Privacy Policy - Selfstorage Bermondsey

This Privacy Policy explains how Selfstorage Bermondsey collects, uses, stores, shares, and protects personal data relating to all customers in the Bermondsey area. It applies to every individual who enquires about, signs up for, or uses our self storage services, as well as anyone who interacts with us in connection with those services. We are committed to handling personal information in a lawful, fair, transparent, and secure manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our services, you acknowledge that we may process personal data as described in this policy. We encourage you to read it carefully so you understand what information we collect, why we collect it, and the rights you have over your data.

1. Who This Policy Applies To

This policy applies to all Selfstorage Bermondsey customers in area, including current and former customers, account holders, individuals authorised to access storage units, prospective customers making enquiries, and people who communicate with us about our services. It also applies where we receive personal data from third parties in connection with your storage agreement, such as a payment provider, identification verification service, or an organisation acting on your behalf.

2. Personal Data We Collect

We collect only the personal data necessary to provide our services, manage customer accounts, and meet legal obligations. Depending on how you interact with us, the information we may collect includes:

  • Identity information such as your name, date of birth, and proof of identity.
  • Contact details including address, email address, and telephone number.
  • Account and contract information such as storage unit details, booking records, payment history, and correspondence related to your agreement.
  • Payment information such as billing records and transaction details. We do not store full card details where payment is processed through secure payment systems.
  • Access and security information such as entry logs, key or access code records, CCTV images, and site movement records where applicable.
  • Communication records including emails, letters, calls, complaints, and customer service notes.
  • Technical information if you use digital services, such as device information, IP address, and browser data generated by our systems.

We do not intentionally collect special category data unless it is required for a specific lawful purpose and you have chosen to provide it, or unless the law permits such processing. We ask that you do not share unnecessary sensitive information with us.

3. How We Use Your Data

We use personal data for the following purposes:

  • to set up and manage your storage agreement;
  • to verify identity and prevent fraud;
  • to process payments, refunds, and account administration;
  • to communicate with you about your booking, access, billing, or service updates;
  • to maintain site security and protect customers, staff, and property;
  • to handle complaints, claims, and dispute resolution;
  • to meet legal, regulatory, tax, and accounting obligations;
  • to improve our services, systems, and customer experience;
  • to establish, exercise, or defend legal claims.

Where we rely on CCTV or access logs, this is done primarily for security, crime prevention, and property protection. These records may also be used to investigate incidents, unauthorised access, or damage.

4. Lawful Basis for Processing

We only process personal data where we have a lawful basis under UK GDPR. The main lawful bases we rely on are:

Contract

We process data that is necessary to enter into and perform our storage contract with you, including managing your account, providing access to your unit, and handling payments.

Legal obligation

We process certain data to comply with legal requirements, including accounting, tax, anti-fraud, and record-keeping obligations.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided your interests and fundamental rights do not override those interests. This includes site security, fraud prevention, operational management, service improvement, and the defence of legal claims. When we rely on legitimate interests, we assess the impact on your privacy and apply appropriate safeguards.

Consent

In limited situations, we may ask for your consent, for example where we wish to use optional marketing communications or process information beyond what is necessary for the contract. Where consent is used, you can withdraw it at any time.

5. Sharing Your Personal Data

We may share personal data with trusted third parties who support the operation of our business. These recipients may include:

  • Payment processors who handle card or electronic payments securely;
  • IT and hosting providers who maintain our systems and data storage;
  • Security providers where they support CCTV, alarm, or access control systems;
  • Professional advisers such as accountants, auditors, insurers, and legal advisers;
  • Regulators, law enforcement, and public authorities where disclosure is required by law or necessary to protect rights and property;
  • Verification and screening services used to confirm identity and reduce fraud risk.

All processors and service providers are required to handle personal data securely, use it only for authorised purposes, and act under written contractual obligations. We do not sell your personal data.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to comply with legal and contractual obligations. Retention periods depend on the type of data and the reason we hold it.

In general:

  • customer account and contract records are retained for the duration of the agreement and for a reasonable period afterwards;
  • financial and tax records are retained for the period required by law;
  • security records, including access logs and CCTV, are retained only as long as needed for safety, incident investigation, or legal purposes;
  • enquiry records are kept for a limited time where no contract is entered into.

When data is no longer needed, we securely delete or anonymise it. If data is required for legal claims or an ongoing investigation, it may be retained for longer.

7. International Transfers

Where any service provider stores or processes data outside the UK, we ensure appropriate safeguards are in place, such as adequacy regulations, approved contractual clauses, or other lawful transfer mechanisms. These measures are designed to protect your information to a standard consistent with UK data protection law.

8. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access restrictions, secure storage, staff training, system monitoring, and regular review of security controls. However, no system can be guaranteed to be completely secure, and you should also take reasonable steps to keep your own account details confidential.

9. Your Rights

Under UK data protection law, you have several rights in relation to your personal data. Subject to certain conditions and exemptions, these include the right to:

  • access the personal data we hold about you;
  • rectify inaccurate or incomplete information;
  • erase your data in certain circumstances;
  • restrict how we process your data in certain situations;
  • object to processing based on legitimate interests or direct marketing;
  • data portability for information processed by automated means on the basis of contract or consent;
  • withdraw consent where processing relies on consent;
  • make a complaint to the Information Commissioner’s Office if you believe your data rights have been infringed.

We will respond to valid rights requests within the time limits required by law. To protect your privacy, we may ask for proof of identity before responding to a request.

10. Marketing Preferences

Where permitted by law, we may send you service-related updates. If we send marketing communications, we will do so only where we have a lawful basis to do so. You may opt out of marketing at any time. If you object to direct marketing, we will stop using your data for that purpose.

11. Children’s Data

Our services are intended for adults. We do not knowingly collect personal data directly from children in relation to storage agreements. If we become aware that we have inadvertently collected such data without a lawful basis, we will take appropriate steps to delete or protect it.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service arrangements. The most current version will apply to your use of our services. We encourage you to review it periodically so you remain informed about how your data is handled.

13. Summary of Our Commitment

At Selfstorage Bermondsey, we are committed to treating personal data with care, accountability, and respect. We collect only what is needed, use it for clear and lawful purposes, retain it only for as long as necessary, and ensure that any third parties acting for us meet appropriate privacy and security standards. Your rights matter, and we aim to make it easy for you to understand and exercise them.

Effective for all Selfstorage Bermondsey customers in area.

Call Now!
Call Now Get a Quote
Selfstorage Bermondsey

GDPR-compliant Privacy Policy for Selfstorage Bermondsey covering data collection, lawful basis, retention, processors, user rights, and scope for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.