Privacy Policy

Pro Asbestos Removal is a specialist asbestos removal and survey company registered in England and Wales, operating from Dornton Road, South Croydon, CR2 7DQ. We are the data controller for the personal information you provide to us through this website, by telephone, or by email.

You can contact us about data protection matters at:

Email: [email protected] Telephone: 07345 062075 Post: Pro Asbestos Removal, Dornton Rd, South Croydon, CR2 7DQ

We collect and process the following categories of personal data:

Contact and enquiry data: name, telephone number, email address, property address, and the details of your enquiry when you submit a quote request, contact form, or call us directly.

Survey and project data: property details, access arrangements, and technical information about asbestos-containing materials when we carry out surveys or removal work at your property.

Communications data: records of emails, telephone calls, and written correspondence between you and our team.

Website usage data: IP address, browser type, pages visited, and time spent on pages, collected automatically via cookies and analytics tools (see our Cookie Policy for full details).

We do not collect or process special category data (such as health information) unless you voluntarily provide it in the context of an enquiry.

Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, we process your personal data on the following legal bases:

Contract performance (Article 6(1)(b)): to provide the services you have requested, including surveys, removal work, and issuing documentation such as waste transfer notes and clearance certificates.

Legitimate interests (Article 6(1)(f)): to respond to enquiries, manage our business operations, and improve our services. We have carried out a legitimate interests assessment and are satisfied that our interests are not overridden by your rights.

Consent (Article 6(1)(a)): where you have opted in to receive marketing communications from us. You may withdraw consent at any time by contacting us or clicking the unsubscribe link in any marketing email.

Legal obligation (Article 6(1)(c)): where we are required to retain records under applicable law, including the Control of Asbestos Regulations 2012, the Environmental Protection Act 1990, and HMRC requirements.

We use your personal data to:

— Respond to enquiries and provide quotes for asbestos removal, surveys, and related services — Schedule and carry out site visits, surveys, and removal work — Issue waste transfer notes, clearance certificates, and other regulatory documentation — Send invoices and process payments — Communicate with you about your project before, during, and after completion — Comply with our legal obligations under the Control of Asbestos Regulations 2012 and related legislation — Improve our website and services through anonymised analytics data — Send marketing communications where you have consented or where we have a legitimate interest in doing so

We share your personal data only where necessary and with appropriate safeguards in place:

Subcontractors and specialist partners: where a project requires specialist input (such as UKAS-accredited laboratory analysis), we share only the data necessary for them to perform their role.

Regulatory bodies: we are required to notify the Health and Safety Executive (HSE) of certain licensed asbestos work under CAR 2012 Regulation 9. This notification includes the site address and project details.

Waste carriers and disposal facilities: we share property address and waste details with our licensed waste carrier and approved disposal facility as required by the Environmental Protection Act 1990 and the Hazardous Waste Regulations 2005.

IT and business service providers: we use third-party services for email, accounting, and website hosting. These providers act as data processors and are bound by data processing agreements.

We do not sell, rent, or trade your personal data to any third party for marketing purposes.

We retain your personal data for the following periods:

Enquiry data (no project undertaken): 12 months from the date of the last communication.

Project and contractual records: 7 years from project completion, in line with HMRC requirements and potential limitation periods for civil claims.

Regulatory records (waste transfer notes, clearance certificates, HSE notifications): 3 years minimum as required by the Control of Asbestos Regulations 2012 and the Hazardous Waste Regulations 2005.

Marketing consent records: until you withdraw consent, plus 12 months.

After the applicable retention period, we securely delete or anonymise your data.

As a UK data subject, you have the following rights:

Right of access: you may request a copy of the personal data we hold about you (Subject Access Request).

Right to rectification: you may ask us to correct inaccurate or incomplete data.

Right to erasure: you may ask us to delete your data where there is no longer a lawful basis for processing, subject to our legal retention obligations.

Right to restrict processing: you may ask us to pause processing of your data in certain circumstances.

Right to data portability: where processing is based on consent or contract, you may request your data in a structured, machine-readable format.

Right to object: you may object to processing based on legitimate interests, including direct marketing.

Rights in relation to automated decision-making: we do not make decisions about you based solely on automated processing.

To exercise any of these rights, please contact us at [email protected] or write to us at the address above. We will respond within one calendar month. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

We use cookies and similar tracking technologies on this website. For full details of the cookies we use, the purposes for which we use them, and how to manage your preferences, please read our Cookie Policy.

We do not routinely transfer your personal data outside the United Kingdom. Where any of our service providers process data outside the UK, we ensure that appropriate safeguards are in place in accordance with UK GDPR Chapter V, including the use of the UK International Data Transfer Agreement (IDTA) or adequacy decisions where applicable.

We take the security of your personal data seriously. We implement appropriate technical and organisational measures to protect your data against unauthorised access, accidental loss, destruction, or damage. These measures include password-protected systems, encrypted email communications, and restricted access to personal data on a need-to-know basis.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and, where required, notify you directly.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The date at the top of this page indicates when the policy was last revised. We encourage you to review this policy periodically.