Privacy Policy - Selfstorage Brompton

Selfstorage Brompton is committed to protecting the privacy and personal data of all customers in the Brompton area. This Privacy Policy explains how we collect, use, store, share, and protect personal data in a manner that complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all Selfstorage Brompton customers in the area, including prospective customers, current customers, former customers, and anyone who communicates with us in connection with our storage services.

We believe personal data should be handled with care, lawfully, and transparently. This policy is designed to help you understand what information we process, why we process it, how long we keep it, and what rights you have in relation to your data.

1. Who We Are

For the purposes of data protection law, Selfstorage Brompton acts as the data controller for personal data collected in connection with our storage services, customer administration, security operations, and related business activities. This means we decide how and why your personal data is used.

This policy applies to all Selfstorage Brompton customers in the area and to individuals acting on behalf of a customer, such as authorised users, emergency contacts, billing contacts, and business account representatives.

2. Information We Collect

We only collect personal data that is relevant and necessary for operating our storage services, managing customer accounts, maintaining security, and meeting legal obligations. The categories of data we may collect include:

  • Identity data such as name, date of birth, and proof of identity documents where required.
  • Contact data such as address, email address, and telephone number.
  • Account data such as customer reference number, service preferences, booking details, and communication history.
  • Payment data such as billing information, payment status, transaction records, and limited financial details necessary to process payments.
  • Security data such as CCTV images, access logs, gate entry records, alarm-related records, and incident reports.
  • Service data such as unit usage, move-in and move-out dates, inventory-related notes if voluntarily provided, and support requests.
  • Technical data such as IP address, device information, browser type, and system activity logs when interacting with digital systems used to manage services.

We do not intentionally collect special category data unless it is strictly necessary and lawful, and typically only where you voluntarily provide it or where it is required in exceptional circumstances, such as an incident report or legal matter. We ask that you do not provide sensitive personal information unless it is necessary for our services.

3. How We Use Personal Data

We process personal data for the following purposes:

  • To set up and manage customer accounts.
  • To provide storage services and administer access to storage units.
  • To verify identity and help prevent fraud or unauthorised access.
  • To process payments, issue invoices, and manage outstanding balances.
  • To maintain security at our premises and protect customers, staff, and property.
  • To investigate incidents, complaints, or suspected misuse of our facilities.
  • To comply with legal, regulatory, tax, insurance, and accounting obligations.
  • To communicate service updates, account notices, and operational information.
  • To improve our services, systems, and customer experience.

We only use personal data in ways that are compatible with the purposes for which it was collected, unless we have a lawful basis to do otherwise and we have informed you appropriately.

4. Lawful Basis for Processing

Under UK GDPR, we must identify a lawful basis before processing personal data. Depending on the activity, Selfstorage Brompton relies on one or more of the following lawful bases:

  • Contract – where processing is necessary to enter into or perform a contract with you, such as managing storage services, billing, or account administration.
  • Legal obligation – where we are required to process data to comply with applicable law, including tax, accounting, fraud prevention, and regulatory requirements.
  • Legitimate interests – where processing is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This includes security monitoring, incident management, service improvement, and internal administration.
  • Consent – where we ask for your permission for certain optional activities. If we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

Where we process special category data, we will only do so if a condition under UK GDPR applies, such as explicit consent, legal claims, or substantial public interest, where relevant.

5. Sharing and Processors

We may share personal data only when necessary and only with appropriate safeguards in place. We do not sell your personal data. We may disclose information to:

  • Service processors who act on our behalf and follow our instructions.
  • Payment service providers who process transactions securely.
  • IT and cloud service providers who support data storage, communications, and system maintenance.
  • Security providers who support CCTV, alarm systems, access control, or incident investigation.
  • Professional advisers such as insurers, auditors, accountants, or legal advisers.
  • Public authorities where disclosure is required by law, court order, or lawful request.

Processors are only permitted to handle personal data on our instructions and must use appropriate technical and organisational measures to protect it. We require processors to maintain confidentiality, process data only for specified purposes, and assist us in meeting data protection obligations where appropriate.

Examples of processor safeguards

  • Encryption in transit and at rest where appropriate.
  • Restricted access based on role and necessity.
  • Logging and monitoring of access to systems.
  • Contractual obligations requiring data protection compliance.

6. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes described in this policy, including legal, accounting, insurance, and reporting requirements. Retention periods vary depending on the type of data and the context in which it was collected.

In general:

  • Customer account and contract data are retained for the period of the service relationship and for a further period where needed for legal or financial recordkeeping.
  • Payment and invoicing records are retained in line with tax and accounting obligations.
  • Security records, including CCTV and access logs, are retained only for a limited period unless required longer for investigation, legal proceedings, or insurance claims.
  • Enquiry and correspondence records are retained for as long as needed to manage the request and for a reasonable follow-up period.

When data is no longer required, we will securely delete, destroy, or anonymise it. If we anonymise data so that it can no longer identify you, it is no longer considered personal data.

7. Your Rights

As a data subject under UK GDPR, you have several rights in relation to your personal data. These rights may be limited in some circumstances, but we will always consider your request carefully.

  • Right of access – you may request a copy of the personal data we hold about you.
  • Right to rectification – you may ask us to correct inaccurate or incomplete data.
  • Right to erasure – you may request deletion of your data where there is no lawful reason for us to keep it.
  • Right to restriction – you may ask us to limit how we use your data in certain situations.
  • Right to object – you may object to processing based on legitimate interests or direct marketing, where applicable.
  • Right to data portability – you may request that certain data be provided to you or another controller in a structured, commonly used format.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

If you wish to exercise any of these rights, we may need to verify your identity before responding. We aim to deal with requests within the statutory timeframe.

8. Security Measures

We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, and disclosure. These measures include access controls, staff awareness, secure storage, system protections, and physical security procedures appropriate to the nature of our business.

While no system can be guaranteed completely secure, we work to ensure personal data is handled responsibly and protected in line with industry standards and legal requirements.

9. International Transfers

Where personal data is transferred outside the UK, we will ensure that suitable safeguards are in place, such as adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms. We will only transfer data where necessary and where the destination provides an appropriate level of protection.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any updates will be made available in an appropriate manner. We encourage customers to review this policy periodically so they remain informed about how their data is used.

11. Our Commitment

Selfstorage Brompton treats privacy as a core responsibility. We aim to process personal data fairly, lawfully, and transparently, and to use only the minimum information necessary to provide secure and reliable storage services. This policy applies to all Selfstorage Brompton customers in the area and is intended to give clear information about our data handling practices in a simple and honest way.

By using our services, you acknowledge that your personal data may be processed in accordance with this Privacy Policy and applicable data protection law.

Call Now!
Call Now Get a Quote
Selfstorage Brompton

GDPR-compliant Privacy Policy for Selfstorage Brompton covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.