Privacy Policy - Palmersgreen Storage

This Privacy Policy explains how Palmersgreen Storage collects, uses, stores, shares, and protects personal data in connection with the services we provide. It applies to all Palmersgreen Storage customers in the area, including prospective customers, current customers, former customers, visitors to our facilities, and individuals who interact with us on behalf of a customer. We are committed to handling personal information in a lawful, fair, and transparent manner, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

Palmersgreen Storage provides storage-related services to individuals and businesses. In the course of operating these services, we act as a data controller for the personal data we collect and use for our own purposes, such as account management, billing, security, and communications. This policy explains our data protection practices and your rights regarding your personal data.

2. Personal data we collect

We collect only the information that is necessary for providing storage services, managing our business, and meeting legal obligations. The categories of personal data we may collect include:

  • Identity data, such as name, title, and date of birth where needed for verification.
  • Contact data, such as postal address, email address, and telephone number.
  • Account data, such as customer reference number, service details, payment status, and storage unit allocation.
  • Financial data, such as billing information and transaction records.
  • Transaction data, such as payment history, invoices, service changes, and communications relating to your account.
  • Security data, such as access logs, CCTV footage, incident records, and visitor records where applicable.
  • Technical data, such as device and usage information when you interact with digital systems we use for administration.
  • Correspondence data, such as emails, phone notes, complaints, requests, and other communications.

We do not collect more data than is reasonably necessary. In certain situations, we may also need to process information that is relevant to insurance claims, identity verification, or legal disputes.

3. How we use personal data

We use personal data for the following purposes:

  • To provide and manage storage services.
  • To verify identity and prevent fraud.
  • To process payments and issue invoices.
  • To communicate with customers about their accounts, services, and notices.
  • To maintain security, monitor access, and protect customers, staff, and property.
  • To handle enquiries, complaints, and service requests.
  • To comply with legal and regulatory obligations.
  • To establish, exercise, or defend legal claims.

We use personal information only for specified, explicit, and legitimate purposes. If we wish to use data for a purpose that is not compatible with the original reason for collection, we will assess whether that use is permitted and, where necessary, provide further notice.

4. Lawful basis for processing

We process personal data only where we have a valid lawful basis under UK GDPR. Depending on the situation, our lawful bases may include:

Performance of a contract

We process personal data when it is necessary to enter into or perform our storage agreement with you, including account administration, billing, service delivery, and customer support.

Legal obligation

We may process data when required to comply with applicable laws, such as tax, accounting, fraud prevention, or lawful requests from authorities.

Legitimate interests

We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Examples include security monitoring, business administration, service improvement, and maintaining accurate records. We always consider whether processing is necessary and proportionate.

Consent

Where required by law, we will ask for your consent before processing your data. If you give consent, you may withdraw it at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before withdrawal.

Vital interests and legal claims

In rare cases, we may process personal data to protect someone’s vital interests or to establish, exercise, or defend legal claims.

5. How we share personal data

We may share personal data with trusted third parties where necessary for the purposes described in this policy. These third parties act either as processors acting on our instructions or as independent controllers where they determine their own purposes.

Examples of recipients may include:

  • Payment service providers and banking partners.
  • IT, hosting, and software providers.
  • Security and surveillance service providers.
  • Professional advisers, including accountants, auditors, insurers, and legal advisers.
  • Regulatory bodies, law enforcement, courts, and public authorities where disclosure is required by law.

We require processors to handle personal data securely, to use it only for our instructions, and to implement appropriate technical and organisational safeguards. We do not sell personal data.

6. Processors

Where we use external service providers to process personal data on our behalf, they are appointed as processors under written contracts. These contracts require them to protect your data, assist us with compliance where appropriate, and delete or return data when no longer needed for the service.

Typical processing activities may include secure data hosting, email delivery, customer management systems, payment processing, maintenance of security records, and backup storage. We take reasonable steps to ensure our processors meet GDPR standards and apply safeguards equivalent to our own.

7. International transfers

If any personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms approved under applicable data protection law. We take steps to ensure transferred data remains protected to a standard consistent with UK GDPR.

8. Data retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, reporting, and security requirements. Retention periods depend on the type of information and the reason for processing.

  • Customer account and contract records are retained for the duration of the relationship and for a reasonable period afterwards.
  • Financial and tax records are retained for the period required by law.
  • Security logs and CCTV footage are retained for a limited period unless needed for an incident, investigation, or legal claim.
  • Correspondence may be retained for as long as necessary to deal with enquiries, disputes, or service history.

When personal data is no longer required, it is securely deleted, anonymised, or destroyed. Retention is never longer than necessary, and we review our records periodically to ensure compliance with this principle.

9. Security of personal data

We use appropriate organisational and technical measures to protect personal data against unauthorised access, loss, alteration, or disclosure. These measures may include access controls, password protection, secure storage, staff confidentiality obligations, system monitoring, and regular review of security practices. Although no system can be guaranteed to be completely secure, we take data security seriously and continually work to reduce risk.

10. Your rights

Under data protection law, you have several rights in relation to your personal data. These rights may be subject to conditions or exemptions, but we will always assess your request carefully and respond within the required timeframe.

  • Right of access – you may request confirmation of whether we process your data and obtain a copy of it.
  • Right to rectification – you may ask us to correct inaccurate or incomplete data.
  • Right to erasure – you may request deletion of your data in certain circumstances.
  • Right to restriction – you may ask us to limit how we use your data in certain cases.
  • Right to data portability – you may request certain data in a structured, commonly used format where applicable.
  • Right to object – you may object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

If you exercise any of these rights, we may need to verify your identity before responding. We will not charge a fee unless a request is manifestly unfounded, excessive, or repetitive, in which case a reasonable fee may be applied where permitted by law.

11. Automated decision-making

We do not generally use automated decision-making that produces legal or similarly significant effects about customers. If this changes, we will provide clear information about the logic involved, the significance and consequences, and the rights available to you.

12. Complaints and further information

If you are concerned about how your personal data has been handled, you should raise the matter with us so we can review and address it. You also have the right to lodge a complaint with the relevant data protection authority if you believe your rights have been infringed.

13. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, business practices, or operational needs. Any updates will take effect when published, and we encourage customers to review this policy periodically. Continued use of our services after changes are made means you acknowledge the updated policy, subject always to your legal rights.

14. Summary of our commitments

Palmersgreen Storage is committed to treating personal information responsibly and lawfully. We collect only the data we need, use it for clear purposes, retain it for limited periods, and share it only with trusted processors or where required by law. We respect your rights and aim to maintain a high standard of privacy protection for every customer in the area.

Call Now!
Call Now Get a Quote
Palmersgreen Storage

GDPR-compliant privacy policy for Palmersgreen Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.