Privacy Policy - Southnorwood Storage

Southnorwood Storage is committed to protecting the privacy and personal data of all customers. This Privacy Policy explains how we collect, use, store, share, and protect personal data in relation to storage services. It applies to all Southnorwood Storage customers in the area, including individuals and businesses using our storage facilities, related services, or making enquiries about our services.

1. Who We Are

For the purposes of data protection law, Southnorwood Storage acts as the data controller for the personal data we collect and process in connection with our services. This means we decide how and why your personal data is used. We are committed to handling personal information in a lawful, fair, transparent, and secure manner, in accordance with the UK GDPR and the Data Protection Act 2018.

2. Personal Data We Collect

We may collect and process different categories of personal data depending on how you interact with us. The information we collect is limited to what is necessary for the delivery and management of storage services.

  • Identity data: name, title, date of birth, and similar identifiers.
  • Contact data: postal address, email address, telephone number, and emergency contact details where relevant.
  • Account and contract data: storage unit details, booking information, tenancy or service agreements, payment status, and account history.
  • Payment data: billing details, transaction records, and limited payment information required to manage payments.
  • Security data: CCTV images, access records, alarm logs, key or entry code records, and incident reports.
  • Communication data: enquiries, complaints, feedback, and other correspondence.
  • Technical data: device or system information collected when you interact with digital systems used to manage services, where applicable.

We do not intentionally collect special category data unless it is necessary and lawfully permitted, for example where you voluntarily provide such information in relation to an access request, complaint, or safeguarding issue.

3. How We Use Your Data

We use personal data only for clear and legitimate purposes connected to our services. These purposes include:

  • setting up and managing customer accounts;
  • providing storage facilities and associated services;
  • processing payments, fees, deposits, and refunds;
  • verifying identity and preventing fraud;
  • maintaining security of our premises, customers, staff, and property;
  • handling enquiries, complaints, and service requests;
  • meeting legal, regulatory, insurance, and record-keeping obligations;
  • protecting our legal rights and defending claims;
  • improving service quality and internal administration.

We do not use your personal data for purposes that are incompatible with the reasons for which it was collected unless we have a lawful basis to do so.

4. Lawful Basis for Processing

We process personal data under one or more of the lawful bases set out in the UK GDPR. The applicable basis depends on the type of information and the context in which it is used.

4.1 Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes managing storage agreements, taking payments, allocating units, and delivering related customer services.

4.2 Legal Obligation

We may process data to comply with legal obligations, including tax requirements, accounting rules, health and safety duties, anti-fraud obligations, and lawful requests from authorities.

4.3 Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided these do not override your rights and freedoms. Legitimate interests may include property security, business administration, service improvement, debt recovery, CCTV monitoring, and the protection of staff, customers, and assets.

4.4 Consent

In limited cases, we may rely on your consent, for example for certain marketing communications or optional uses of data. Where consent is used, you can withdraw it at any time without affecting the lawfulness of processing before withdrawal.

5. Sharing and Processors

We may share personal data with carefully selected third parties that assist us in operating our business. These organisations act as processors or, in some cases, independent controllers. We only share the minimum data necessary and require appropriate safeguards.

  • IT and software providers that host systems, manage records, or support communications.
  • Payment service providers that process transactions securely.
  • Security providers involved in CCTV, alarm monitoring, access control, or incident response.
  • Accountants, auditors, and professional advisers who support compliance and business operations.
  • Debt collection or legal service providers where necessary for recovery of unpaid amounts or legal claims.
  • Public authorities where disclosure is required by law or necessary to protect rights and safety.

All processors are required to act only on our instructions, keep data secure, and use it only for the agreed purpose. We do not sell your personal data.

6. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, insurance, and operational requirements. Retention periods may vary depending on the type of data and the nature of the service relationship.

  • Contract and account records: kept for the duration of the customer relationship and for a reasonable period afterwards.
  • Payment and accounting records: retained in line with tax and financial record obligations.
  • Security records, including CCTV: kept only for as long as needed for security and incident management, unless required longer for investigations or legal proceedings.
  • Correspondence and complaint records: retained as needed to resolve issues and demonstrate compliance.

When data is no longer needed, we delete, anonymise, or securely destroy it.

7. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, monitoring, and regular review of our systems and procedures.

Although we take reasonable steps to safeguard information, no system can be guaranteed to be completely secure. We therefore encourage customers to help protect their own data by keeping relevant account information confidential.

8. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may apply depending on the circumstances and any legal exceptions.

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete data.
  • Right to erasure: you may request deletion of your data in certain situations.
  • Right to restriction: you may ask us to limit how we use your data in certain cases.
  • Right to object: you may object to processing based on legitimate interests or direct marketing.
  • Right to data portability: you may request transfer of data you provided to us, where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

If you wish to exercise any of these rights, we may need to verify your identity before responding. We aim to respond within the time limits required by law.

9. Automated Decision-Making

We do not normally use personal data for decisions made solely by automated means that produce legal or similarly significant effects. If this position changes, we will provide clear information about the process and the rights available to you.

10. International Transfers

Where personal data is transferred outside the UK, we will ensure that suitable safeguards are in place to protect it in line with applicable data protection requirements. These safeguards may include adequacy regulations, contractual protections, or other approved mechanisms.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our processing practices. Any updated version will apply from the date it is made available. We encourage customers to review it periodically so they remain informed about how their data is used.

12. Summary of Our Commitment

Southnorwood Storage will only collect and use personal data where it is necessary, lawful, and proportionate. We will keep it secure, retain it only for as long as needed, share it responsibly with trusted processors, and respect your rights at every stage. This policy is designed to ensure that all Southnorwood Storage customers in the area receive a clear and fair explanation of how their personal information is handled.

Call Now!
Call Now Get a Quote
Southnorwood Storage

GDPR-compliant privacy policy for Southnorwood Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.