Privacy Policy - Bexley Storage

This Privacy Policy explains how Bexley Storage collects, uses, shares, stores, and protects personal data. It applies to all Bexley Storage customers in the area, including prospective customers, current customers, and individuals whose details are provided to us in connection with storage services, account management, billing, access control, or support.

We are committed to handling personal data in a way that is lawful, fair, transparent, and secure. This policy is designed to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data: name, date of birth, and identification details where required for verification.
  • Contact data: address, email address, telephone number, and emergency contact details where provided.
  • Account and contract data: customer records, booking details, storage unit allocation, payment status, and agreement history.
  • Financial data: payment card details, transaction records, invoices, refunds, and billing information.
  • Security and access data: entry logs, CCTV recordings, access codes, key records, and incident reports.
  • Correspondence data: records of communications, complaints, requests, and customer support interactions.
  • Technical data: limited device, browser, and usage information when you interact with our digital systems, if applicable.

We generally collect personal data directly from you, but we may also receive information from third parties such as payment providers, identity verification services, insurers, legal representatives, or individuals acting on your behalf.

2. How We Use Personal Data

We use personal data only where permitted by law and only for legitimate business and operational purposes. These include:

  • setting up and managing customer accounts;
  • processing reservations, agreements, payments, and refunds;
  • verifying identity and preventing fraud;
  • providing access to storage facilities and controlling site security;
  • communicating about contracts, service issues, renewals, and account updates;
  • responding to enquiries, complaints, and claims;
  • maintaining records for accounting, audit, and regulatory purposes;
  • protecting the safety of customers, staff, visitors, and property;
  • establishing, exercising, or defending legal rights;
  • improving our services, systems, and customer experience.

We will only use personal data for purposes that are compatible with the reasons it was originally collected, unless we are required or permitted by law to do otherwise.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis before processing your personal data. Depending on the circumstances, we rely on one or more of the following bases:

Contract

We process personal data when it is necessary to enter into or perform a storage agreement. This includes setting up your account, taking payment, managing access, and delivering the services you request.

Legal obligation

We may process personal data where necessary to comply with legal requirements, including accounting rules, tax obligations, regulatory duties, and lawful requests from public authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests and where those interests are not overridden by your rights and freedoms. This can include site security, fraud prevention, business administration, service improvement, and record keeping.

Consent

In limited situations, we may ask for your consent, for example for optional marketing communications or certain non-essential uses of data. Where processing is based on consent, you may withdraw that consent at any time.

4. Sharing and Processors

We may share personal data with trusted third parties who process data on our behalf or for their own independent purposes. These may include processors and other service providers that support our operations. Where required, we ensure appropriate contracts and safeguards are in place.

Typical categories of processors and recipients include:

  • Payment processors for card and electronic payment handling;
  • IT and cloud service providers for data storage, system hosting, maintenance, and security;
  • Identity verification providers to confirm customer details where needed;
  • CCTV and security service providers for monitoring and site protection;
  • Accountants, auditors, and professional advisers for financial, compliance, and advisory support;
  • Debt recovery or legal service providers where necessary to recover unpaid amounts or manage disputes;
  • Insurers and claims handlers where a claim or incident involves storage services.

We may also disclose data to law enforcement, courts, regulators, or other authorities where required by law or where necessary to protect our rights, the rights of others, or public safety.

We do not sell personal data. If data is transferred outside the UK, we will ensure that appropriate legal safeguards are in place, such as adequacy regulations or approved contractual protections.

5. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, security, and operational requirements. Retention periods may vary depending on the type of data and the reason for processing.

In general:

  • Customer account and contract records are retained for the duration of the relationship and for a period after it ends to manage claims, disputes, or legal obligations.
  • Financial records are kept in line with tax, accounting, and audit requirements.
  • Security records, including access logs and CCTV footage, are retained only for as long as needed for safety, incident investigation, or legal purposes.
  • Correspondence and complaint records are retained for a reasonable period to evidence how issues were handled.

When personal data is no longer needed, we will securely delete, anonymise, or destroy it.

6. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, staff training, password protection, secure storage, monitoring, and physical security measures at our premises.

While we take data protection seriously, no system can be guaranteed to be completely secure. We therefore encourage customers to keep their own account information confidential and to notify us promptly if they believe their information may have been compromised.

7. Your Data Protection Rights

As a data subject, you have several rights under UK data protection law. Subject to legal limits and exemptions, these may include:

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete information.
  • Right to erasure: you may ask us to delete your data in certain circumstances.
  • Right to restrict processing: you may ask us to limit how we use your data in certain situations.
  • Right to object: you may object to processing based on legitimate interests, and to direct marketing at any time.
  • Right to data portability: you may request certain information in a structured, commonly used format where applicable.
  • Right to withdraw consent: where we rely on consent, you can withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage you to raise concerns with us first so we can try to resolve them promptly.

8. Children’s Data

Our storage services are not intended for children as independent customers. We do not knowingly collect personal data from children except where it is provided by a parent, guardian, or authorised representative in connection with a storage arrangement or legal obligation.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, regulation, operational practice, or service arrangements. Any updates will take effect when published or otherwise communicated, and the most recent version will govern how we handle personal data from that time onward.

10. Summary of Our Commitment

Bexley Storage is committed to protecting privacy and handling personal data responsibly. We collect only the information needed to provide storage services, manage our business, and meet legal obligations. We process data on clear lawful bases, retain it only for as long as necessary, use trusted processors under appropriate safeguards, and respect your rights under data protection law. This policy applies to all Bexley Storage customers in the area and is intended to provide clear and transparent information about how your data is handled.

Call Now!
Call Now Get a Quote
Bexley Storage

GDPR-compliant Privacy Policy for Bexley Storage covering data use, lawful basis, retention, processors, and user rights for all area customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.