Privacy Policy - Brondesbury Storage

This Privacy Policy explains how Brondesbury Storage collects, uses, stores, shares, and protects personal data in connection with storage services provided to customers in the area. It applies to all Brondesbury Storage customers in area, including prospective customers, current customers, former customers, account holders, authorised users, and any individuals who interact with us in relation to our services.

We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is intended to provide clear information about the personal data we process, the lawful bases on which we rely, how long we keep data, the third parties who may process data on our behalf, and the rights individuals have over their personal information.

1. Personal Data We Collect

Brondesbury Storage collects only the information necessary to provide storage services safely, lawfully, and efficiently. Depending on your relationship with us, we may collect the following categories of personal data:

  • Identity data such as your name, date of birth, and identification details where required for verification.
  • Contact data such as your postal address, email address, and telephone number.
  • Account and contract data such as customer reference numbers, booking details, service preferences, payment status, and contract history.
  • Payment data such as billing details and transaction records. Full card information is generally processed by our payment providers rather than stored by us.
  • Security data such as access logs, CCTV footage, and records of site entry or exit where access control is used.
  • Communications data such as correspondence, enquiry records, complaints, and any other information you choose to provide.
  • Technical data such as device information or IP-related data if you interact with our digital systems or online forms.

We may also receive personal data from third parties, including payment processors, identity verification services, insurance partners, or individuals authorised by you to act on your behalf. Where we receive data from third parties, we treat it in the same manner as data provided directly by you.

2. How We Use Personal Data

We use personal data to operate our storage services and manage our relationship with customers. Typical uses include:

  • Creating and managing customer accounts;
  • Processing bookings, renewals, and payments;
  • Verifying identity where required;
  • Providing access to storage units and managing site security;
  • Responding to enquiries, complaints, and support requests;
  • Maintaining records for insurance, audit, accounting, and legal compliance;
  • Preventing fraud, misuse, or unlawful activity;
  • Improving our operations, policies, and customer experience;
  • Meeting our legal and regulatory obligations.

We will only use personal data for the purposes for which it was collected, unless we reasonably consider that we need to use it for another compatible purpose and that such use is lawful.

3. Lawful Basis for Processing

Under data protection law, we must have a valid lawful basis for each processing activity. Brondesbury Storage relies on one or more of the following bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes account setup, taking payments, providing access to storage, and managing service requests related to your storage agreement.

Legal Obligation

We may process personal data where necessary to comply with legal requirements, including tax, accounting, fraud prevention, safety, and record-keeping obligations.

Legitimate Interests

We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This may include business administration, security monitoring, preventing misuse, improving services, and defending legal claims. We take care to consider the impact of such processing and to limit it where appropriate.

Consent

Where we rely on consent, such as for certain optional communications or specific uses not covered by other bases, we will obtain clear permission from you. You may withdraw consent at any time, although this will not affect processing already carried out before withdrawal.

Vital Interests

In rare situations, we may process personal data to protect someone’s vital interests, such as in an emergency involving health or safety.

4. Data Sharing and Processors

We do not sell personal data. However, we may share information with trusted third parties where necessary for business operations, legal compliance, or service delivery. These third parties may act as processors or, in some cases, as independent controllers.

Examples of processors and service providers may include:

  • Payment processing providers who handle transactions securely on our behalf;
  • IT and cloud hosting providers who support our systems, storage, and communications;
  • Security service providers who assist with access control, alarms, or monitoring services;
  • Accountancy, audit, and administrative services that help manage financial and operational records;
  • Identity verification and fraud prevention providers used where appropriate;
  • Insurance-related partners where data is needed to administer a claim or policy support;
  • Professional advisers such as lawyers, insurers, and consultants;
  • Public authorities where disclosure is required by law or necessary to protect rights, property, or safety.

Where a third party acts as a processor, we require them to process personal data only on our instructions, use appropriate technical and organisational safeguards, and comply with data protection law. We take steps to ensure that any sharing is limited to what is necessary and proportionate.

5. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, or reporting obligations. Retention periods vary depending on the type of data and the reason for processing.

In general, we may retain:

  • Contract and account records for the duration of the customer relationship and for a reasonable period afterwards;
  • Financial and tax records for the period required by law;
  • Security and access records for a limited period unless needed for an investigation, claim, or legal matter;
  • Correspondence and complaints for as long as necessary to resolve the issue and maintain business records;
  • CCTV or similar footage only for a short period unless it is required for safety, security, or legal purposes.

When personal data is no longer needed, we will delete it or anonymise it securely. In some cases, we may retain certain records for longer where required to establish, exercise, or defend legal claims.

6. Data Security

We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff training, confidentiality obligations, and monitoring of systems where appropriate.

While we take data security seriously, no method of transmission or storage is completely secure. We therefore cannot guarantee absolute security, but we continuously work to reduce risk and improve safeguards.

7. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be exercised in accordance with legal conditions and exemptions.

  • Right of access – you can ask for confirmation of whether we process your personal data and obtain a copy of it.
  • Right to rectification – you can ask us to correct inaccurate or incomplete data.
  • Right to erasure – in some circumstances, you can request deletion of your data.
  • Right to restrict processing – you may ask us to limit how we use your data in certain situations.
  • Right to data portability – you may request that we provide certain data in a structured, commonly used format.
  • Right to object – you may object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

If you wish to exercise any of these rights, we may need to verify your identity before responding. We aim to respond within the time limits required by law and will let you know if additional information is needed.

8. Automated Decision-Making

We do not use personal data for decisions based solely on automated processing that produce legal or similarly significant effects on individuals, unless we have informed you and such processing is permitted by law. If this changes, we will provide appropriate information about the logic involved and your rights.

9. International Transfers

Where personal data is transferred outside the UK, we will ensure appropriate safeguards are in place so that your data remains protected to an adequate standard. These safeguards may include adequacy regulations, standard contractual clauses, or equivalent lawful transfer mechanisms.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically to stay informed about how personal data is handled.

11. Fair Processing Commitment

Brondesbury Storage is committed to processing personal data fairly, lawfully, and transparently. We only collect data that is relevant and necessary, keep it secure, and use it in a manner that respects privacy. We also aim to be clear about why data is needed and how it will be used.

In summary: we process your personal data to provide storage services, manage our business, meet legal obligations, and protect our customers and site. We do so under lawful bases recognised by data protection law, retain data only for as long as necessary, use trusted processors under contract, and respect your rights over your personal information.

Call Now!
Call Now Get a Quote
Brondesbury Storage

GDPR-compliant Privacy Policy for Brondesbury Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.