Privacy Policy - Selfstorage Putney

Selfstorage Putney is committed to protecting the privacy and security of personal data. This Privacy Policy explains how we collect, use, share, store, and protect personal information relating to customers, prospective customers, visitors, and other individuals whose data we process in connection with our storage services. It applies to all Selfstorage Putney customers in the Putney area and anyone interacting with our services in relation to a storage account, quotation, booking, access arrangement, payment, or customer support matter.

This policy is designed to meet the requirements of the UK GDPR and the Data Protection Act 2018. It explains what data we process, the lawful bases we rely on, how long we retain data, the types of processors we use, and the rights available to individuals.

1. Personal Data We Collect

We collect only the personal data necessary to provide our services, manage accounts, maintain security, meet legal obligations, and improve our operations. The information we collect may include:

  • Identity details such as name, title, and date of birth where needed for verification.
  • Contact details such as postal address, email address, and telephone number.
  • Account information such as customer reference numbers, storage unit allocation, and service history.
  • Financial information such as payment records, billing details, and limited transaction data.
  • Access and security information such as entry logs, key or access code records, and CCTV footage where used for security purposes.
  • Communication records including correspondence, complaints, notes of calls, and support requests.
  • Technical information such as device, browser, or usage information if you interact with any digital systems we operate.
  • Verification documents where required by law, fraud prevention, or contractual obligations.

We do not intentionally collect special category data unless it is necessary and permitted by law. If such data is provided to us inadvertently, it will be handled with additional care and only where there is a lawful basis to do so.

2. How We Use Personal Data

We use personal data for clear and limited purposes connected to our storage services. These purposes include:

  • setting up and managing customer accounts;
  • providing storage services and related administration;
  • processing payments, invoices, and refunds;
  • verifying identity where appropriate;
  • maintaining site safety and security;
  • responding to enquiries, complaints, and service requests;
  • meeting legal and regulatory obligations;
  • preventing fraud, theft, misuse, or unlawful activity;
  • improving the quality and efficiency of our services;
  • keeping records of business transactions and account activity.

We will only use personal data in ways that are compatible with the purposes described in this policy or as otherwise permitted by law.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process personal data. Depending on the context, we rely on the following lawful bases:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes creating a storage account, managing your unit, handling payments, and delivering the services you have requested.

Legal Obligation

We may process data to comply with laws and regulatory duties, including tax, accounting, fraud prevention, security, and record-keeping requirements.

Legitimate Interests

We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include protecting our premises, preventing misuse, managing operations, and improving service delivery.

Consent

Where we rely on consent for a specific optional activity, you have the right to withdraw consent at any time. Withdrawal will not affect the lawfulness of processing carried out before consent was withdrawn.

Vital Interests and Public Interest

In rare cases, we may process personal data where necessary to protect someone’s vital interests or where required in the public interest by law.

4. Data Sharing and Processors

We may share personal data with third parties only where necessary and lawful. These third parties may act as data processors or independent data controllers depending on the services they provide.

Typical categories of processors and service providers include:

  • Payment processors that handle card payments, direct debits, or other payment services.
  • IT and cloud service providers that support secure storage, email, systems administration, and record management.
  • Security providers that assist with site protection, alarm systems, access control, or CCTV services.
  • Accountancy and professional advisers who support financial compliance, audits, or legal obligations.
  • Maintenance and facilities contractors where access to personal data is necessary for service delivery or site operations.
  • Identity verification or fraud prevention providers where required for lawful checks.

All processors are required to handle personal data securely, only on our instructions, and in compliance with data protection law. We do not sell personal data. Where data is shared with independent controllers, such sharing will be limited to what is necessary and allowed by law.

5. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, contractual, and security requirements. Retention periods depend on the type of information and the reason it is held.

  • Customer account records are generally retained for the duration of the relationship and for a further period after closure where needed for legal, tax, or dispute purposes.
  • Financial records are usually retained for the periods required by accounting and tax law.
  • Security records and access logs are retained only for as long as needed for safety, investigations, or operational review.
  • CCTV footage is retained for a limited period unless it is required for an incident investigation, legal claim, or regulatory purpose.
  • Enquiry records may be retained for a reasonable period to manage follow-up, service improvement, or record-keeping.

When personal data is no longer needed, we will securely delete, anonymise, or archive it in accordance with our retention practices and legal obligations.

6. Security of Personal Data

We take the security of personal data seriously and use appropriate technical and organisational measures to protect against unauthorised access, loss, misuse, or alteration. These measures may include access controls, secure storage, password protection, staff training, monitoring, and confidentiality obligations.

Although we take reasonable steps to protect information, no system can be guaranteed to be completely secure. We therefore encourage individuals to keep their own account details and access credentials confidential.

7. International Transfers

Where processors or service providers are located outside the UK, we will ensure that any international transfer of personal data is subject to appropriate safeguards as required by law. These safeguards may include adequacy regulations, standard contractual clauses, or equivalent lawful transfer mechanisms.

8. Your Rights

Individuals whose personal data we process have rights under data protection law. These rights may be subject to limitations, exemptions, or legal conditions. Your rights include:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain cases.
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent.
  • Right to lodge a complaint – with the relevant data protection supervisory authority if you believe your rights have been infringed.

We will respond to valid requests within the time limits required by law. Before responding, we may need to verify your identity to protect your information.

9. Children’s Data

Our services are not aimed at children, and we do not knowingly collect personal data from children except where necessary in connection with a lawful account or lawful contact arrangement. Where child-related data is processed, it will be handled carefully and only for lawful purposes.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, operational practices, or the way we deliver services. Any updated version will apply from the date it is issued. We encourage individuals to review this policy periodically so they remain informed about how we handle personal data.

11. Summary of Our Commitments

Selfstorage Putney will only process personal data when we have a valid legal reason to do so. We will collect data that is relevant and limited to the service provided, keep it secure, retain it only as long as needed, and share it only with trusted processors or other parties where required by law. We respect the rights of all customers in the Putney area and aim to process personal information in a transparent, fair, and lawful manner.

By using our storage services, customers acknowledge that this Privacy Policy applies to their personal data insofar as it is processed in connection with Selfstorage Putney services in the area.

Call Now!
Call Now Get a Quote
Selfstorage Putney

GDPR-compliant Privacy Policy for Selfstorage Putney covering data collection, lawful basis, retention, processors, and user rights for all Putney-area customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.