Privacy Policy - Oldcoulsdon Storage

This Privacy Policy explains how Oldcoulsdon Storage collects, uses, stores, shares, and protects personal data. It applies to all Oldcoulsdon Storage customers in the area, including individuals, household customers, and business customers who use our storage services. We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws.

1. Who We Are

Oldcoulsdon Storage provides storage services to customers in and around the local area. In the course of operating our business, we process personal data for purposes such as account setup, identity verification, billing, access control, customer support, security, and legal compliance. This policy describes our privacy practices in a clear and transparent way.

2. Data We Collect

We only collect personal data that is necessary for the services we provide and for our legitimate business operations. Depending on your relationship with us, we may collect the following categories of information:

  • Identity data such as your name, date of birth, and identification details where required for verification.
  • Contact data such as postal address, email address, and telephone number.
  • Account and contract data such as booking details, storage unit references, payment arrangements, and service history.
  • Financial data such as billing information, payment records, and transaction status.
  • Security data such as CCTV footage, access logs, alarm records, and incident reports.
  • Communications data such as correspondence, enquiries, complaints, and feedback.
  • Technical data if you interact with our digital systems, including device or usage data relevant to maintaining service security and functionality.

We do not intentionally collect more information than is needed. Where we request information, we will explain whether providing it is mandatory or optional. If you choose not to provide certain data, we may be unable to offer some services or complete certain requests.

3. How We Collect Data

We collect personal data directly from you when you complete forms, make enquiries, sign agreements, make payments, or communicate with us. We may also collect data indirectly from trusted third parties where lawful and necessary, for example:

  • payment service providers;
  • identity verification providers;
  • insurance or claims-related parties where relevant;
  • law enforcement, regulators, or legal representatives when required by law.

Where we use CCTV or other site security measures, data may be collected automatically to protect customers, staff, visitors, and property. This is done with appropriate safeguards and only for legitimate security purposes.

4. How We Use Personal Data

We use personal data for lawful business purposes, including the following:

  • creating and managing customer accounts;
  • setting up, administering, and maintaining storage agreements;
  • processing payments and managing outstanding balances;
  • verifying identity and preventing fraud;
  • managing access to storage facilities and protecting site security;
  • communicating with customers about services, notices, and account matters;
  • handling complaints, disputes, or claims;
  • meeting legal, tax, regulatory, and insurance obligations;
  • improving our services, operations, and security procedures.

We will always ensure that any use of personal data is proportionate, relevant, and limited to what is necessary for the intended purpose.

5. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for processing personal data. Oldcoulsdon Storage relies on the following lawful bases where appropriate:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up your storage service, administering access, managing payments, and providing customer support connected to your agreement.

Legal Obligation

We may process personal data where required to comply with legal obligations, such as accounting, tax, fraud prevention, health and safety, record-keeping, or responding to lawful requests from authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided your rights and freedoms do not override those interests. Examples include site security, preventing misuse of services, maintaining service quality, and defending legal claims. We only rely on this basis where it is fair and appropriate to do so.

Consent

In limited situations, we may ask for your consent to process data. If consent is used, it will be freely given, specific, informed, and unambiguous. You may withdraw consent at any time, although this will not affect processing that took place before withdrawal.

6. Sharing Personal Data and Processors

We do not sell your personal data. We may share it with trusted third parties where necessary for the purposes described in this policy. When a third party processes data on our behalf, it acts as a processor under a written contract that requires it to protect data and only act on our instructions.

Examples of processors and service providers may include:

  • payment processors who handle card or bank transactions;
  • IT and cloud service providers supporting secure data storage or system administration;
  • security providers assisting with surveillance, alarm monitoring, or access control;
  • identity verification and anti-fraud service providers;
  • professional advisers such as accountants, auditors, insurers, or legal advisers where necessary.

We may also disclose personal data to law enforcement, courts, regulators, or public authorities where required by law or where disclosure is necessary to establish, exercise, or defend legal rights.

7. International Transfers

If any processor or service provider stores or accesses personal data outside the UK, we will ensure that appropriate safeguards are in place. These safeguards may include adequacy regulations, standard contractual clauses, or other legally recognised transfer mechanisms. We take reasonable steps to protect your information wherever it is processed.

8. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. Retention periods vary depending on the type of data and the nature of the service provided.

In general:

  • Contract and account records are retained for the duration of the relationship and for a reasonable period afterwards to deal with claims, disputes, or legal obligations.
  • Financial and tax records are retained for periods required by law.
  • Security records, including CCTV and access logs, are retained for limited periods unless they are needed for an investigation, insurance matter, or legal claim.
  • Communication records are retained as long as necessary to manage enquiries, service issues, and any follow-up actions.

When data is no longer needed, we will delete it securely or anonymise it so that it can no longer identify you.

9. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, password protection, secure storage, staff confidentiality obligations, monitoring of system access, and regular review of our security procedures. While no system can be guaranteed as completely secure, we take data protection seriously and work to reduce risk as far as reasonably possible.

10. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to legal exceptions and conditions.

  • Right of access – you may request a copy of the personal data we hold about you.
  • Right to rectification – you may ask us to correct inaccurate or incomplete data.
  • Right to erasure – in certain circumstances, you may ask us to delete your personal data.
  • Right to restriction – you may ask us to limit how we use your data in certain situations.
  • Right to object – you may object to processing based on legitimate interests or direct marketing, where applicable.
  • Right to data portability – you may request a copy of certain data in a structured, commonly used format.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

If you wish to exercise any of these rights, we will respond in accordance with applicable legal timeframes. We may need to verify your identity before acting on your request.

11. Children’s Data

Our services are not intended for children, and we do not knowingly collect personal data from children except where necessary in connection with a lawful customer relationship or where required by law. If we become aware that we have collected data from a child without an appropriate legal basis, we will take steps to delete it or otherwise handle it lawfully.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or privacy practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how we process personal data.

13. Contact and Complaints

If you have concerns about how your personal data is handled, you may raise them with us so that we can review and address the issue. You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.

We aim to process all personal data fairly, securely, and transparently, respecting the privacy of every customer who uses Oldcoulsdon Storage.

Call Now!
Call Now Get a Quote
Oldcoulsdon Storage

GDPR-compliant Privacy Policy for Oldcoulsdon Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.