Self Storage Lambeth Privacy Policy
This Privacy Policy explains how Self Storage Lambeth collects, uses, stores and protects personal data relating to our customers and prospective customers in the Lambeth area. We are committed to complying with the United Kingdom General Data Protection Regulation and the Data Protection Act 2018. This policy applies to all services provided by Self Storage Lambeth and to all individuals whose personal data we process in connection with the provision of self storage and related services.
Scope of this Privacy Policy
This Privacy Policy applies to all Self Storage Lambeth customers, former customers, prospective customers, and authorised users of our storage units and related services within the Lambeth area. It covers information collected when you enquire about our services, enter into a storage agreement, communicate with us, visit our premises, or otherwise interact with Self Storage Lambeth in person or remotely.
Types of Personal Data We Collect
We may collect and process the following categories of personal data, depending on your relationship with us and the services you use:
Identification and contact details, such as your full name, postal address, billing address, date of birth, and contact details including your preferred communication methods.
Contract and account information, such as storage unit numbers, access permissions, vehicle registration details where relevant, payment history, invoices, and records of your communications with us regarding your account.
Verification and security information, such as identification documents you present for verification, records of your visits to our premises, access control data and CCTV footage recorded on or around our facilities for security and safety purposes.
Payment information, such as payment transaction details and information required to process card or bank payments via our payment processors. We do not store full card details where this is handled by a secure third party payment processor.
Marketing and communication preferences, such as your preferences about receiving service notifications, updates, and marketing information about our services.
How We Collect Personal Data
We collect personal data directly from you when you contact us, request a quote, complete forms, enter into a storage contract, make a payment, visit our premises, or communicate with us by any means. We may also obtain personal data from third parties where this is necessary to verify your identity or carry out required checks, or where you have given those parties permission to share your data with us.
Lawful Bases for Processing
We process your personal data only when we have a lawful basis under data protection law. Depending on the specific processing activity, we rely on one or more of the following lawful bases:
Performance of a contract: We process your data when it is necessary to enter into or perform our contract with you, for example to set up and manage your storage unit, take payments, and communicate with you about your agreement.
Compliance with legal obligations: We process data where necessary to meet our legal obligations, such as tax and accounting requirements, record-keeping, fraud prevention, and cooperating with law enforcement or regulatory requests where required by law.
Legitimate interests: We process certain data where it is necessary for our legitimate business interests and where your rights and freedoms do not override these interests. This includes maintaining the security of our premises, preventing non-payment or misuse of our facilities, improving our services, and managing customer relationships.
Consent: In some situations, we rely on your consent, for example for certain types of marketing communications where required by law. When we rely on consent, you are free to withdraw it at any time and we will explain how to do this at the time consent is obtained.
How We Use Your Personal Data
We use your personal data for the following purposes:
To provide and manage self storage and related services, including setting up your account, allocating units, administering access, processing payments, and dealing with enquiries and support requests.
To communicate with you about your agreement, including notifications about payments, renewals, access arrangements, changes to terms and conditions, and important service information affecting your use of our facilities.
To manage our business operations, including internal administration, accounting and auditing, resolving disputes, collecting unpaid debts, and enforcing our contractual terms.
To ensure security and safety, including monitoring access to our premises and using CCTV systems to help protect customers, staff, property and assets, and to assist in the investigation of incidents.
To comply with applicable laws and regulations, including responding to lawful requests from authorities where we are legally required to do so.
To send you information about our services that may be of interest to you, where you have not opted out of receiving such communications or where you have given us consent where this is legally required.
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected and to meet our legal, accounting, or reporting obligations. Retention periods may vary depending on the type of data and the context of our relationship with you.
Customer account and contract records are generally retained for a period after the end of your agreement, to enable us to respond to queries, address disputes, and comply with legal and regulatory requirements. CCTV footage is kept for a limited period except where it is required for the investigation of an incident or for legal purposes, in which case it may be retained for longer.
When personal data is no longer required, we will securely delete or anonymise it so that it can no longer be associated with you.
Use of Processors and Third Parties
We may engage carefully selected third party service providers to process personal data on our behalf. These processors provide services such as payment processing, secure data storage, accounting support, customer management systems, and security services including CCTV operation and maintenance.
Where we use processors, they are only permitted to process your personal data in accordance with our written instructions, for the purposes described in this Privacy Policy, and subject to appropriate confidentiality and security obligations. We do not allow them to use your personal data for their own purposes.
In certain circumstances we may share personal data with other third parties, such as professional advisers, insurers, or debt recovery agencies, where this is necessary to protect our legitimate interests, manage risks, or enforce our rights. We may also disclose data where required to do so by law or in response to lawful requests from public authorities.
International Transfers
Where personal data is transferred outside the United Kingdom by us or our processors, we will ensure that appropriate safeguards are in place to protect it, such as standard contractual clauses or other mechanisms approved by applicable data protection laws. We take steps to ensure that your data remains protected to standards that are substantially equivalent to those in the United Kingdom.
Data Security
We take the security of your personal data seriously. We implement technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. These measures include restricted access controls, secure storage, encryption where appropriate, staff training, and regular review of our security practices.
Your Data Protection Rights
You have a number of rights in relation to your personal data under data protection laws. These rights are subject to certain conditions and legal exceptions, but in general include the following:
The right to be informed about how we collect and use your personal data, which this Privacy Policy aims to provide.
The right of access to the personal data we hold about you and to obtain a copy of that data, along with information about how it is processed.
The right to rectification of inaccurate or incomplete personal data concerning you.
The right to erasure of your personal data in certain circumstances, for example where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent and there is no other legal basis for processing.
The right to restrict processing of your personal data in certain situations, such as where you contest the accuracy of the data or object to our processing.
The right to data portability, which allows you in certain circumstances to receive your personal data in a structured, commonly used and machine readable format and to have that data transmitted to another controller where technically feasible.
The right to object to certain types of processing, including processing based on our legitimate interests and processing for direct marketing.
The right not to be subject to a decision based solely on automated processing, including profiling, where this produces legal or similarly significant effects on you, unless specific conditions apply.
You also have the right to lodge a complaint with the relevant supervisory authority if you consider that your personal data has been processed in a way that does not comply with data protection law.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal obligations. Any updates will take effect from the date they are published. We encourage you to review this Privacy Policy periodically to remain informed about how we protect your personal data.
