Storage North Ockendon Privacy Policy
This Privacy Policy explains how Storage North Ockendon collects, uses and protects your personal data. It applies to all Storage North Ockendon customers and prospective customers in the Storage North Ockendon area, including individuals and businesses that enquire about or use our storage services.
We are committed to handling your personal data in accordance with the UK General Data Protection Regulation and all applicable data protection laws. This Privacy Policy is intended to provide clear and transparent information about our data processing activities.
Personal Data We Collect
We collect and process personal data that is necessary for the provision of our storage services and the operation of our business. The types of personal data we may collect include:
Identification and contact details such as full name, postal address, billing address, date of birth, and contact details including mobile number or landline number.
Account and contract information such as storage unit number, access codes, contract start and end dates, payment history, invoices, correspondence relating to your account, and your communication preferences.
Payment and billing information such as payment method details and records of payments made, processed through secure payment processors. We do not retain full payment card details where this is not necessary.
Verification and security information such as copies or details of identity documents provided for verification purposes, vehicle registration details where relevant, and access log data for security and operational reasons.
Communications and enquiry data such as information you provide when contacting us by any means, including enquiries, feedback, complaints, and any information you give during discussions regarding your contract or potential contract with us.
Technical and usage information such as basic information about your interactions with our website or online portals, including pages visited and time spent, where this is collected through essential cookies or similar technologies for security and operational purposes.
Lawful Bases for Processing Your Data
We process your personal data only when we have a lawful basis under data protection law. Depending on the circumstances, we may rely on the following lawful bases:
Contract. We process your personal data when it is necessary to enter into or perform a contract with you, including taking steps at your request before entering into a contract. This includes processing required to manage your storage unit, billing, access control and customer service.
Legal obligation. We process certain personal data to comply with legal and regulatory obligations, including record keeping, tax and accounting requirements, and responding to lawful requests from public authorities.
Legitimate interests. We process personal data when it is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. Our legitimate interests include operating, managing and improving our storage business, ensuring site security, preventing fraud and misuse, and communicating with customers regarding services related to their contracts.
Consent. In limited cases, we may rely on your consent, for example for certain types of optional marketing communications. Where we rely on consent, you have the right to withdraw that consent at any time.
How We Use Your Personal Data
We use your personal data for the following purposes, to the extent permitted by law:
To set up, manage and administer your storage contract, including confirming your identity, allocating a storage unit, managing access, and communicating with you about your contract.
To process payments, issue invoices, manage billing queries, and maintain accurate financial and transactional records.
To maintain the security and integrity of our premises, systems and customers, including through access controls, verification checks, and investigation of incidents or suspected unlawful activity.
To provide customer service and support, respond to enquiries, handle complaints, and keep a record of our communications with you.
To manage our business operations, including internal reporting, auditing, quality control, staff training and service improvement.
To comply with legal and regulatory requirements, including cooperating with regulators and law enforcement where required by law.
To send you information about services similar to those you already receive from us, where permitted by law and subject to your right to object at any time.
Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, including for the purposes of satisfying any legal, accounting or reporting requirements.
When determining appropriate retention periods, we consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process it and whether those purposes can be achieved by other means, and applicable legal obligations.
In general, we retain customer contract records and related financial data for a period required by law after your contract ends, usually up to several years for tax and accounting purposes. Security records such as access logs or verification documentation may be retained for shorter periods, unless a longer retention period is required in connection with an investigation, dispute or legal claim.
At the end of the applicable retention period, we will delete or anonymise your personal data in a secure manner.
Data Processors and Third Parties
We may share your personal data with trusted third party service providers who act as data processors on our behalf. These processors are engaged only to the extent necessary to provide services to us, and they are required by contract to process your personal data only according to our instructions and in compliance with data protection law.
Examples of such processors include payment processing providers, accounting or bookkeeping services, information technology and system support providers, and companies that assist us with secure document storage and destruction.
We may also share personal data with professional advisers such as legal or tax advisors where necessary, and with public authorities, regulators or law enforcement agencies where required by law or where necessary to protect our rights, property, customers or the safety of others.
We do not sell your personal data. We do not permit our processors to use your data for their own independent purposes.
International Data Transfers
Where any of our processors or their systems are located outside the United Kingdom or the European Economic Area, we will ensure that appropriate safeguards are in place to protect your personal data, such as standard contractual clauses or other mechanisms permitted under applicable data protection law.
Your Data Protection Rights
As an individual in the Storage North Ockendon area whose personal data we process, you have a number of rights under data protection law. These rights may be subject to conditions and legal limitations, but we will always respond to your requests in accordance with the law.
Right of access. You have the right to obtain confirmation of whether we process your personal data and, if so, to receive a copy of that data and certain additional information.
Right to rectification. You have the right to request correction of inaccurate personal data and to have incomplete data completed.
Right to erasure. In certain circumstances, you have the right to request that we delete your personal data, for example where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent where consent was the lawful basis.
Right to restriction. You have the right to request that we restrict the processing of your personal data in certain situations, such as while we consider a request to rectify or object, or where you contest the lawfulness of our processing.
Right to object. You have the right to object, on grounds relating to your particular situation, to our processing of your personal data based on legitimate interests. You also have the right to object at any time to the use of your data for direct marketing.
Right to data portability. In certain circumstances, you have the right to receive personal data you have provided to us in a structured, commonly used and machine readable format and to request that we transmit it to another controller where technically feasible.
Right to withdraw consent. Where we rely on your consent, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You also have the right to lodge a complaint with the relevant data protection supervisory authority if you are concerned about how your personal data is being processed. We encourage you to contact us first so that we can seek to resolve any concerns directly.
Security of Your Personal Data
We take appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage. These measures include access controls, staff training, secure storage and systems security measures appropriate to the sensitivity of the data we process.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, how we process personal data, or legal requirements. The most current version will always apply to the personal data we hold about you. We recommend that you review this Privacy Policy periodically to stay informed about how we protect your information.
