Self Storage Belgravia Privacy Policy
This Privacy Policy explains how Self Storage Belgravia collects, uses, stores and protects your personal data in accordance with applicable data protection laws, including the UK General Data Protection Regulation and the Data Protection Act 2018. It applies to all Self Storage Belgravia customers and prospective customers in the Belgravia area, as well as visitors to our premises and anyone who contacts us in relation to our storage services.
By using our services, visiting our facilities, or otherwise interacting with Self Storage Belgravia, you acknowledge that you have read and understood this Privacy Policy.
Data Controller
Self Storage Belgravia is the data controller for the personal data described in this Privacy Policy. This means that we determine the purposes and means of processing your personal data and are responsible for ensuring that it is handled in a lawful, fair and transparent manner.
Personal Data We Collect
We may collect and process the following categories of personal data about you when you enquire about, sign up for, or use our storage services:
Identification details such as your full name, title, date of birth and proof of identity information contained in passports, driving licences or similar documents.
Contact details such as your home or business address, correspondence address, and details required for invoicing and communication.
Account and contract information such as storage unit number, contract start and end dates, service preferences, correspondence history with us, and records of any complaints or enquiries.
Payment and billing information such as payment method and transaction details. We do not store full card details where payments are processed via secure third party payment processors.
Security and access information such as CCTV footage recorded on our premises, access logs, vehicle registration details used to enter the site, and records of key or fob allocation and use.
Technical and usage data if you use any online tools we may provide, such as IP address, device type and basic interaction data, to the extent necessary for security, administration and service delivery.
Any other information you voluntarily provide to us in the course of your relationship with Self Storage Belgravia, for example when you give feedback, respond to surveys or request additional services.
How We Collect Your Data
We collect personal data directly from you when you:
Request a quote, make a booking or sign a storage agreement.
Contact us in person on site, by post or through other communication channels.
Visit our premises, where CCTV is in operation for security and safety.
Use any online forms or digital services that we may provide for managing your storage or making enquiries.
We may also receive personal data about you from third parties where this is necessary for our services and lawful, for example from payment providers confirming transactions or from law enforcement bodies for verification purposes.
Lawful Bases for Processing
We process your personal data only where we have a lawful basis under data protection law. Depending on the specific processing activity, we rely on one or more of the following lawful bases:
Performance of a contract. We process your personal data to provide our storage services and related customer support. This includes setting up your account, managing your contract, taking payments, communicating with you about your booking, and administering access to your storage unit.
Compliance with legal obligations. We process certain data to comply with legal and regulatory requirements, for example record keeping for tax and accounting purposes, responding to lawful requests from law enforcement or regulatory authorities, and maintaining appropriate health and safety records.
Legitimate interests. We process personal data where it is necessary for our legitimate business interests and where your interests and fundamental rights do not override those interests. These interests include maintaining the security of our premises through CCTV and access logs, preventing and detecting fraud or crime, improving our services, handling queries and complaints, and managing business planning and reporting.
Consent. In limited circumstances we may rely on your consent, for example for certain types of optional marketing communications. Where we rely on consent you may withdraw it at any time, and we will explain how you can do so when we collect your consent.
How We Use Your Personal Data
We use your personal data for the following purposes:
To set up and manage your storage account and contract, including verifying your identity and ensuring eligibility for our services.
To provide, administer and support our storage services, including managing bookings, access, billing and customer service.
To maintain the security and integrity of our premises, units and customers belongings, including through the use of CCTV and access monitoring.
To handle your enquiries, feedback and complaints, and to communicate with you about changes to our terms, services or this Privacy Policy.
To manage our business operations, including internal reporting, auditing, quality control and staff training.
To comply with legal, regulatory and law enforcement obligations and to establish, exercise or defend legal claims.
Where permitted, to send you information about our services that may be of interest to you, and to better understand how customers use our services so that we can improve them.
Data Sharing and Processors
We do not sell your personal data. We may share your personal data with carefully selected third parties where necessary for the purposes described in this Privacy Policy and in accordance with data protection law.
Service providers and processors. We may share personal data with third party providers who perform services on our behalf, such as payment processors, IT and cloud service providers, security and CCTV maintenance companies, document storage and destruction providers, and professional advisers such as accountants. These third parties act as data processors and are only permitted to process personal data in accordance with our instructions and for the specific purposes we have authorised.
Legal and regulatory authorities. We may disclose personal data where required to do so by law, regulation or court order, or in response to lawful requests from law enforcement agencies or regulatory bodies.
Business transfers. In the event that we undergo a reorganisation, sale or transfer of all or part of our business, personal data may be transferred as part of that transaction, subject to appropriate safeguards.
Where we use data processors or share data with third parties, we take steps to ensure that your personal data is protected, including entering into appropriate data processing agreements and ensuring that security measures are in place.
International Transfers
Where it is necessary for us to transfer personal data outside the United Kingdom, we will only do so where appropriate safeguards are in place to protect your data, such as using countries that have been recognised as providing an adequate level of protection or by implementing standard contractual clauses or equivalent measures.
Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting or reporting requirements.
In general, we retain customer account and contract records for a period required by law after your contract ends, to deal with any queries or disputes and to comply with statutory retention obligations. CCTV footage and access logs are retained for shorter periods, unless required for the investigation of an incident, suspected crime or legal claim.
When personal data is no longer required for the purposes for which it was collected and there is no legal requirement to retain it, we will securely delete or anonymise it.
Security of Your Personal Data
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction or damage. These measures include access controls, secure storage, staff training, and the use of secure systems and protocols for processing and transmitting data.
While we take reasonable steps to safeguard your information, no system can be completely secure and we cannot guarantee absolute security of your data. However, we are committed to responding promptly and effectively to any suspected data security incidents.
Your Data Protection Rights
Under data protection law, you have a number of rights in relation to your personal data. These include:
The right of access. You have the right to request a copy of the personal data we hold about you and to obtain information about how we process it.
The right to rectification. You have the right to ask us to correct any inaccurate or incomplete personal data we hold about you.
The right to erasure. In certain circumstances you have the right to request that we delete your personal data, for example where it is no longer needed for the purposes for which it was collected and we have no legal basis to continue processing it.
The right to restriction of processing. You may ask us to restrict the processing of your personal data in certain circumstances, for example while we verify its accuracy or consider an objection you have raised.
The right to object. You have the right to object to our processing of your personal data where we rely on legitimate interests, including profiling based on those interests, or where we process your data for direct marketing.
The right to data portability. For certain data that you have provided to us and that we process by automated means on the basis of consent or contract, you may request that we provide it to you in a structured, commonly used and machine readable format or that we transmit it to another controller where this is technically feasible.
Where we rely on consent, you also have the right to withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
You may exercise these rights by contacting us using our usual customer contact channels. We may need to verify your identity before responding to your request and we will respond within the time limits set by data protection law.
Complaints
If you have concerns about how we handle your personal data, we encourage you to contact us in the first instance so that we can try to resolve the issue. You also have the right to lodge a complaint with the UK supervisory authority for data protection if you believe that your rights have been infringed.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or the services we provide. Any changes will be posted in the latest version of this Privacy Policy. We encourage you to review it periodically to stay informed about how we protect your personal data.
