Self Storage Roehampton Privacy Policy
This Privacy Policy explains how Self Storage Roehampton collects, uses, stores and protects personal data relating to individuals who use, or inquire about, our self storage services. It also sets out your rights under applicable data protection laws, including the UK General Data Protection Regulation and the Data Protection Act 2018.
This Privacy Policy applies to all Self Storage Roehampton customers and prospective customers in the Roehampton area, as well as anyone contacting us about our services or visiting our premises for storage-related purposes.
Data Controller
Self Storage Roehampton is the data controller in relation to the personal data we collect and process. This means we decide how and why your personal data is used and are responsible for ensuring it is processed lawfully and securely.
Personal Data We Collect
We collect and process different types of personal data depending on your relationship with us and how you interact with our services. This may include:
Identity and contact information: your name, postal address, billing address, contact address, and identifiers such as customer reference numbers.
Communication details: your communication preferences and records of correspondence with us, such as inquiries, complaints, or service-related messages.
Contract and account information: details of your storage unit, rental dates, payment history, contract documents, and any related correspondence or notes concerning the provision of our services.
Payment information: limited payment-related information such as payment method, transaction details and payment status. We do not store full payment card details, which are processed by our payment service providers.
Security and access information: data relating to access to our facilities, such as entry and exit times where access control systems are used, and closed circuit television footage where CCTV operates at or around our premises.
Technical and usage data: information relating to your use of our website, where applicable, such as IP address, browser type, pages visited and time spent, which may be collected using cookies or similar technologies where permitted by law.
Any other information you provide: personal data you choose to provide to us voluntarily, for example when you complete forms, respond to surveys, or provide feedback on our services.
Purposes and Lawful Bases for Processing
We only process your personal data where we have a lawful basis to do so. Depending on the circumstances, we may process your data for the following purposes and legal grounds:
To provide self storage services: to set up and manage your storage contract, allocate a storage unit, manage your account, administer bookings, handle payments, and communicate with you about your storage. Our lawful basis is performance of a contract or taking steps at your request before entering into a contract.
To comply with legal and regulatory obligations: to comply with tax, accounting, anti-money laundering, fraud prevention and other legal obligations, as well as lawful requests from law enforcement or regulatory authorities. Our lawful basis is compliance with legal obligations.
To protect our premises and property: to maintain security and protect our customers, staff and assets, including the use of access control systems and CCTV at our facilities. Our lawful basis is our legitimate interests in ensuring the security and safety of our operations and premises, balanced against your rights and freedoms.
To manage our business operations: to plan and manage our services, monitor performance, handle disputes, carry out audits, and maintain records. Our lawful basis is our legitimate interests in running and improving our business effectively.
To communicate with you about services: to respond to your inquiries, provide customer support, send important service messages, and keep you informed about changes that may affect your use of our services. Our lawful basis is performance of a contract or our legitimate interests in providing effective customer service.
Marketing communications: we may send you information about similar services that may be of interest to you where permitted by law. Our lawful basis is our legitimate interests in promoting and developing our business, or your consent where required. You can opt out of marketing communications at any time.
Website analytics and improvement: to analyse how our website is used, improve user experience and develop our services. Our lawful basis is our legitimate interests in understanding and improving our online services, and where required, your consent for the use of cookies or similar technologies.
Data Retention
We keep personal data only for as long as is necessary for the purposes for which it was collected, and to meet any legal, accounting or reporting requirements.
In general, we keep customer and contract-related records for a period after the end of your storage agreement to deal with any queries, disputes or legal claims, and to comply with statutory retention periods.
CCTV footage and access control records are retained for a limited period, which is typically short, unless they are required for the investigation of an incident, dispute or legal matter, in which case they may be kept for longer until the matter is resolved.
Where we rely on your consent as a legal basis for processing, and you withdraw that consent, we will stop processing your data for that specific purpose. However, we may still retain certain information as required or permitted by law.
Use of Data Processors
We may engage third party service providers to process personal data on our behalf. These processors act only on our instructions and are contractually required to implement appropriate technical and organisational measures to protect your data.
Examples of data processors we may use include:
Payment processing providers that handle transactions for storage fees and related charges.
IT and system support providers that host or maintain our business systems, website, and security infrastructure.
External professional advisers such as accountants or consultants working under our instructions.
Security and facility management service providers that support access control or CCTV systems at our premises.
We ensure that any data sharing with processors is limited to what is necessary for the relevant task and that your data remains protected.
Data Sharing and International Transfers
We may share personal data with third parties where required by law, to protect our legal rights, to enforce our contract with you, or in the context of a business reorganisation or transfer of our business.
Where personal data is transferred outside the UK or European Economic Area, we will ensure that appropriate safeguards are in place in accordance with data protection laws, such as using approved standard contractual clauses or transferring to countries that have been formally recognised as providing an adequate level of protection.
Your Data Protection Rights
Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to certain conditions and legal exemptions. They include:
Right of access: you can request confirmation that we process your personal data and obtain a copy of that data, along with information about how we use it.
Right to rectification: you can request that we correct inaccurate or incomplete personal data we hold about you.
Right to erasure: in certain circumstances, you can request that we delete your personal data, for example where it is no longer needed for the purpose for which it was collected or where you withdraw consent.
Right to restriction of processing: you can ask us to restrict the processing of your personal data in specific situations, such as when you contest its accuracy or object to its processing.
Right to data portability: where the processing is based on consent or contract and carried out by automated means, you can request that we provide your personal data in a structured, commonly used and machine readable format, and have it transmitted to another controller where technically feasible.
Right to object: you can object to our processing of your personal data where we rely on legitimate interests as our lawful basis, including profiling on that basis. You also have the right to object at any time to processing for direct marketing purposes.
Rights relating to automated decision making: if we use automated decision making that has legal or similarly significant effects on you, you have the right to request human intervention, express your point of view, and contest the decision.
If you wish to exercise any of these rights, we may need to verify your identity to protect your data. We aim to respond to all valid requests within the time limits set by law.
Security of Your Personal Data
We take appropriate technical and organisational measures to protect your personal data from unauthorised access, accidental loss, destruction or damage. These measures include access controls, staff training, secure storage practices, and regular review of our security arrangements.
While we take reasonable steps to safeguard your data, no system can be guaranteed as completely secure. You also have a role in keeping your information safe by notifying us promptly of any suspected misuse of your personal data or unauthorised access to your account or storage unit information.
Privacy Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or service offerings. Any changes will be effective from the date the updated version is made available. We encourage you to review this Privacy Policy periodically to stay informed about how we handle your personal data.
