Privacy Policy - Upminsterbridge Storage

This Privacy Policy explains how Upminsterbridge Storage collects, uses, shares, stores, and protects personal data in connection with its storage services. It applies to all Upminsterbridge Storage customers in the area, including prospective customers, account holders, authorised users, and any individuals whose personal data is provided to us during the course of arranging or using storage services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018.

1. Who We Are

Upminsterbridge Storage provides secure storage services for personal and business use. For the purposes of data protection law, we act as the data controller in relation to the personal data we collect and process about customers and other individuals associated with our services. This means we determine why and how personal data is processed. We take our obligations seriously and apply appropriate technical and organisational measures to safeguard personal information.

2. Information We Collect

We collect only the personal data necessary to provide and manage our storage services, comply with legal obligations, and protect our legitimate interests. The types of information we may collect include:

  • Identity details such as name, date of birth, and photographic identification where required.
  • Contact details such as postal address, email address, and telephone number.
  • Account and contract information such as storage unit details, rental dates, payment status, and service preferences.
  • Billing and payment data such as invoices, transaction records, and payment confirmations.
  • Security information such as access logs, entry records, and CCTV footage where applicable.
  • Communications such as queries, complaints, notices, and correspondence with our team.
  • Technical data where applicable, including device or system information used to access digital services.

We do not intentionally collect special category data unless it is provided by you and is necessary for a specific purpose or required by law. If such data is processed, we will apply additional safeguards and only do so where a lawful basis exists.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To set up and manage storage accounts.
  • To verify identity and prevent fraud.
  • To provide access to storage facilities and maintain site security.
  • To communicate about agreements, payments, notices, and service updates.
  • To process invoices, payments, and refunds.
  • To handle complaints, disputes, and customer requests.
  • To comply with legal, regulatory, and insurance requirements.
  • To protect the rights, property, and safety of Upminsterbridge Storage, our customers, staff, and visitors.
  • To maintain business records and improve our services.

We process personal data only to the extent necessary for these purposes, and we do not use it in ways that are incompatible with the original reason for collection.

4. Lawful Basis for Processing

Under the UK GDPR, we must have a lawful basis to process personal data. Depending on the context, we rely on one or more of the following lawful bases:

Contract

We process data where it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, processing payments, and providing access to your unit or related services.

Legal Obligation

We may process data to comply with legal requirements, including tax rules, accounting obligations, identity verification duties, and lawful requests from authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate interests, provided your interests and rights do not override those interests. Examples include protecting site security, preventing fraud, enforcing contractual terms, and maintaining business records.

Consent

In limited situations, we may rely on your consent, for example where you choose to receive certain optional communications or where specific processing requires your permission. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

5. Sharing and Processors

We may share personal data with trusted third parties where necessary to operate our business and provide our services. These third parties act as either independent controllers or processors acting on our instructions. We require all processors to handle data securely, confidentially, and only for agreed purposes.

Examples of processors and service providers may include:

  • IT and software providers supporting record keeping, storage management, and security systems.
  • Payment processors handling card or electronic payments.
  • Professional advisers such as accountants, auditors, insurers, or legal advisers.
  • Security providers supporting access control, alarm monitoring, or CCTV systems.
  • Maintenance and facilities providers who may require limited access to support operational needs.

We may also disclose personal data where required by law, to respond to lawful requests, to protect our legal rights, or in connection with a business transaction such as a restructuring or transfer of services. We do not sell personal data.

6. International Transfers

If personal data is transferred outside the United Kingdom, we will ensure appropriate safeguards are in place to protect it in accordance with applicable data protection law. These safeguards may include adequacy regulations, standard contractual clauses, or equivalent protections approved under the UK GDPR.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting requirements. Retention periods depend on the type of data, the nature of the relationship, and applicable law.

In general:

  • Customer account and contract records are kept for the duration of the relationship and for a period after it ends.
  • Payment and tax records are retained for the period required by law.
  • Security logs and access records are retained for a limited period unless needed longer for investigation or legal claims.
  • Correspondence and complaint records are retained for as long as necessary to resolve issues and demonstrate compliance.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer be linked to an individual.

8. Data Security

We use appropriate security measures designed to prevent unauthorised access, loss, misuse, or alteration of personal data. These may include access restrictions, encryption where relevant, secure storage, staff confidentiality obligations, and periodic review of our systems and procedures. Although no system can be guaranteed as completely secure, we continually review our practices to reduce risks and protect information.

9. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to certain legal conditions and exemptions. They include:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain situations.
  • Right to object – to object to processing based on legitimate interests or to direct marketing.
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your rights have been infringed. We encourage you to raise any concerns with us first so that we can try to resolve them promptly.

10. Children’s Data

Our storage services are not directed at children. We do not knowingly collect personal data from children except where it is incidental and necessary in connection with a customer relationship, such as emergency contact information or tenancy-related records. Where children’s data is processed, we will do so only as permitted by law and with suitable safeguards.

11. Automated Decision-Making

We do not use personal data for decisions based solely on automated processing that produce legal or similarly significant effects on individuals, unless we have informed you and such processing is lawful. If this position changes, we will update this policy and explain the logic involved, the significance of the processing, and your available rights.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data processing practices. Any updated version will apply from the date it takes effect. We encourage customers to review this policy periodically to stay informed about how personal data is handled.

13. Summary of Our Commitment

Upminsterbridge Storage is committed to protecting privacy and using personal data responsibly. We collect data only when necessary, process it on a valid lawful basis, retain it for appropriate periods, and share it only with trusted processors or where required by law. We also respect and support individual rights under data protection law. Our approach is to ensure that personal information is handled with care, transparency, and accountability at every stage of the customer relationship.

Call Now!
Call Now Get a Quote
Upminsterbridge Storage

GDPR-compliant privacy policy for Upminsterbridge Storage covering data use, lawful basis, retention, processors, rights, and scope for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.