Self Storage Twickenham Privacy Policy
This Privacy Policy explains how Self Storage Twickenham collects, uses, stores and protects personal data relating to customers and prospective customers in the Twickenham area. It is intended to meet the requirements of the UK General Data Protection Regulation and the Data Protection Act 2018. By using our services, making an enquiry or entering into a contract with us, you acknowledge that you have read and understood this Privacy Policy.
Scope of this Privacy Policy
This Privacy Policy applies to all Self Storage Twickenham customers and enquirers in the Twickenham area, including individuals, sole traders and representatives of corporate customers. It covers personal data collected in person at our premises, over the phone, via online forms, and through any other communication channels we make available.
Data Controller
Self Storage Twickenham is the data controller for the personal data described in this policy. As data controller, we decide how and why your personal data is processed and we are responsible for ensuring that such processing is carried out in compliance with applicable data protection law.
Personal Data We Collect
We collect and process different categories of personal data depending on your relationship with us and the services you use. The types of data we may collect include:
Identification and contact details such as full name, postal address, contact address, date of birth, and contact preferences.
Communication details such as email address, telephone numbers, and records of your correspondence or interactions with us, including enquiries, complaints and feedback.
Contract and account information such as unit number, contract start and end dates, rental history, payment status, and information about goods stored only where you choose to provide such information.
Payment and billing information such as payment method, billing address and transaction records. Payment card details may be processed by secure third party payment processors and are not stored in full by us.
Security and access information such as copies of identification documents where necessary to verify identity, vehicle registration numbers, access control data, visitor logs, and CCTV footage in and around our premises.
Technical and usage information related to your interactions with our online services, such as IP address, device information, and basic usage data where relevant for security, analytics or service improvement.
How We Collect Your Data
We may collect personal data directly from you when you request a quotation, make an enquiry, reserve or rent a storage unit, sign a contract, make a payment, visit our premises, or contact us by phone or through online forms.
We may also receive personal data from third parties, for example from payment service providers, credit reference agencies where lawful and applicable, or from your employer or organisation if they arrange storage services for you.
Lawful Bases for Processing
We process your personal data only where we have a lawful basis under data protection law. The main lawful bases we rely on are:
Contract. We process personal data where it is necessary to enter into, or perform, a contract for storage or related services. This includes processing required to manage your booking, administer your account, take payment, communicate with you about your contract, and provide access to your unit.
Legal obligation. We may process personal data to comply with our legal obligations, for example to meet tax and accounting requirements, verify identity to prevent fraud, respond to lawful requests from public authorities, and maintain appropriate health and safety and security records.
Legitimate interests. We may process personal data where it is necessary for our legitimate business interests, provided these are not overridden by your rights and interests. These interests include managing and improving our services, safeguarding our premises and property, handling customer service issues, recovering debts, and protecting or enforcing legal rights.
Consent. In some limited circumstances we may rely on your consent, for example for certain direct marketing activities or optional communications. Where we rely on consent, you may withdraw it at any time, and we will explain how to do this at the point we collect your consent.
How We Use Your Personal Data
We may use your personal data for the following purposes:
To provide storage and related services, including setting up your account, managing bookings, processing payments, and administering contracts.
To communicate with you about your account, including service updates, changes to terms, billing notifications, and responses to your enquiries.
To maintain the safety and security of our premises, customers and staff, including the use of access control systems, visitor logs and CCTV monitoring.
To manage our business operations, such as record keeping, auditing, financial management, and internal reporting.
To handle complaints, disputes and legal claims, and to enforce our terms and conditions.
To send you information about our services that may be of interest to you where we are permitted to do so under data protection and marketing laws, and where relevant, based on your consent or our legitimate interests.
Data Sharing and Processors
We do not sell your personal data. We may share your data with trusted third parties where necessary for the purposes described in this policy and where they act only on our instructions as data processors or as independent controllers where required by law.
Data processors may include providers of payment processing services, IT and cloud hosting services, customer relationship management systems, communications platforms, security and CCTV system providers, and professional advisers such as accountants or legal representatives acting on our instructions.
Where we use data processors, we put in place contracts requiring them to keep your data secure, to use it only for the specific purposes we specify, and to comply with relevant data protection legislation.
We may also share data with public authorities, law enforcement agencies or courts where required to comply with legal obligations or to protect our rights or the rights of others.
Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, or to meet legal, accounting or reporting requirements. The exact retention period will depend on the nature of the data and our legal obligations.
Generally, we keep customer account records and contract information for a number of years after the end of the contract, to comply with tax and accounting rules and to manage any potential disputes. CCTV footage and security records are kept for shorter periods, unless specific images are needed for an investigation or legal claim.
When personal data is no longer required, we will securely delete or anonymise it in line with our data retention procedures.
International Transfers
Where we use service providers located outside the United Kingdom or the European Economic Area, or where data is stored in or accessed from other jurisdictions, we will ensure that appropriate safeguards are in place to protect your personal data. These safeguards may include the use of standard contractual clauses or other legally recognised transfer mechanisms.
Data Security
We take appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. These measures may include access controls, encryption, secure storage, staff training, and regular review of our security procedures.
Your Data Protection Rights
Under data protection law, you have a number of rights in relation to your personal data. These include:
The right of access. You can request confirmation that we process your personal data and obtain a copy of that data, along with certain information about how and why it is processed.
The right to rectification. You can ask us to correct or update personal data that is inaccurate or incomplete.
The right to erasure. In certain circumstances, you can request that we delete your personal data, for example where it is no longer needed for the purposes for which it was collected, or where you withdraw consent and there is no other lawful basis for processing.
The right to restrict processing. You can ask us to restrict the processing of your data in certain circumstances, for example while we are verifying the accuracy of data you believe is incorrect.
The right to data portability. Where processing is based on consent or contract and carried out by automated means, you may request that we provide your data in a structured, commonly used and machine-readable format, or that we transmit it directly to another controller where technically feasible.
The right to object. You can object at any time to processing of your personal data based on our legitimate interests, including profiling, and we will stop processing unless we have compelling legitimate grounds to continue. You also have an unconditional right to object to direct marketing.
The right to withdraw consent. Where processing is based on your consent, you may withdraw that consent at any time, without affecting the lawfulness of processing carried out before withdrawal.
You also have the right to complain to a supervisory authority if you are concerned about how we handle your data. In the United Kingdom, this is the Information Commissioner's Office.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our processing activities, legal requirements or industry guidance. Any changes will be made available through our usual communication channels. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.
