Privacy Policy - Chadwellheath Storage

Effective date: This Privacy Policy applies to all Chadwellheath Storage customers in the area and explains how we collect, use, store, and protect personal data in accordance with the UK GDPR and the Data Protection Act 2018.

1. Introduction

Chadwellheath Storage is committed to protecting your privacy and handling your personal data responsibly. This policy applies to all customers, prospective customers, authorised users, and related individuals whose data we process in connection with storage services in the local area. We aim to ensure that personal information is processed lawfully, fairly, and transparently, and only for legitimate business purposes.

By using our services, you acknowledge that we may collect and use personal data as described in this policy. We do not sell personal data, and we do not use it for unrelated purposes without a valid legal basis.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity details such as name, title, and date of birth where required for verification.
  • Contact details including postal address, email address, and telephone number.
  • Account and contract information such as storage unit reference, booking details, rental dates, payment status, and service preferences.
  • Financial information including payment card details, bank details, invoicing information, and transaction records.
  • Verification data such as copies of identity documents, proof of address, or other records required for fraud prevention or compliance.
  • Security and access data such as CCTV footage, access logs, entry records, and incident reports where applicable.
  • Communication records including emails, letters, complaint details, and notes from customer service interactions.
  • Technical data such as device information, IP address, browser type, and usage information when you interact with our digital services.

We generally collect personal data directly from you, but we may also receive it from third parties such as payment providers, identity verification services, insurers, debt recovery services, or public authorities where permitted by law.

3. How We Use Your Data

We use personal data to provide and manage storage services, including:

  • setting up and maintaining your customer account;
  • processing bookings, payments, renewals, and refunds;
  • verifying identity and preventing fraud;
  • managing access to storage units and secure areas;
  • communicating with you about your contract, account, or service changes;
  • handling complaints, disputes, and claims;
  • meeting legal, regulatory, insurance, and tax obligations;
  • protecting our property, staff, customers, and premises;
  • improving service quality, administration, and internal record keeping.

Where CCTV or other security systems are used, they are operated for safety, crime prevention, and the protection of people and property. Such processing is limited to what is necessary and proportionate.

4. Lawful Basis for Processing

We only process personal data where we have a lawful basis under the UK GDPR. Depending on the purpose, our lawful bases may include:

  • Contract – where processing is necessary to enter into or perform a storage agreement with you.
  • Legal obligation – where we must retain or disclose information to comply with tax, accounting, anti-fraud, regulatory, or other legal requirements.
  • Legitimate interests – where processing is necessary for our legitimate business interests, such as security, service improvement, debt recovery, and risk management, provided those interests are not overridden by your rights and freedoms.
  • Consent – where we rely on your freely given consent for specific optional activities. You may withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.

We do not usually rely on consent where another lawful basis is more appropriate, especially for core service delivery or legal compliance.

5. Sharing Your Personal Data

We may share personal data with trusted third parties who help us operate our business and provide services. These may include:

  • payment processors and banking partners;
  • identity verification and fraud prevention providers;
  • IT hosting, maintenance, and security service providers;
  • accountants, auditors, legal advisers, and insurers;
  • debt collection or credit control partners, where necessary;
  • regulatory bodies, law enforcement, courts, or public authorities when required by law.

We require processors and service providers to protect personal data, use it only for our instructions, and maintain appropriate technical and organisational security measures. Where data is transferred outside the UK, we will ensure appropriate safeguards are in place.

6. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods vary depending on the type of data and the context in which it was obtained.

Examples of retention practice may include:

  • Contract and account records – retained for the duration of the storage relationship and for a reasonable period afterwards to handle disputes, claims, or administration.
  • Financial and tax records – retained for the period required by applicable law.
  • Security records such as CCTV footage – retained only for a limited period unless needed for investigation or legal proceedings.
  • Customer correspondence – retained as needed to manage queries, complaints, or legal obligations.

When personal data is no longer required, we will delete, anonymise, or securely destroy it in line with our retention procedures.

7. Data Security

We use appropriate technical and organisational measures to safeguard personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff training, confidentiality obligations, and regular review of our security practices.

However, no method of transmission or storage is completely secure. While we work to protect your information, we cannot guarantee absolute security.

8. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete information.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit processing in certain situations.
  • Right to data portability – to request transfer of certain data to you or another controller, where applicable.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you are concerned about how we handle your data. We encourage you to contact us first so we can try to resolve your concern promptly and fairly.

9. Automated Decision-Making

We do not intend to use personal data for decisions based solely on automated processing that produce legal or similarly significant effects, unless we have informed you and such processing is permitted by law. If this changes, we will provide appropriate information about the logic involved and your rights.

10. Children’s Data

Our storage services are generally intended for adults. We do not knowingly collect personal data from children unless it is necessary for lawful administration of a customer account or related service. Where child-related data is processed, it is handled with particular care and only where lawful and appropriate.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the law, our services, or how we process personal data. Any revised version will take effect when published or otherwise communicated to customers. We encourage you to review this policy periodically to remain informed.

12. Contact and Further Information

This policy explains our general approach to privacy and data protection. If you have questions about how your personal data is handled, or if you wish to exercise your rights, you may submit a request through the channels provided in your customer documentation or service records. We will respond in accordance with applicable data protection law.

Summary: Chadwellheath Storage processes customer data lawfully for storage services, security, compliance, and administration, with clear retention rules and GDPR rights for all customers in the area.

Call Now!
Call Now Get a Quote
Chadwellheath Storage

GDPR-compliant Privacy Policy for Chadwellheath Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.