Self Storage Putney Privacy Policy
This Privacy Policy explains how Self Storage Putney collects, uses, stores, and protects personal data for all its customers and prospective customers in the Putney area. It is intended to provide clear information in line with the UK General Data Protection Regulation and the Data Protection Act 2018.
By using our self storage services, visiting our premises, or otherwise interacting with Self Storage Putney, you acknowledge that you have read and understood this Privacy Policy.
Scope of this Privacy Policy
This Privacy Policy applies to all Self Storage Putney customers, including individuals and businesses, who use or enquire about our storage units or related services in the Putney area. It covers personal data obtained through in-person interactions, telephone or written correspondence, our website, and any digital or paper forms used to manage your account or enquiry.
Data Controller
For the purposes of data protection law, Self Storage Putney is the data controller. This means we determine the purposes and means of processing your personal data in connection with the provision of storage and related services.
Personal Data We Collect
We collect and process different categories of personal data depending on how you interact with us. This may include:
Identification details, such as your full name, date of birth, and proof of identity or address documents presented when setting up a storage agreement.
Contact details, such as your postal address, billing address, and any other addresses provided for correspondence, as well as any email contact identifiers you choose to share.
Account and contract information, such as storage unit number, start and end dates of your agreement, payment history, correspondence relating to your account, deposit details, access permissions, and records of any changes to your contract.
Payment and billing information, such as payment method details, invoices, receipts, and records of transactions. We do not store full bank card details where this is not necessary for the agreed payment method.
Security and access data, such as CCTV footage captured on our premises, access logs, entry and exit times, vehicle details used to access the facility, and records of any incidents or security reports.
Communication records, such as notes or records of conversations with you, written correspondence, and any feedback or complaints submitted to us.
How We Collect Your Data
We collect personal data directly from you when you make an enquiry, request a quote, sign a storage agreement, make a payment, visit our site, or contact us with a question or complaint. We may also receive data about you from third parties whom you have authorised to act on your behalf, for example a business partner or a person you nominate to access your storage unit.
Lawful Basis for Processing
We process your personal data only where we have a lawful basis under data protection law. Depending on the situation, this may include:
Contract performance. We process your data where it is necessary to enter into or fulfil a contract with you, including managing your storage agreement, processing payments, providing access to units, and handling enquiries relating to your account.
Legal obligations. We may process data where necessary to comply with legal and regulatory requirements, such as tax and accounting rules, the prevention of fraud, crime prevention, and health and safety obligations.
Legitimate interests. We may process personal data where it is necessary for our legitimate business interests and where these are not overridden by your rights and freedoms. This includes ensuring the security of our premises through CCTV, managing and improving our services, recovering debts, and handling routine business operations.
Consent. In limited cases we may rely on your consent, for example if you ask us to share information with a third party or for specific forms of communication that are not necessary for the performance of your contract. Where we rely on consent, you can withdraw it at any time.
Purposes for Which We Use Your Data
We use your personal data for the following purposes:
To provide self storage and related services, including setting up and managing your storage agreement, processing bookings, allocating units, managing access permissions, and communicating with you about your account.
To manage payments and billing, including issuing invoices and receipts, processing payments and refunds, and keeping appropriate financial records.
To maintain security and safety, including operating CCTV on our premises, monitoring access to storage areas, investigating incidents, and enforcing site rules.
To respond to enquiries and provide customer support, such as handling questions, requests, complaints, and feedback.
To comply with legal and regulatory requirements, including responding to legitimate requests from law enforcement or regulatory authorities where we are under a legal obligation to do so.
To protect our business interests, including managing disputes, recovering debts, maintaining records for auditing purposes, and improving the quality and efficiency of our services.
Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected and to meet our legal, accounting, or reporting obligations.
Customer account and contract records are typically kept for a defined period after the end of your agreement, in order to deal with any questions, disputes, or legal claims that may arise. Financial records related to payments and invoices are retained for periods required by applicable tax and accounting laws.
CCTV footage and access records are retained for a limited period needed for security and incident investigation purposes, unless a longer retention period is required in connection with a specific incident, claim, or legal obligation.
When personal data is no longer required, we will securely delete, anonymise, or otherwise remove it from our systems.
Data Processors and Third Parties
We may use carefully selected third party service providers to process personal data on our behalf. These data processors support us in areas such as secure data storage, payment processing, customer management systems, security services, and professional advice.
Where we use a data processor, we ensure there is a written agreement in place requiring them to act only on our instructions, to keep your personal data secure, and to comply with applicable data protection laws.
We may also share your data with other third parties where this is necessary to comply with our legal obligations, to protect our rights, or to facilitate the sale or restructuring of our business, in which case we will ensure that appropriate safeguards are in place.
International Transfers
Where personal data is transferred outside the United Kingdom or the European Economic Area by one of our service providers, we will ensure that appropriate safeguards are in place to protect your data in accordance with data protection law, for example through approved contractual clauses or equivalent measures.
How We Protect Your Data
We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, or damage. These measures include physical security of our premises, access controls, secure storage solutions, and internal policies and training designed to promote responsible handling of personal data.
Your Data Protection Rights
Under data protection law, you have a number of rights in relation to your personal data. These include:
The right of access. You can request confirmation that we process your personal data and ask for a copy of the data we hold about you.
The right to rectification. You can ask us to correct any inaccurate or incomplete personal data relating to you.
The right to erasure. In certain circumstances, you can request that we delete your personal data, for example where it is no longer needed for the purpose for which it was collected and there is no legal or legitimate reason for us to keep it.
The right to restrict processing. You can ask us to restrict the processing of your data in certain situations, such as while we are handling a request to correct inaccurate data.
The right to data portability. Where processing is based on your consent or on a contract and is carried out by automated means, you may have the right to receive your personal data in a structured, commonly used and machine readable format and to ask for it to be transmitted to another controller where technically feasible.
The right to object. You can object to processing based on our legitimate interests where there is something about your particular situation which makes you want to object. We will stop processing unless we have compelling legitimate grounds to continue or the processing is for the establishment, exercise, or defence of legal claims.
The right to withdraw consent. Where we rely on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing that took place before consent was withdrawn.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. Any updated version will apply from the date it is made available. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.
