Self Storage Richmond upon Thames Privacy Policy
This Privacy Policy explains how Self Storage Richmond upon Thames collects, uses, stores and protects personal data relating to our customers and prospective customers in the Richmond upon Thames area. It also explains the rights you have under data protection law, including the UK General Data Protection Regulation and related legislation.
This Privacy Policy applies to all customers, prospective customers, and users of our storage services and facilities in the Self Storage Richmond upon Thames area. By using our services, contacting us or otherwise providing us with your personal data, you acknowledge that you have read and understood this Privacy Policy.
Who we are and scope of this policy
Self Storage Richmond upon Thames is a self storage service provider operating storage units and related services in the Richmond upon Thames area. For the purposes of data protection law, we act as the data controller in relation to the personal data we collect and process about you in connection with the provision of our services.
This Privacy Policy covers personal data collected through our premises, our website and any other channels we use to communicate with you regarding our storage services, including enquiries, bookings and ongoing account management.
Personal data we collect
We collect and process different categories of personal data depending on your relationship with us and how you use our services. The types of personal data we may collect include:
Identification and contact details, such as your name, postal address, billing address, contact address, and other basic contact information such as your preferred communication details.
Account and contract details, such as your customer account number, storage unit number, contract start and end dates, payment history, rental rate, any additional services purchased, and records of communications relating to your contract.
Payment information, including details required to process your payments. We do not retain full card details when a third party payment processor is used, but we may retain limited information such as partial card numbers or payment references for verification and record keeping.
Identity verification details, such as copies or details of identification documents that you may provide to comply with our security procedures or legal obligations, for example a driving licence or passport details.
Usage and access information, such as records of your access to our storage facility, including entry and exit times where access systems or logs are in operation, and records of any incidents or accidents on the premises.
Communication records, including emails, letters, forms, notes from telephone calls or in person meetings, and any other correspondence you have with us regarding enquiries, quotations, bookings, complaints or feedback.
Technical information, where you use our website, such as IP address, browser type, device type, and basic usage data necessary for the operation and security of the site. We may also collect limited analytical information to help us understand how our website is used.
Lawful bases for processing your data
We only process your personal data where we have a lawful basis to do so under applicable data protection law. Depending on the circumstances, we may rely on one or more of the following lawful bases:
Contract. We process personal data where it is necessary to enter into and perform a contract with you for the provision of storage services, including managing your bookings, managing your account, processing payments and communicating with you about your contract.
Legal obligation. We process personal data where it is necessary to comply with our legal obligations, for example for tax and accounting requirements, responding to lawful requests from authorities, and maintaining certain records for regulatory purposes.
Legitimate interests. We process personal data where it is necessary for our legitimate business interests or those of a third party, provided your interests and fundamental rights do not override those interests. This can include ensuring the security of our premises, improving our services, managing and protecting our business, handling customer service issues, and defending legal claims.
Consent. In limited circumstances we may rely on your explicit consent, for example for certain types of direct marketing communications where consent is required. Where we rely on consent, you have the right to withdraw your consent at any time.
How we use your personal data
We use your personal data for the following purposes:
To provide and manage storage services, including processing enquiries, issuing quotations, setting up your account, preparing and managing your storage contract, administering your storage unit and responding to your requests.
To process payments and manage billing, including issuing invoices, collecting payments, managing arrears and dealing with billing queries.
To maintain security and safety at our facilities, including controlling and monitoring access to the premises, maintaining access logs, managing incidents, and protecting our property and the property stored with us in accordance with applicable law.
To communicate with you, including responding to your enquiries, providing updates about your contract or storage unit, sending notices relating to changes in terms or policies, and managing any complaints or disputes.
To comply with legal and regulatory obligations, including maintaining appropriate records, cooperating with authorities where lawfully required, and complying with health and safety, tax and accounting obligations.
To manage and improve our business, including carrying out internal reporting and analysis, improving our facilities and services, training our staff, and ensuring the efficient and secure operation of our systems.
Data retention and storage
We keep your personal data only for as long as is necessary for the purposes for which it was collected and to meet our legal, accounting and reporting obligations.
Customer account and contract information is typically retained for a number of years after your contract ends, in line with statutory limitation periods and accounting record requirements. This allows us to respond to any queries or disputes that may arise after the relationship has ended and to comply with legal obligations.
Access and security logs are retained for a shorter period, only for as long as necessary for security, incident investigation and risk management purposes, unless required for longer in connection with a specific incident or legal claim.
Where we no longer need to retain your personal data, we will securely delete or anonymise it. Anonymised information that no longer identifies you may be kept for analytical or statistical purposes.
Data sharing and processors
We may share your personal data with trusted third parties where this is necessary for the operation of our business, to provide our services to you, or to comply with legal obligations. These third parties may act as data processors on our behalf or as independent data controllers.
Categories of third parties that may process personal data on our behalf include:
Payment service providers, who process payments and handle certain aspects of billing securely.
IT and system support providers, who help us maintain our IT infrastructure, storage and communication systems.
Security service providers, who may provide access control systems, monitoring or related security services for our facilities.
Professional advisers, such as accountants, auditors and legal advisers who may require access to certain data in the course of providing their services.
Where we engage third party processors, we ensure that appropriate contractual and technical safeguards are in place to protect your personal data and to ensure it is processed only in accordance with our instructions and applicable data protection law.
We may also share personal data with law enforcement agencies, regulatory authorities, courts and other third parties where required by law or where necessary to establish, exercise or defend legal claims.
International transfers
Where our use of third party service providers or systems involves the transfer of personal data outside the United Kingdom or the European Economic Area, we will ensure that appropriate safeguards are in place, such as standard contractual clauses or other approved mechanisms, to protect your data in line with data protection law.
Your data protection rights
Under data protection law, you have a number of rights in relation to the personal data we hold about you. Subject to certain conditions and exemptions, these include:
The right of access. You have the right to request confirmation that we process your personal data and to request a copy of the personal data we hold about you.
The right to rectification. You have the right to request that inaccurate or incomplete personal data is corrected or updated.
The right to erasure. In certain circumstances, you may have the right to request that we delete your personal data, for example where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent and there is no other legal basis for processing.
The right to restrict processing. You may request that we restrict the processing of your personal data in certain situations, for example while we assess an objection or verify the accuracy of data.
The right to object. You may object to our processing of your personal data where we rely on legitimate interests as our lawful basis, including for direct marketing purposes. We will stop processing your data unless we can demonstrate compelling legitimate grounds that override your interests, or the processing is necessary for legal claims.
The right to data portability. In some cases, you may have the right to receive the personal data you provided to us in a structured, commonly used and machine readable format and to request that we transfer it to another controller where technically feasible.
Where we rely on your consent as the lawful basis for processing, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing carried out before the withdrawal.
How to exercise your rights or raise concerns
If you wish to exercise any of your data protection rights, or if you have any questions or concerns about how we handle your personal data, you can contact us using the contact details provided in your storage agreement or on our website.
You also have the right to lodge a complaint with the relevant data protection supervisory authority if you believe that your rights have been infringed. We encourage you to contact us first so that we can attempt to resolve any issues directly.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or other factors. Any updated version will be made available at our premises and on our website, and the effective date will be indicated. We encourage you to review this Privacy Policy periodically to stay informed about how we handle your personal data.
This Privacy Policy applies to all Self Storage Richmond upon Thames customers and prospective customers in the Richmond upon Thames area and remains in force until superseded by an updated version.
