Privacy Policy - Southall Storage

This Privacy Policy explains how Southall Storage collects, uses, stores, shares, and protects personal data relating to our customers and prospective customers. It applies to all Southall Storage customers in area, including individuals and businesses who use, enquire about, or otherwise interact with our storage services. We are committed to handling personal information in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who this policy applies to

This policy applies to anyone who uses Southall Storage services, makes an enquiry, enters into a storage agreement, accesses our facilities, or communicates with us in connection with our services. It also applies to representatives of business customers, authorised users, and any person whose personal information is provided to us as part of an account, booking, payment, or security process.

Important: This policy applies to all Southall Storage customers in area and to any person whose data is processed by us in connection with those services.

2. Personal data we collect

We only collect personal data that is necessary for providing our services, managing our relationship with you, meeting legal obligations, and protecting our business and customers. The information we may collect includes:

  • Identity details: name, date of birth, and identification information.
  • Contact details: address, email address, and telephone number.
  • Account and contract information: booking details, storage unit assignment, agreement records, and communication preferences.
  • Payment information: billing details, transaction history, and payment status. We do not intentionally store full card details where secure payment processors are used.
  • Access and security information: entry records, CCTV images where applicable, alarm logs, and key or access permissions.
  • Correspondence and support records: emails, call notes, complaints, service requests, and other communications.
  • Technical data: basic device or usage information if you interact with our digital systems, such as IP address or browser details, where needed for security and service operation.

We may also receive information from third parties where necessary, such as identity verification providers, payment providers, insurers, legal advisers, or authorised representatives acting on your behalf.

3. How we use personal data

We use personal data for the following purposes:

  • to provide storage services and manage customer accounts;
  • to verify identity and prevent fraud;
  • to process payments, invoices, refunds, and account changes;
  • to manage access to storage premises and maintain site security;
  • to communicate about agreements, service changes, reminders, or incidents;
  • to handle complaints, enquiries, and disputes;
  • to comply with legal and regulatory obligations;
  • to protect the rights, property, safety, and security of Southall Storage, our customers, staff, and visitors;
  • to establish, exercise, or defend legal claims where required.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another compatible purpose and the law allows us to do so.

4. Lawful basis for processing

Under UK GDPR, we must have a lawful basis to process personal data. Southall Storage relies on the following lawful bases depending on the situation:

  • Contract: We process data where it is necessary to enter into or perform our storage agreement with you, such as managing bookings, access, billing, and customer support.
  • Legal obligation: We process data where required to comply with laws and regulations, including tax, accounting, security, and record-keeping obligations.
  • Legitimate interests: We process data for our legitimate business interests, such as protecting our premises, preventing fraud, improving services, and handling disputes, provided those interests are not overridden by your rights and freedoms.
  • Consent: In limited situations, we may rely on your consent, for example for certain optional communications or uses of data. Where consent is used, you may withdraw it at any time.

We do not rely on consent where another lawful basis is more appropriate for the service we provide.

5. Sharing your data and processors

We may share personal data where necessary and only on a need-to-know basis. This may include sharing with trusted service providers who act as data processors on our behalf. Processors only handle data according to our instructions and are required to protect it appropriately.

Examples of processors and third parties may include:

  • payment processing providers;
  • IT hosting, cloud storage, and software providers;
  • security and CCTV system providers;
  • identity verification and fraud prevention services;
  • professional advisers such as accountants, auditors, insurers, and lawyers;
  • debt recovery services where lawful and necessary;
  • public authorities, regulators, or law enforcement where required by law.

We do not sell personal data. If personal data is transferred outside the UK, we will ensure appropriate safeguards are in place, such as approved contractual protections or adequacy decisions, as required by law.

6. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, and for any additional period required by law or to protect our legitimate interests. Retention periods vary depending on the type of record and the reason for processing.

In general:

  • Customer and contract records are retained for the duration of the agreement and for a reasonable period afterwards to handle queries, claims, and accounting matters.
  • Payment and invoicing records are retained for the period required by tax and financial regulations.
  • Security records, such as access logs or CCTV images, are retained only for as long as necessary for site safety, incident investigation, or legal purposes.
  • Correspondence and support records are retained for as long as needed to resolve issues and maintain accurate records.

When data is no longer needed, we will delete it securely or anonymise it so that it can no longer identify you.

7. Your rights under data protection law

You have a number of rights in relation to your personal data. These rights may be subject to legal limits and exemptions, but we will always respond appropriately and within the required timeframe.

  • Right of access: You can request confirmation of whether we process your personal data and ask for a copy of it.
  • Right to rectification: You can ask us to correct inaccurate or incomplete information.
  • Right to erasure: In some cases, you can ask us to delete your personal data.
  • Right to restrict processing: You can ask us to limit how we use your data in certain circumstances.
  • Right to object: You can object to processing based on legitimate interests and to direct marketing where applicable.
  • Right to data portability: In some cases, you can request that we provide your data in a structured, commonly used format.
  • Right to withdraw consent: Where we rely on consent, you can withdraw it at any time.

If you believe your data protection rights have been violated, you may also raise a complaint with the UK Information Commissioner’s Office (ICO).

8. Security of your data

We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures may include access controls, staff training, secure systems, contractual protections, and monitoring of our facilities and systems. While no system can be guaranteed completely secure, we work continuously to reduce risks and maintain strong safeguards.

9. Children’s data

Our storage services are generally intended for adults and business users. We do not knowingly collect personal data from children except where it is necessary in connection with a customer relationship or legal obligation, and only in a lawful manner.

10. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our data handling practices. When changes are made, the updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how we use personal data.

11. Summary of our commitment

Southall Storage is committed to processing personal data responsibly, securely, and transparently. We collect only the information we need, use it for clear and lawful purposes, retain it only as long as necessary, and respect your rights under data protection law. This policy is intended to provide a clear explanation of how we handle your information and to support trust in the services we provide.

Call Now!
Call Now Get a Quote
Southall Storage

GDPR-compliant Privacy Policy for Southall Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.