Privacy Policy - Selfstorage Highbury

Effective date: This Privacy Policy applies to all Selfstorage Highbury customers in the Highbury area and explains how we collect, use, store, share, and protect personal data in connection with our self-storage services.

We are committed to handling personal information in accordance with the UK GDPR and the Data Protection Act 2018. This policy applies to customers, prospective customers, visitors, contractors, and any individual whose personal data we process in the course of providing storage-related services.

1. Personal data we collect

We collect only the personal data that is necessary for running our business, providing our services, and meeting our legal and contractual obligations. Depending on how you interact with us, we may collect the following categories of data:

  • Identity information: name, title, date of birth, and identification details where required for security or verification.
  • Contact information: postal address, email address, and telephone number.
  • Account and contract information: storage unit details, booking records, tenancy agreements, payment status, and service preferences.
  • Payment information: billing details and transaction records. We do not store full card details where payment processing is carried out by a secure payment provider.
  • Access and security information: entry logs, CCTV images, alarm records, incident reports, and records of access to our facilities.
  • Communication records: emails, messages, complaints, requests, and customer service notes.
  • Technical data: limited information such as device identifiers or website usage data if you interact with digital systems connected to our services.

We may also process special category data only where required by law or where you have provided it voluntarily and there is a lawful reason to do so. We do not intentionally seek sensitive information unless it is necessary for a specific legal or operational purpose.

2. How we collect your data

We collect personal data directly from you when you complete forms, enter into a storage agreement, make enquiries, sign in to our facilities, make payments, or contact us with questions or complaints. We may also receive data from third parties such as payment processors, identity verification providers, contractors, insurers, emergency services, or legal advisers where relevant to our services.

In some cases, we collect information automatically through security systems, access controls, and CCTV installed at our premises for safety, crime prevention, and property protection. Where applicable, signage will be displayed to inform visitors of these systems.

3. Why we use your personal data

We process personal data for the following purposes:

  • to set up and manage customer storage accounts;
  • to provide access to storage units and related services;
  • to process payments, invoices, and refunds;
  • to verify identity and prevent fraud;
  • to protect the security of our premises, staff, customers, and stored items;
  • to handle customer enquiries, complaints, and service requests;
  • to comply with legal, regulatory, insurance, and accounting obligations;
  • to maintain business records and defend or establish legal claims;
  • to improve service quality, operational efficiency, and safety.

We only use your personal data where there is a valid lawful basis under data protection law. We do not use personal data for unrelated purposes unless we have a lawful reason and, where needed, your consent.

4. Lawful basis for processing

Under the UK GDPR, we rely on the following lawful bases depending on the purpose of processing:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes creating your storage account, managing your tenancy, accepting payment, and providing access to your unit.

Legal obligation

We process certain personal data to comply with legal obligations, including tax, accounting, anti-fraud, health and safety, and regulatory requirements.

Legitimate interests

We may process personal data where it is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests. This includes maintaining security, preventing misuse, managing disputes, improving services, and protecting our property and customers. We have considered the impact of these activities and will ensure that any processing is proportionate.

Consent

Where required, we rely on your consent, for example for certain optional communications or non-essential data processing. You may withdraw consent at any time, but this will not affect the lawfulness of processing carried out before withdrawal.

Vital interests and public task

These bases are unlikely to apply in most ordinary storage transactions, but they may be used in exceptional circumstances, such as emergency situations involving risk to a person’s life or safety.

5. How we share personal data

We may share personal data with trusted third parties who help us operate our business. These parties act as processors or, in some cases, as independent controllers. We require them to handle data securely and in accordance with data protection law.

Processors may include:

  • payment service providers;
  • IT hosting and software providers;
  • customer management and booking systems;
  • security and CCTV service providers;
  • professional advisers such as accountants, auditors, insurers, and legal advisers;
  • maintenance and cleaning contractors where access to limited personal data is necessary;
  • identity verification or fraud prevention providers.

We may also disclose personal data where required by law, court order, law enforcement request, or to protect our rights, customers, staff, or property. Where data is transferred outside the UK, we will ensure appropriate safeguards are in place in accordance with applicable law.

6. Retention of personal data

We keep personal data only for as long as necessary for the purpose for which it was collected, including to meet legal, accounting, insurance, and dispute-resolution requirements. Retention periods vary depending on the type of data and the reason for processing.

As a general approach:

  • customer account and contract records are retained for the duration of the relationship and for a reasonable period afterwards;
  • payment and accounting records are kept for the period required by tax and financial laws;
  • security records such as access logs and CCTV footage are retained for a limited time unless needed for an investigation, incident, or legal claim;
  • complaints and correspondence are retained for as long as necessary to manage the issue and any follow-up obligations.

When data is no longer needed, we will delete it securely or anonymise it so that it can no longer identify you.

7. Data security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access restrictions, secure systems, staff training, monitoring of premises, and contractual controls with processors.

No system is completely secure, but we review our safeguards regularly and take reasonable steps to protect the information entrusted to us.

8. Your rights

Subject to legal limits and exemptions, you have the following rights regarding your personal data:

  • Right of access: to request a copy of the personal data we hold about you;
  • Right to rectification: to correct inaccurate or incomplete information;
  • Right to erasure: to request deletion of your data in certain circumstances;
  • Right to restriction: to ask us to limit how we use your data in certain cases;
  • Right to object: to object to processing based on legitimate interests or direct marketing;
  • Right to data portability: to receive certain data in a structured, commonly used format where applicable;
  • Right to withdraw consent: where processing is based on consent;
  • Right to complain: to raise concerns with the relevant data protection authority if you believe your rights have been infringed.

We may need to verify your identity before responding to requests. We aim to respond within the time limits set by law and will provide clear reasons if a request cannot be fully met.

9. Children’s data

Our services are intended for adults and business customers. We do not knowingly collect personal data from children unless it is incidental to a lawful transaction or required in a specific circumstance, such as emergency contact details. If we become aware that we have collected children’s data without a valid basis, we will take appropriate steps to delete it.

10. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process personal data. The latest version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how we handle information.

By using Selfstorage Highbury services in the Highbury area, you acknowledge that your personal data may be processed as described in this Privacy Policy.

Call Now!
Call Now Get a Quote
Selfstorage Highbury

GDPR-compliant Privacy Policy for Selfstorage Highbury covering data collection, lawful basis, retention, processors, and user rights for all customers in the Highbury area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.