Privacy Policy - Aldboroughhatch Storage

This Privacy Policy explains how Aldboroughhatch Storage collects, uses, stores, shares, and protects personal data. It applies to all Aldboroughhatch Storage customers in area, including prospective customers, current customers, former customers, and any individuals who interact with us in connection with storage services.

We are committed to handling personal information in a lawful, fair, and transparent way in accordance with the UK GDPR and the Data Protection Act 2018. This policy is designed to help you understand what information we process, why we process it, how long we keep it, who may process it on our behalf, and what rights you have over your data.

1. Data We Collect

We may collect and process different types of personal data depending on how you interact with us. The information we collect is limited to what is necessary for storage services, account management, security, and legal compliance.

Types of personal data

  • Identity data such as your name, date of birth, and identification details when required for verification.
  • Contact data such as postal address, email address, and telephone number.
  • Contract and account data such as booking information, unit size, access arrangements, payment status, and service history.
  • Payment data such as billing information and transaction records. Card details are usually processed by secure payment providers and are not stored by us unless needed for lawful business purposes.
  • Security and access data such as CCTV recordings, entry logs, gate access records, and incident reports.
  • Communication data such as enquiries, complaints, claims, and correspondence with us.
  • Technical data such as device, browser, or usage information if you interact with any digital systems we operate.

We generally collect information directly from you when you enquire about, reserve, or use our storage services. In some cases, we may also receive data from payment providers, identity verification services, insurers, legal advisers, or law enforcement where permitted by law.

2. How We Use Personal Data

We use personal data only where we have a valid reason to do so. Our processing supports the provision of storage services, customer support, property security, financial administration, and compliance with legal obligations.

Purposes of processing

  • To provide and manage your storage agreement.
  • To verify identity and prevent fraud or misuse of our services.
  • To process payments, issue invoices, and manage account balances.
  • To maintain site safety, protect property, and investigate incidents.
  • To respond to enquiries, complaints, and service-related requests.
  • To meet legal, regulatory, insurance, and tax obligations.
  • To enforce our contractual rights and manage disputes.

We will not use your personal data for purposes that are incompatible with those listed above unless we have your consent or another lawful basis to do so.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis before processing your personal data. Depending on the context, we rely on one or more of the following lawful bases:

  • Contract — processing is necessary to enter into or perform our storage agreement with you, including managing bookings, payments, access, and customer support.
  • Legal obligation — processing is necessary to comply with laws such as tax, accounting, fraud prevention, health and safety, or lawful requests from authorities.
  • Legitimate interests — processing is necessary for our legitimate business interests, such as protecting premises, maintaining accurate records, preventing loss or misuse, and improving operational efficiency, provided these interests are not overridden by your rights and freedoms.
  • Consent — in limited situations, we may rely on your consent, for example for certain optional communications or activities. Where consent is used, you may withdraw it at any time.

Where we process special category data or other sensitive information, we will only do so where permitted by law and subject to additional safeguards.

4. Sharing Your Data and Processors

We may share personal data with trusted third parties where necessary to operate our services, comply with the law, or protect our business and customers. These third parties act either as processors who handle data on our instructions, or as independent controllers in their own right.

Processors we may use

  • Payment processors who handle card or bank transactions securely.
  • IT and software providers who support booking systems, account management, data storage, and cybersecurity.
  • Security service providers who may support CCTV, alarms, access systems, or site monitoring.
  • Professional advisers such as accountants, insurers, auditors, and legal advisers.
  • Document management and archiving providers who securely store business records.

We require processors to protect personal data, follow our instructions, and implement appropriate technical and organisational security measures. They are not permitted to use your information for their own purposes unless they are acting as independent controllers and have a lawful basis to do so.

We may also disclose data to law enforcement, courts, regulators, or other public authorities where required or permitted by law. If business ownership or operations change, customer data may be transferred as part of that transaction, subject to applicable data protection safeguards.

5. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, insurance, and operational requirements. Retention periods vary depending on the type of data and the reasons for processing.

Typical retention approach

  • Contract and account records are usually kept for the duration of the relationship and for a reasonable period afterwards for dispute resolution and record-keeping.
  • Financial records are retained in line with tax and accounting requirements.
  • CCTV and security records are typically retained for a short period unless an incident requires longer retention.
  • Complaint and incident records may be retained for as long as needed to investigate, respond, or defend legal claims.
  • Enquiry records may be kept for a limited time if no contract is formed.

When personal data is no longer required, we will securely delete, anonymise, or archive it in accordance with our retention practices and legal obligations.

6. Data Security

We take appropriate measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, encryption, secure storage, staff training, limited permissions, and physical security arrangements at relevant sites and offices.

Although we work to protect your data, no system is completely secure. If a personal data breach occurs and there is a legal requirement to do so, we will notify the relevant authority and affected individuals as required by law.

7. Your Rights

You have several rights under data protection law, subject to certain conditions and exceptions. We will respond to valid requests within the time limits set by law.

Rights available to you

  • Right of access — to obtain a copy of the personal data we hold about you.
  • Right to rectification — to request correction of inaccurate or incomplete data.
  • Right to erasure — to request deletion of your data where there is no good reason for us to keep it.
  • Right to restriction — to ask us to limit how we use your data in certain circumstances.
  • Right to data portability — to receive certain data in a structured, commonly used format and have it transferred where technically feasible.
  • Right to object — to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent — where we rely on consent, you can withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed. We would, however, appreciate the chance to address your concerns first.

8. Automated Decision-Making

We do not generally rely on fully automated decision-making that produces legal or similarly significant effects about you. If this changes, we will provide clear information about the process and your rights.

9. Children’s Data

Our storage services are intended for adults and businesses. We do not knowingly collect personal data from children except where it is incidental and necessary for lawful business or contractual purposes, such as emergency contact information provided by an adult customer.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data protection practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how we protect personal data.

By using Aldboroughhatch Storage services, you acknowledge that you have read and understood this Privacy Policy and how your personal data is handled.

Call Now!
Call Now Get a Quote
Aldboroughhatch Storage

GDPR-compliant privacy policy for Aldboroughhatch Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.