Self Storage Bermondsey Privacy Policy
This Privacy Policy explains how Self Storage Bermondsey collects, uses, stores and protects personal data relating to customers and prospective customers. It is intended to comply with the UK General Data Protection Regulation and the Data Protection Act 2018. This Privacy Policy applies to all Self Storage Bermondsey customers and enquirers in the Bermondsey area.
By using our services or providing personal data to us, you acknowledge that you have read and understood this Privacy Policy. We may update this Privacy Policy from time to time, and the most recent version will always apply to our use of your personal data.
Data Controller
Self Storage Bermondsey is the data controller in respect of the personal data that we collect and process about you. This means that we determine the purposes and means of processing your personal data in relation to the storage services we provide.
Personal Data We Collect
We only collect personal data that is necessary for the provision and administration of our self storage services, to meet our legal and regulatory obligations, and to maintain security at our premises. The types of personal data we may collect include:
Your identification details, such as your full name, date of birth and identification document details where required to verify your identity.
Your contact details, such as your home address, billing address, and any other address you choose to provide, together with your preferred contact methods.
Your customer account information, including storage unit number, contract details, move-in and move-out dates, payment history and any correspondence relating to your account.
Payment and transaction information, such as payment method details, invoices, receipts and information required for processing payments and handling refunds.
Security and access information, which may include vehicle registration details, access control logs, CCTV images and records of visits to our premises where this is necessary for security and crime prevention.
Communication records, such as enquiries, feedback, complaints and any other communications you send to us or have with us in person or over the phone.
How We Collect Your Data
We collect personal data directly from you when you contact us, request a quote, enter into a storage agreement, make a payment, use our premises or communicate with us in any way. We may also collect personal data about you from third parties where required for fraud prevention, identity verification or to comply with legal obligations.
Lawful Basis for Processing
We only process your personal data where we have a lawful basis under data protection laws. Depending on the circumstances, the lawful basis will be one or more of the following:
Performance of a contract. We process your personal data where this is necessary to enter into or fulfil our storage contract with you, including managing your account, taking payments, providing access to your unit and handling customer service queries.
Legal obligation. We process personal data where we are required to do so by law, such as for tax, accounting, anti money laundering or other regulatory requirements, and to comply with lawful requests from public authorities.
Legitimate interests. We process personal data where it is necessary for our legitimate business interests, and where these interests are not overridden by your rights and freedoms. These interests include managing and improving our services, maintaining security at our premises, preventing and detecting crime or fraud, and defending or establishing legal claims.
Consent. In limited circumstances, we may rely on your consent, for example, for certain types of direct marketing. Where we use consent, you have the right to withdraw it at any time, without affecting the lawfulness of processing before withdrawal.
How We Use Your Personal Data
We may use your personal data for the following purposes:
To provide, administer and manage our self storage services, including setting up your contract, arranging access, processing your payments and managing renewals or terminations.
To communicate with you about your storage unit, invoices, payment reminders, changes to our terms or policies, and any operational matters affecting your use of our facilities.
To maintain the safety and security of our customers, staff and premises, including monitoring access, operating CCTV for security and investigating security or safety incidents.
To handle enquiries, complaints, feedback and any disputes, and to improve our services based on the information you provide.
To comply with legal and regulatory obligations, respond to requests from law enforcement or other public authorities, and support the detection and prevention of fraud or criminal activity.
To maintain our internal records, conduct audits, manage risk and pursue or defend legal claims where necessary.
Data Retention
We will retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including any period required to comply with our legal, accounting or reporting obligations. In determining appropriate retention periods, we consider the nature and sensitivity of the data, the purposes for which we process it, and applicable legal requirements.
Customer account information, including contact and contract details, is typically retained for a period following the end of your contract in order to deal with any queries, disputes or legal claims. Financial records may be retained for longer where required by tax or accounting laws. Security data, such as CCTV footage, is normally retained for a shorter period unless it is required for investigation of an incident or legal proceedings.
Data Processors and Third Parties
We may share your personal data with carefully selected third parties who act as data processors on our behalf. These processors may provide services such as payment processing, account management systems, secure data hosting, maintenance of our IT and security systems, and professional advisory services such as legal or accounting support.
Where we engage a data processor, we ensure that appropriate contractual safeguards are in place to require them to process your personal data only on our instructions, keep it secure and use it solely for the purposes we have specified.
We may also share personal data with third parties who act as independent data controllers in specific circumstances, such as insurers, law enforcement agencies, regulators or other public authorities where we are legally required or permitted to do so, or where it is necessary to protect our rights, property or safety or that of our customers or the public.
We do not sell your personal data to third parties.
International Data Transfers
Where it is necessary to transfer your personal data outside the United Kingdom or the European Economic Area, we will ensure that appropriate safeguards are in place to protect your data in accordance with data protection laws. This may include using countries that have been recognised as providing an adequate level of protection or entering into contracts that incorporate standard data protection clauses.
Your Data Protection Rights
You have a number of rights in relation to your personal data under data protection laws. These rights are subject to certain conditions and exemptions, and we may need to verify your identity before acting on a request. Your rights include:
The right to access. You have the right to obtain confirmation as to whether we process personal data about you and, if so, to receive a copy of that data together with certain information about how it is processed.
The right to rectification. You have the right to request that inaccurate or incomplete personal data we hold about you is corrected or updated.
The right to erasure. In certain circumstances, you have the right to request that we delete your personal data, for example where it is no longer necessary for the purposes for which it was collected or where you withdraw consent and no other lawful basis applies.
The right to restriction. You may request that we restrict the processing of your personal data in certain situations, such as where you contest its accuracy or object to our processing.
The right to data portability. Where our processing is based on your consent or on a contract and carried out by automated means, you may be entitled to receive your personal data in a structured, commonly used and machine-readable format and to transmit it to another controller.
The right to object. You have the right to object to our processing of your personal data where we are relying on legitimate interests, including profiling based on those interests. We will stop processing unless we can demonstrate compelling legitimate grounds or need the data for legal claims.
Rights related to automated decision making. You have rights in respect of decisions based solely on automated processing that have legal or similarly significant effects. We do not routinely carry out such processing in connection with our services.
Security of Your Data
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction or damage. These measures may include access controls, encryption, secure storage and regular review of our security procedures. However, no system can be guaranteed as completely secure, and you should take care to keep your own access details and any passwords confidential.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations or how we process personal data. Any changes will take effect when the updated Privacy Policy is made available. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
