electronic Communications Regulations (PECR).

For the purposes of the UK GDPR, the Data Controller is:

Eco-Guard Environmental Services
67 Highlands, Watford, WD19 4LY
Email: admin@eco-guard.co.uk
Phone: +447523084275

2. The Types of Personal Data We Collect

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped as follows:

  • Identity Data: First name, maiden name, last name, username or similar identifier, marital status, title, and job title.
  • Contact Data: Billing address, service/property address, email address, and telephone numbers.
  • Financial Data: Bank account details and payment card details (processed securely by PCI-DSS compliant third-party payment gateways; we do not store raw card numbers on our servers).
  • Transaction Data: Details about payments to and from you, and other details of pest control products and services you have purchased from us.
  • Technical Data: Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Usage Data: Information about how you use our website, products, and services.
  • Special Category Data (Health & Safety): Information regarding any medical vulnerabilities, allergies, respiratory issues, or the presence of specific domestic animals on the premises, which is strictly collected to ensure safety during chemical, pesticide, or biological treatments.

3. How Your Personal Data is Collected

We use different methods to collect data from and about you, including through:

  • Direct Interactions: You may give us your Identity, Contact, and Financial Data by filling in forms, booking services, or communicating with us by post, phone, email, WhatsApp, or text messaging. This includes information you provide when you:
    • Request a quote or make an inquiry about our pest control services;
    • Book an inspection, treatment, or proofing service;
    • Subscribe to our newsletters or publications;
    • Request marketing materials to be sent to you;
    • Provide feedback or contact us directly.
  • Automated Technologies or Interactions: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies.
  • Third Parties or Publicly Available Sources: We may receive personal data about you from various third parties, such as:
    • Landlords, letting agents, or property managers acting on your behalf to commission pest control services;
    • Local authorities or environmental health departments;
    • Technical and payment processing services based within the UK/EEA.

4. Purposes and Lawful Bases for Processing

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Purpose/Activity Type of Data Lawful Basis for Processing
To register you as a new client and manage your customer account. (a) Identity
(b) Contact		 Performance of a contract with you.
To deliver contracted services, including inspections, treatments, proofing, and follow-ups. (a) Identity
(b) Contact
(c) Special Category (Health details)		 (a) Performance of a contract with you.
(b) Explicit consent (for Special Category Data to ensure safe chemical application).
To process payments, manage fees/charges, and recover debts. (a) Identity
(b) Contact
(c) Financial
(d) Transaction		 (a) Performance of a contract with you.
(b) Legitimate Interests (to recover debts owed to us).
To manage our relationship with you (e.g., notifying you about changes to terms, asking for reviews). (a) Identity
(b) Contact
(c) Profile
(d) Marketing/Communications		 (a) Performance of a contract with you.
(b) Necessary to comply with a legal obligation.
(c) Legitimate Interests (to keep records updated).
To administer and protect our business and this website (troubleshooting, data analysis, system maintenance). (a) Identity
(b) Contact
(c) Technical		 (a) Legitimate Interests (running our business, IT security, prevention of fraud).
(b) Necessary to comply with a legal obligation.
To comply with statutory health & safety regulations, pesticide regulations, and COSHH assessments. (a) Identity
(b) Contact
(c) Special Category (Allergies/medical conditions)		 (a) Legal Obligation.
(b) Substantial public interest (ensuring public safety and compliance with UK environmental/HSE laws).

5. Data Sharing and Disclosures

We do not sell, rent, or trade your personal data with third parties for marketing purposes. However, we may share your personal data with the parties set out below for the purposes detailed in Section 4:

  • Vetted Subcontractors and Professional Technicians: Independent pest control specialists contracted by us to execute specific treatments at your property.
  • Service Providers: IT and system administration service providers, cloud storage providers, and payment processors (such as Stripe or merchant banks) operating within the UK.
  • Professional Advisers: Lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
  • Regulatory and Government Bodies: HM Revenue & Customs (HMRC), the Health and Safety Executive (HSE), local authorities, or law enforcement agencies, where we are legally required to report or disclose processing activities.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

6. International Data Transfers

We process and store your personal data primarily within the United Kingdom. If we transfer your personal data outside of the UK (for example, to a cloud hosting platform located in the EEA or USA), we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the UK Government.
  • Where we use certain service providers, we may use specific contracts approved for use in the UK (such as the International Data Transfer Agreement or Addendum) which give personal data the same protection it has in the UK.

7. Data Security Measures

We have put in place robust technical, physical, and organizational security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. These include:

  • Encryption of web traffic via Secure Sockets Layer (SSL/TLS) technology.
  • Restricted access controls ensuring that only authorized employees and vetted technicians who need the data to perform their job have access to it.
  • Secure, password-protected database and storage systems with regular security updates.
  • Secure disposal procedures for physical records containing personal data (such as site hazard sheets).

We have put in place procedures to deal with any suspected personal data breach and will notify you and the Information Commissioner's Office (ICO) of a breach where we are legally required to do so.

8. Data Retention Policy

We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We apply the following retention schedules:

  • Customer Accounts & Service History: Retained for 6 years following the termination of the customer relationship, to protect the Company against legal claims and to comply with financial auditing regulations.
  • Tax and Billing Records: Invoices, payment records, and VAT logs are retained for 6 financial years as mandated by HMRC.
  • Chemical and Treatment Reports: Records of specific pesticide applications and site safety assessments are retained for up to 5 years for health & safety auditing, compliance with COSHH regulations, and liability protection.
  • Inquiries and Quotes (No Booking): Retained for a maximum of 12 months, after which the details are securely deleted if no service agreement is reached.

9. Your Statutory Legal Rights

Under the UK GDPR and the Data Protection Act 2018, you have the following rights in relation to your personal data:

  • Right of Access (Subject Access Request): You have the right to request a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Right to Rectification: You have the right to ask us to correct any incomplete or inaccurate data we hold about you.
  • Right to Erasure ("Right to be Forgotten"): You have the right to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request (e.g., HMRC tax compliance).
  • Right to Restrict Processing: You have the right to ask us to suspend the processing of your personal data in certain scenarios (e.g., to verify accuracy, or object to processing).
  • Right to Data Portability: You have the right to request the transfer of your personal data to you or to a third party in a structured, commonly used, machine-readable format.
  • Right to Object: You have the right to object to the processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object. You also have an absolute right to object where we are processing your personal data for direct marketing purposes.
  • Right to Withdraw Consent: Where we rely on consent to process your data, you can withdraw consent at any time.

If you wish to exercise any of these rights, please contact us at admin@eco-guard.co.uk. We will respond to all legitimate requests within one calendar month. No fee is usually required to exercise your rights.

10. Complaint Escalation (ICO)

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).

We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

11. Cookies and Tracking

Our website may use cookies to distinguish you from other users. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

12. Policy Changes

We keep our Privacy Policy under regular review. Any updates or revisions will be posted directly to this page. Continued use of our website or services following any updates represents acceptance of the revised policy terms.