Privacy Policy - Selfstorage Belgravia

This Privacy Policy explains how Selfstorage Belgravia collects, uses, stores, shares, and protects personal data in connection with its storage services and related operations. It applies to all Selfstorage Belgravia customers in the area, including individuals and business users who enquire about, book, access, manage, or end a storage arrangement, as well as visitors who interact with our services through administrative, operational, or support channels.

We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We process data lawfully, fairly, and transparently, and we only collect information that is necessary for clear and legitimate purposes.

1. Information We Collect

We may collect and process the following categories of personal data:

  • Identity data: name, title, date of birth, and identification information where needed for verification or security purposes.
  • Contact data: address, email address, and telephone number.
  • Account and contract data: storage unit details, booking records, rental agreement information, billing preferences, and correspondence relating to your account.
  • Payment data: payment method details, payment status, transaction records, and invoicing information. We do not store card data unless required by a secure payment provider.
  • Access and security data: records of access to premises or units, entry logs, key or access device records, and CCTV footage where applicable.
  • Communication data: enquiries, complaints, feedback, call notes, and messages exchanged with our staff.
  • Technical data: device and browser information, IP address, and limited usage data if collected during digital interactions.

We may also collect information indirectly from third parties, such as payment service providers, identity verification services, fraud prevention services, insurers, or legal and regulatory bodies where required.

2. How We Use Personal Data

We use personal data for the following purposes:

  • to register customers and manage storage agreements;
  • to verify identity and protect against fraud, misuse, or unauthorised access;
  • to issue invoices, collect payments, and manage arrears;
  • to provide access to storage facilities and maintain site security;
  • to communicate about bookings, renewals, changes, service updates, or support issues;
  • to comply with legal, tax, insurance, and regulatory obligations;
  • to investigate disputes, breaches, or incidents;
  • to improve operational efficiency, customer service, and security measures;
  • to defend or establish legal claims where necessary.

We will only use personal data for the purposes for which it was collected unless we reasonably consider that another compatible purpose is lawful and appropriate.

3. Lawful Basis for Processing

We process personal data only where we have a lawful basis under data protection law. Depending on the context, our lawful bases include:

Contract

We process data when it is necessary to enter into or perform a storage agreement, manage your account, provide access, handle billing, and deliver related services.

Legal Obligation

We may process personal data to comply with legal requirements, including accounting, tax, record-keeping, consumer law, and responses to lawful requests from authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate interests or those of a third party, provided your rights and interests do not override those interests. Examples include site security, fraud prevention, business administration, service improvement, and legal defence.

Consent

In limited cases, we may rely on consent, for example for certain optional communications or specific forms of data use. Where consent is used, you may withdraw it at any time.

Vital Interests

In rare circumstances, we may process personal data to protect someone’s vital interests, such as in an emergency involving health or safety.

4. Data Sharing and Processors

We may share personal data with trusted third parties only when necessary and only under appropriate safeguards. These third parties act either as data processors or, in some cases, as independent controllers.

Processors may include:

  • payment processors and invoicing providers;
  • IT, cloud storage, and system maintenance providers;
  • identity verification and fraud prevention services;
  • security and CCTV monitoring service providers;
  • customer communication and document management providers;
  • professional advisers, such as accountants, insurers, legal advisers, and auditors, where they act as processors or separate controllers depending on the service.

We require processors to act only on our instructions, keep data secure, and comply with data protection obligations. We do not sell personal data.

We may also disclose personal data where required by law, court order, regulatory request, or to protect the rights, property, or safety of Selfstorage Belgravia, our customers, staff, or others.

5. International Transfers

If any service provider processes personal data outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms. We take reasonable steps to ensure that transferred data receives a level of protection consistent with UK data protection standards.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, insurance, and reporting requirements.

Typical retention periods may include:

  • Contract and account records: retained for the duration of the storage relationship and for a reasonable period afterwards to resolve disputes and administer closure.
  • Payment and invoicing records: retained in line with financial and tax obligations.
  • Security records and access logs: retained only as long as necessary for safety, incident management, and site security.
  • Enquiry and correspondence records: retained for business administration and service improvement, then securely deleted or anonymised.
  • Legal claim records: retained for the limitation period relevant to possible claims or legal proceedings.

When data is no longer required, we will securely delete, destroy, or anonymise it.

7. Data Security

We use appropriate technical and organisational measures to protect personal data from unauthorised access, accidental loss, destruction, alteration, or disclosure. These measures may include restricted access controls, secure storage, encryption where appropriate, staff training, and supplier oversight.

Although we take security seriously, no system can be guaranteed to be completely secure. We therefore maintain procedures to respond promptly to suspected data incidents or breaches.

8. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to ask us to limit processing in certain situations.
  • Right to data portability: to receive certain data in a structured, commonly used format.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing relies on consent, you may withdraw it at any time.

Some rights may not apply in all situations, for example where we must retain data to comply with legal obligations or establish legal claims. If you wish to exercise any of your rights, we will respond within the time required by law and may need to verify your identity before acting on your request.

9. Automated Decision-Making

We do not use personal data to make decisions that produce legal effects concerning you, or similarly significant effects, solely by automated means. If this changes, we will provide appropriate information about the logic involved and your rights.

10. Children’s Data

Our services are not intended for children acting independently. We do not knowingly collect personal data from children except where necessary and lawful in connection with a customer’s account or where a parent or guardian has provided the information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the law, our services, or our operational practices. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how personal data is handled.

12. Summary of Our Commitment

Selfstorage Belgravia is committed to processing personal data in a lawful, fair, and transparent manner. We collect only the data needed to provide secure and reliable storage services, rely on appropriate lawful bases, keep data only as long as necessary, and work with processors under strict data protection safeguards. We respect user rights and aim to maintain the highest standards of privacy for all Selfstorage Belgravia customers in area.

Call Now!
Call Now Get a Quote
Selfstorage Belgravia

GDPR-compliant privacy policy for Selfstorage Belgravia covering data collection, lawful basis, retention, processors, and user rights for all area customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.