Privacy Policy - Selfstorage Nottinghill

This Privacy Policy explains how Selfstorage Nottinghill collects, uses, stores, shares, and protects personal data relating to customers, prospective customers, and other individuals in the area who interact with our storage services. It applies to all Selfstorage Nottinghill customers in the area and is intended to provide clear information in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Selfstorage Nottinghill provides self-storage services to individuals and businesses. In doing so, we may process personal data about customers, account holders, visitors, authorised users, and individuals associated with bookings, payments, access arrangements, or enquiries. We act as a data controller for the personal data we determine the purposes and means of processing.

2. Personal Data We Collect

We collect only the personal data that is necessary for operating our storage services, maintaining security, managing contracts, and meeting legal obligations. Depending on your interaction with us, the personal data we may collect includes:

  • Identity data: name, date of birth, and similar identifying details.
  • Contact data: address, email address, telephone number, and billing address.
  • Contract and account data: booking details, storage unit information, access records, contract history, and account status.
  • Payment data: payment confirmation, transaction records, and limited financial details needed to manage fees and deposits.
  • Security data: CCTV images, access logs, gate entry records, and incident reports.
  • Communications data: correspondence with our team, complaints, service requests, and feedback.
  • Technical data: device or system logs where required for the operation and security of digital services.

We do not intentionally collect special category data unless it is necessary for a specific legal or operational reason and permitted by law. Where this occurs, we apply additional safeguards.

3. How We Use Your Data

We use personal data for the following purposes:

  • to create and administer customer accounts;
  • to provide storage services and manage access to storage units;
  • to process payments, deposits, refunds, and related accounting activities;
  • to verify identity and prevent fraud;
  • to maintain site safety, security, and incident management;
  • to contact customers about service updates, contract matters, and account issues;
  • to comply with legal and regulatory obligations;
  • to handle disputes, complaints, and claims;
  • to improve our services, operations, and security measures.

We only use data for purposes that are compatible with the original reason it was collected. We do not sell personal data.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for each processing activity. Selfstorage Nottinghill relies on the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a storage agreement with you. This includes account management, storage access, invoicing, and customer support relating to your contract.

Legal Obligation

We process some data to comply with legal requirements, such as tax, accounting, fraud prevention, health and safety, and regulatory record-keeping obligations.

Legitimate Interests

We may process data where it is necessary for our legitimate interests or those of a third party, provided these interests are not overridden by your rights and freedoms. Examples include site security, CCTV monitoring, access control, service improvement, and defending legal claims. Where we rely on legitimate interests, we assess the impact on individuals and apply appropriate safeguards.

Consent

In limited circumstances, we may rely on your consent, for example where optional marketing or certain non-essential communications require it. Where consent is used, you may withdraw it at any time without affecting the lawfulness of prior processing.

5. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying contractual, legal, tax, insurance, and security requirements. Retention periods depend on the type of data and the reason for processing.

  • Customer account and contract records: retained for the duration of the agreement and for a period afterward to manage claims, disputes, and audit requirements.
  • Payment and accounting records: retained for the period required by financial and tax law.
  • Security records, including CCTV: kept only for as long as necessary for security, incident investigation, or legal purposes.
  • Enquiry and correspondence records: retained for a reasonable period to respond to queries and demonstrate service history.

When data is no longer required, we securely delete, anonymise, or destroy it. We apply retention controls to ensure personal data is not kept longer than necessary.

6. Sharing Personal Data and Processors

We may share personal data with trusted third parties where necessary to provide our services, operate our business, or meet legal obligations. These third parties may act as processors on our behalf or as independent controllers in their own right.

  • Payment service providers: to process customer payments securely.
  • IT and cloud service providers: to store data, manage systems, and support secure operations.
  • Security providers: to manage CCTV, alarm systems, and access control.
  • Professional advisers: including accountants, auditors, insurers, and legal advisers.
  • Public authorities and regulators: where disclosure is required by law or necessary to protect rights, safety, or property.

Where we use processors, we require them to act only on our instructions, maintain confidentiality, implement appropriate security measures, and comply with data protection law. We do not permit processors to use your personal data for their own purposes unless they are independently responsible for that data under law.

7. International Transfers

Where any service provider processes personal data outside the UK, we ensure appropriate safeguards are in place, such as adequacy regulations or recognised transfer mechanisms. These safeguards are designed to protect your data to a standard consistent with UK data protection law.

8. Data Security

We use organisational and technical measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. Measures may include access restrictions, role-based permissions, encryption where appropriate, secure storage, and staff training. While no system can be guaranteed completely secure, we take reasonable and proportionate steps to safeguard the information we hold.

9. Your Rights

Under data protection law, you have several rights in relation to your personal data. These rights may apply depending on the circumstances and the legal basis for processing.

  • Right of access: you may request confirmation of whether we process your data and receive a copy of it.
  • Right to rectification: you may ask us to correct inaccurate or incomplete data.
  • Right to erasure: you may ask us to delete your data where there is no lawful reason to keep it.
  • Right to restriction: you may request that we limit how we use your data in certain situations.
  • Right to data portability: you may request certain data in a structured, commonly used format where processing is based on contract or consent and carried out by automated means.
  • Right to object: you may object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where consent is relied upon, you can withdraw it at any time.

Some rights are subject to legal exceptions. For example, we may need to keep certain information to meet legal obligations, defend claims, or maintain security records.

10. Complaints and Supervisory Authority

If you have concerns about how we handle personal data, you should first raise them with us so we can address the issue. You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage individuals to contact us first so we can try to resolve matters promptly and fairly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data processing practices. Any revised version will apply from the date it is published. We encourage customers to review this policy periodically so they remain informed about how their personal data is handled.

12. Summary of Our Privacy Commitments

Selfstorage Nottinghill is committed to handling personal data lawfully, fairly, and transparently. We collect only what is needed, use it for clear and legitimate purposes, keep it only for as long as necessary, and protect it with appropriate safeguards. We also ensure that any processors acting on our behalf are bound by suitable contractual and security obligations.

By using Selfstorage Nottinghill services in the area, you acknowledge that your personal data may be processed as described in this policy.

Call Now!
Call Now Get a Quote
Selfstorage Nottinghill

GDPR-compliant Privacy Policy for Selfstorage Nottinghill covering data collection, lawful basis, retention, processors, rights, and applies to all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.