Privacy Policy - Crouchend Storage

This Privacy Policy explains how Crouchend Storage collects, uses, stores, shares, and protects personal data. It applies to all Crouchend Storage customers in area, including prospective customers, current customers, account holders, authorised users, and any other individuals whose personal data is processed in connection with our storage services. We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our services, you acknowledge that your personal data may be processed as described in this policy. We encourage you to read it carefully so that you understand how and why we process information about you.

1. Personal Data We Collect

We only collect personal data that is necessary for the provision and administration of our storage services, for compliance with legal obligations, and for the protection of our legitimate business interests. The type of information we collect may include:

  • Identity data: name, title, date of birth, and proof of identity where required.
  • Contact data: address, email address, telephone number, and billing address.
  • Account data: customer reference numbers, booking details, service preferences, and communication records.
  • Payment data: payment method details, transaction records, and billing history. In many cases, payment processing is handled securely by third-party payment providers.
  • Usage data: information about your use of our services, access times, unit usage, and security logs.
  • Correspondence data: records of emails, messages, calls, complaints, and support requests.
  • Security and access data: key card usage, entry logs, CCTV images where applicable, and incident reports.

We may also collect limited information from third parties, such as identity verification providers, payment processors, debt recovery services, or public sources where necessary and lawful. We do not intentionally collect special category data unless you choose to provide it and there is a lawful reason to process it.

2. How We Use Your Data

We use personal data to deliver and manage our storage services and to support our legal and operational responsibilities. Typical uses include:

  • setting up and managing customer accounts;
  • providing storage units and related services;
  • processing payments and issuing invoices;
  • verifying identity and preventing fraud;
  • monitoring access to premises and maintaining security;
  • communicating about bookings, renewals, service updates, and account matters;
  • handling complaints, disputes, and service enquiries;
  • meeting legal, regulatory, tax, and accounting obligations;
  • protecting our property, staff, customers, and other users;
  • enforcing our terms and conditions where necessary.

We will not use your personal data for purposes that are incompatible with the reasons it was collected unless we have a lawful basis to do so and, where required, we notify you.

3. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis to process your personal data. Depending on the circumstances, we rely on one or more of the following bases:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, processing payments, and providing customer support related to the service.

Legal Obligation

We process personal data where required to comply with legal obligations, such as accounting, tax record-keeping, fraud prevention, dispute handling, and responding to lawful requests from public authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate interests, provided these interests are not overridden by your rights and freedoms. These interests may include site security, loss prevention, service improvement, business administration, and communication with customers. We always assess whether the processing is necessary and proportionate.

Consent

In limited situations, we may rely on your consent, for example where it is required for optional communications or certain forms of marketing. Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

4. Data Sharing and Processors

We may share personal data with trusted third parties who process data on our behalf or with independent controllers where necessary. We do this only when appropriate safeguards are in place and only for legitimate business purposes. Our processors and service partners may include:

  • payment processing providers;
  • identity verification and fraud prevention providers;
  • IT hosting, cloud storage, and software service providers;
  • security and CCTV system providers;
  • professional advisers, including accountants, insurers, and legal advisers;
  • debt recovery agencies and credit-related service providers where necessary;
  • maintenance and facilities management providers;
  • regulatory bodies, law enforcement, or courts where legally required.

All processors are required to act only on our instructions, to keep data secure, and to use it only for the agreed purpose. We do not sell personal data. If data is transferred outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations or standard contractual clauses, where applicable.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods vary depending on the type of data and the purpose of processing.

  • Customer account and contract records: kept for the duration of the service relationship and for a reasonable period afterwards for claims handling and administration.
  • Payment and invoicing records: retained in line with tax and financial record requirements.
  • Security logs and access records: retained for a limited period unless needed for investigations or legal proceedings.
  • Correspondence and complaints: retained as long as necessary to manage the matter and maintain appropriate records.

When data is no longer required, it will be securely deleted, anonymised, or archived in accordance with our retention procedures. We periodically review the data we hold to ensure it is not kept longer than necessary.

6. Security of Your Data

We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, and disclosure. These measures may include access controls, encryption, secure storage, staff training, and monitoring of systems. While no method of transmission or storage is entirely secure, we work to maintain a level of security appropriate to the risks involved.

We also limit access to personal data to those employees, contractors, and processors who need it for legitimate business purposes. They are subject to confidentiality and data protection obligations.

7. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to conditions or exemptions depending on the context of the request. Your rights include:

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete data.
  • Right to erasure: you may request deletion of your data in certain circumstances.
  • Right to restriction: you may ask us to restrict processing in certain cases.
  • Right to data portability: you may request a copy of certain data in a structured, commonly used format.
  • Right to object: you may object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner's Office if you believe your data has not been handled lawfully. We would, however, appreciate the opportunity to address your concerns first and encourage you to raise any issue with us promptly.

8. Automated Decision-Making

We do not rely on fully automated decision-making that produces legal or similarly significant effects without human involvement. If this position changes, we will update this policy and provide relevant information about the logic involved, the significance of the processing, and your rights.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or operational practices. Any updated version will apply from the date it takes effect. We encourage customers to review the policy periodically so they remain informed about how their personal data is handled.

10. Summary of Our Commitments

Crouchend Storage is committed to processing personal data in a way that is lawful, secure, and respectful of individual rights. We collect only what we need, use it for clear and legitimate purposes, retain it only as long as necessary, and share it only with trusted processors or where the law requires. This policy applies to all Crouchend Storage customers in area and reflects our responsibility to protect personal information throughout the service relationship.

Call Now!
Call Now Get a Quote
Crouchend Storage

GDPR-compliant Privacy Policy for all Crouchend Storage customers in area, covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.