Treetask

Privacy Policy

Effective date: 15 July 2026

Treetask is a job management application for tree surgery businesses, operated by Peardrop Studio (“we”, “us”). This policy explains what data the Service handles, why, and your rights under UK data protection law (UK GDPR and the Data Protection Act 2018).

1. The data we handle

Account data — your name, email address and encrypted login credentials.

Business records — data your business enters into the Service: customer names and contact details, site addresses, surveys, quotes, jobs, invoices, photographs, risk assessments and related documents. For this data, your business is the data controller and we act as a processor on your instructions.

Technical data — authentication session cookies (required for login) and standard server logs. We do not use advertising or cross-site tracking cookies.

2. How we use it

Solely to provide the Service: storing and displaying your business records, generating quote and invoice documents, sending emails you initiate, and operating the integrations you connect. We do not sell data, use it for advertising, or use it to train AI models.

3. Where it’s stored and who processes it

We use a small number of infrastructure providers to run the Service:

Supabase (database and authentication), Vercel (application hosting), and Cloudflare (photo and document storage).

Data is shared with the following only when you actively use the relevant feature:

Resend — delivers the quote and invoice emails you send. Intuit QuickBooks — receives customer and invoice data when you connect QuickBooks and press push. Microsoft — receives job schedule details when you connect an Outlook calendar. Anthropic — receives photos of handwritten notes when you use the transcription feature, for the sole purpose of returning the text; this data is not used to train models.

Connecting or disconnecting an integration is always your choice, from Settings. Disconnecting stops all further data exchange and revokes stored credentials.

4. Retention

We keep your data for as long as your account is active. If you close your account, we delete your data within 30 days of your request, except where a legal obligation requires longer retention. You can request an export first.

5. Security

All data is encrypted in transit (TLS) and at rest. Access within the application is restricted per business at the database level — one business can never read another’s records. Integration credentials are stored server-side only and are never exposed to the browser.

6. Your rights

Under UK GDPR you can request access to, correction of, or deletion of your personal data, object to or restrict processing, and request portability. If your data is in the Service because a tree surgery business you dealt with entered it, that business is the controller — contact them first, and we will support their response. You can complain to the Information Commissioner’s Office (ico.org.uk) if you are unhappy with how data has been handled.

7. Changes

If we materially change this policy we will note the new effective date here and notify account holders by email where the change affects them.

8. Contact

Data questions or requests: hello@peardropstudio.com